summaryrefslogtreecommitdiffstats
path: root/js/controller
diff options
context:
space:
mode:
authorBernhard Posselt <dev@bernhard-posselt.com>2014-06-26 12:22:27 +0200
committerBernhard Posselt <dev@bernhard-posselt.com>2014-06-26 12:22:27 +0200
commit831893647be2b4bc0e118148ac23c1144c83de0b (patch)
tree2fb0cd6ebd288959ac292a7c13f2290b7bb67162 /js/controller
parent501e29f71c5d863879eb67ed311549ee46e5a04b (diff)
fix js unit tests
Diffstat (limited to 'js/controller')
-rw-r--r--js/controller/NavigationController.js6
1 files changed, 4 insertions, 2 deletions
diff --git a/js/controller/NavigationController.js b/js/controller/NavigationController.js
index 25fa6ddd1..a848a4b39 100644
--- a/js/controller/NavigationController.js
+++ b/js/controller/NavigationController.js
@@ -98,15 +98,17 @@ function ($route, FEED_TYPE, FeedResource, FolderResource, ItemResource,
};
this.isFolderActive = (folderId) => {
+ let currentId = parseInt($route.current.params.id, 10);
return $route.current &&
$route.current.$$route.type === FEED_TYPE.FOLDER &&
- $route.current.params.id === folderId + '';
+ currentId === folderId;
};
this.isFeedActive = (feedId) => {
+ let currentId = parseInt($route.current.params.id, 10);
return $route.current &&
$route.current.$$route.type === FEED_TYPE.FEED &&
- $route.current.params.id === feedId + '';
+ currentId === feedId;
};
// TBD
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 13:57:12 +0000
'n227' href='#n227'>227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 
  NEWS
  ====

  This file gives a brief overview of the major changes between each OpenSSL
  release. For more details please read the CHANGES file.

  Major changes between OpenSSL 1.1.1u and OpenSSL 1.1.1v [1 Aug 2023]

      o Fix excessive time spent checking DH q parameter value (CVE-2023-3817)
      o Fix DH_check() excessive time with over sized modulus (CVE-2023-3446)

  Major changes between OpenSSL 1.1.1t and OpenSSL 1.1.1u [30 May 2023]

      o Mitigate for very slow `OBJ_obj2txt()` performance with gigantic
        OBJECT IDENTIFIER sub-identities.  (CVE-2023-2650)
      o Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466)
      o Fixed handling of invalid certificate policies in leaf certificates
        (CVE-2023-0465)
      o Limited the number of nodes created in a policy tree ([CVE-2023-0464])

  Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023]

      o Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
      o Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215)
      o Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450)
      o Fixed Timing Oracle in RSA Decryption (CVE-2022-4304)

  Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022]

      o Fixed a regression introduced in OpenSSL 1.1.1r not refreshing the
        certificate data to be signed before signing the certificate.

  Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]

      o Added a missing header for memcmp that caused compilation failure on
        some platforms

  Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [5 Jul 2022]

      o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
        (CVE-2022-2097)

  Major changes between OpenSSL 1.1.1o and OpenSSL 1.1.1p [21 Jun 2022]

      o Fixed additional bugs in the c_rehash script which was not properly
        sanitising shell metacharacters to prevent command injection
        (CVE-2022-2068)

  Major changes between OpenSSL 1.1.1n and OpenSSL 1.1.1o [3 May 2022]

      o Fixed a bug in the c_rehash script which was not properly sanitising
        shell metacharacters to prevent command injection (CVE-2022-1292)

  Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]

      o Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
        forever for non-prime moduli (CVE-2022-0778)

  Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]

      o None

  Major changes between OpenSSL 1.1.1k and OpenSSL 1.1.1l [24 Aug 2021]

      o Fixed an SM2 Decryption Buffer Overflow (CVE-2021-3711)
      o Fixed various read buffer overruns processing ASN.1 strings (CVE-2021-3712)

  Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [25 Mar 2021]

      o Fixed a problem with verifying a certificate chain when using the
        X509_V_FLAG_X509_STRICT flag (CVE-2021-3450)
      o Fixed an issue where an OpenSSL TLS server may crash if sent a
        maliciously crafted renegotiation ClientHello message from a client
        (CVE-2021-3449)

  Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]

      o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
        function (CVE-2021-23841)
      o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
        padding mode to correctly check for rollback attacks
      o Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
        EVP_DecryptUpdate functions (CVE-2021-23840)
      o Fixed SRP_Calc_client_key so that it runs in constant time

  Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]

      o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)

  Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [22 Sep 2020]

      o Disallow explicit curve parameters in verifications chains when
        X509_V_FLAG_X509_STRICT is used
      o Enable 'MinProtocol' and 'MaxProtocol' to configure both TLS and DTLS
        contexts
      o Oracle Developer Studio will start reporting deprecation warnings

  Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020]

      o Fixed segmentation fault in SSL_check_chain() (CVE-2020-1967)

  Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020]

      o Revert the unexpected EOF reporting via SSL_ERROR_SSL

  Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020]

      o Fixed an overflow bug in the x64_64 Montgomery squaring procedure
        used in exponentiation with 512-bit moduli (CVE-2019-1551)
      o Properly detect unexpected EOF while reading in libssl and report
        it via SSL_ERROR_SSL

  Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]

      o Fixed a fork protection issue (CVE-2019-1549)
      o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
        (CVE-2019-1563)
      o For built-in EC curves, ensure an EC_GROUP built from the curve name is
        used even when parsing explicit parameters
      o Compute ECC cofactors if not provided during EC_GROUP construction
        (CVE-2019-1547)
      o Early start up entropy quality from the DEVRANDOM seed source has been
        improved for older Linux systems
      o Correct the extended master secret constant on EBCDIC systems
      o Use Windows installation paths in the mingw builds (CVE-2019-1552)
      o Changed DH_check to accept parameters with order q and 2q subgroups
      o Significantly reduce secure memory usage by the randomness pools
      o Revert the DEVRANDOM_WAIT feature for Linux systems

  Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019]

      o Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543)

  Major changes between OpenSSL 1.1.1a and OpenSSL 1.1.1b [26 Feb 2019]

      o Change the info callback signals for the start and end of a post-handshake
        message exchange in TLSv1.3.
      o Fix a bug in DTLS over SCTP. This breaks interoperability with older versions
        of OpenSSL like OpenSSL 1.1.0 and OpenSSL 1.0.2.

  Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018]

      o Timing vulnerability in DSA signature generation (CVE-2018-0734)
      o Timing vulnerability in ECDSA signature generation (CVE-2018-0735)

  Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018]

      o Support for TLSv1.3 added (see https://wiki.openssl.org/index.php/TLS1.3
        for further important information). The TLSv1.3 implementation includes:
          o Fully compliant implementation of RFC8446 (TLSv1.3) on by default
          o Early data (0-RTT)
          o Post-handshake authentication and key update
          o Middlebox Compatibility Mode
          o TLSv1.3 PSKs
          o Support for all five RFC8446 ciphersuites
          o RSA-PSS signature algorithms (backported to TLSv1.2)
          o Configurable session ticket support
          o Stateless server support
          o Rewrite of the packet construction code for "safer" packet handling
          o Rewrite of the extension handling code
      o Complete rewrite of the OpenSSL random number generator to introduce the
        following capabilities
          o The default RAND method now utilizes an AES-CTR DRBG according to
            NIST standard SP 800-90Ar1.
          o Support for multiple DRBG instances with seed chaining.
          o There is a public and private DRBG instance.
          o The DRBG instances are fork-safe.
          o Keep all global DRBG instances on the secure heap if it is enabled.
          o The public and private DRBG instance are per thread for lock free
            operation
      o Support for various new cryptographic algorithms including:
          o SHA3
          o SHA512/224 and SHA512/256
          o EdDSA (both Ed25519 and Ed448) including X509 and TLS support
          o X448 (adding to the existing X25519 support in 1.1.0)
          o Multi-prime RSA
          o SM2
          o SM3
          o SM4
          o SipHash
          o ARIA (including TLS support)
      o Significant Side-Channel attack security improvements
      o Add a new ClientHello callback to provide the ability to adjust the SSL
        object at an early stage.
      o Add 'Maximum Fragment Length' TLS extension negotiation and support
      o A new STORE module, which implements a uniform and URI based reader of
        stores that can contain keys, certificates, CRLs and numerous other
        objects.
      o Move the display of configuration data to configdata.pm.
      o Allow GNU style "make variables" to be used with Configure.
      o Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes
      o Rewrite of devcrypto engine

  Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [under development]

      o Client DoS due to large DH parameter (CVE-2018-0732)
      o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)

  Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development]

      o Constructed ASN.1 types with a recursive definition could exceed the
        stack (CVE-2018-0739)
      o Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733)
      o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)

  Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017]

      o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
      o Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

  Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017]

      o config now recognises 64-bit mingw and chooses mingw64 instead of mingw

  Major changes between OpenSSL 1.1.0d and OpenSSL 1.1.0e [16 Feb 2017]

      o Encrypt-Then-Mac renegotiation crash (CVE-2017-3733)

  Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017]

      o Truncated packet could crash via OOB read (CVE-2017-3731)
      o Bad (EC)DHE parameters cause a client crash (CVE-2017-3730)
      o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)

  Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016]

      o ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
      o CMS Null dereference (CVE-2016-7053)
      o Montgomery multiplication may produce incorrect results (CVE-2016-7055)

  Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016]

      o Fix Use After Free for large message sizes (CVE-2016-6309)

  Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016]

      o OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
      o SSL_peek() hang on empty record (CVE-2016-6305)
      o Excessive allocation of memory in tls_get_message_header()
       (CVE-2016-6307)
      o Excessive allocation of memory in dtls1_preprocess_fragment()
       (CVE-2016-6308)

  Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016]

      o Copyright text was shrunk to a boilerplate that points to the license
      o "shared" builds are now the default when possible
      o Added support for "pipelining"
      o Added the AFALG engine
      o New threading API implemented
      o Support for ChaCha20 and Poly1305 added to libcrypto and libssl
      o Support for extended master secret
      o CCM ciphersuites
      o Reworked test suite, now based on perl, Test::Harness and Test::More
      o *Most* libcrypto and libssl public structures were made opaque,
        including:
        BIGNUM and associated types, EC_KEY and EC_KEY_METHOD,
        DH and DH_METHOD, DSA and DSA_METHOD, RSA and RSA_METHOD,
        BIO and BIO_METHOD, EVP_MD_CTX, EVP_MD, EVP_CIPHER_CTX,
        EVP_CIPHER, EVP_PKEY and associated types, HMAC_CTX,
        X509, X509_CRL, X509_OBJECT, X509_STORE_CTX, X509_STORE,
        X509_LOOKUP, X509_LOOKUP_METHOD
      o libssl internal structures made opaque
      o SSLv2 support removed
      o Kerberos ciphersuite support removed
      o RC4 removed from DEFAULT ciphersuites in libssl
      o 40 and 56 bit cipher support removed from libssl
      o All public header files moved to include/openssl, no more symlinking
      o SSL/TLS state machine, version negotiation and record layer rewritten
      o EC revision: now operations use new EC_KEY_METHOD.
      o Support for OCB mode added to libcrypto
      o Support for asynchronous crypto operations added to libcrypto and libssl
      o Deprecated interfaces can now be disabled at build time either
        relative to the latest release via the "no-deprecated" Configure
        argument, or via the "--api=1.1.0|1.0.0|0.9.8" option.
      o Application software can be compiled with -DOPENSSL_API_COMPAT=version
        to ensure that features deprecated in that version are not exposed.
      o Support for RFC6698/RFC7671 DANE TLSA peer authentication
      o Change of Configure to use --prefix as the main installation
        directory location rather than --openssldir.  The latter becomes
        the directory for certs, private key and openssl.cnf exclusively.
      o Reworked BIO networking library, with full support for IPv6.
      o New "unified" build system
      o New security levels
      o Support for scrypt algorithm
      o Support for X25519
      o Extended SSL_CONF support using configuration files
      o KDF algorithm support. Implement TLS PRF as a KDF.
      o Support for Certificate Transparency
      o HKDF support.

  Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]

      o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
      o Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
      o Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
      o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
      o EBCDIC overread (CVE-2016-2176)
      o Modify behavior of ALPN to invoke callback after SNI/servername
        callback, such that updates to the SSL_CTX affect ALPN.
      o Remove LOW from the DEFAULT cipher list.  This removes singles DES from
        the default.
      o Only remove the SSLv2 methods with the no-ssl2-method option.

  Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]

      o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
      o Disable SSLv2 default build, default negotiation and weak ciphers
        (CVE-2016-0800)
      o Fix a double-free in DSA code (CVE-2016-0705)
      o Disable SRP fake user seed to address a server memory leak
        (CVE-2016-0798)
      o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
        (CVE-2016-0797)
      o Fix memory issues in BIO_*printf functions (CVE-2016-0799)
      o Fix side channel attack on modular exponentiation (CVE-2016-0702)

  Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016]

      o DH small subgroups (CVE-2016-0701)
      o SSLv2 doesn't block disabled ciphers (CVE-2015-3197)

  Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]

      o BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
      o Certificate verify crash with missing PSS parameter (CVE-2015-3194)
      o X509_ATTRIBUTE memory leak (CVE-2015-3195)
      o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
      o In DSA_generate_parameters_ex, if the provided seed is too short,
        return an error

  Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015]

      o Alternate chains certificate forgery (CVE-2015-1793)
      o Race condition handling PSK identify hint (CVE-2015-3196)

  Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015]

      o Fix HMAC ABI incompatibility

  Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015]

      o Malformed ECParameters causes infinite loop (CVE-2015-1788)
      o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
      o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
      o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
      o Race condition handling NewSessionTicket (CVE-2015-1791)

  Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015]

      o OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291)
      o Multiblock corrupted pointer fix (CVE-2015-0290)
      o Segmentation fault in DTLSv1_listen fix (CVE-2015-0207)
      o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
      o Segmentation fault for invalid PSS parameters fix (CVE-2015-0208)
      o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
      o PKCS7 NULL pointer dereferences fix (CVE-2015-0289)
      o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)
      o Empty CKE with client auth and DHE fix (CVE-2015-1787)
      o Handshake with unseeded PRNG fix (CVE-2015-0285)
      o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)
      o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
      o Removed the export ciphers from the DEFAULT ciphers

  Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]:

      o Suite B support for TLS 1.2 and DTLS 1.2
      o Support for DTLS 1.2
      o TLS automatic EC curve selection.
      o API to set TLS supported signature algorithms and curves
      o SSL_CONF configuration API.
      o TLS Brainpool support.
      o ALPN support.
      o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.

  Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]

      o Build fixes for the Windows and OpenVMS platforms

  Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]

      o Fix for CVE-2014-3571
      o Fix for CVE-2015-0206
      o Fix for CVE-2014-3569
      o Fix for CVE-2014-3572
      o Fix for CVE-2015-0204
      o Fix for CVE-2015-0205
      o Fix for CVE-2014-8275
      o Fix for CVE-2014-3570

  Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014]

      o Fix for CVE-2014-3513
      o Fix for CVE-2014-3567
      o Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
      o Fix for CVE-2014-3568

  Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014]

      o Fix for CVE-2014-3512
      o Fix for CVE-2014-3511
      o Fix for CVE-2014-3510
      o Fix for CVE-2014-3507
      o Fix for CVE-2014-3506
      o Fix for CVE-2014-3505
      o Fix for CVE-2014-3509
      o Fix for CVE-2014-5139
      o Fix for CVE-2014-3508

  Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]

      o Fix for CVE-2014-0224
      o Fix for CVE-2014-0221
      o Fix for CVE-2014-0198
      o Fix for CVE-2014-0195
      o Fix for CVE-2014-3470
      o Fix for CVE-2010-5298

  Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]

      o Fix for CVE-2014-0160
      o Add TLS padding extension workaround for broken servers.
      o Fix for CVE-2014-0076

  Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]

      o Don't include gmt_unix_time in TLS server and client random values
      o Fix for TLS record tampering bug CVE-2013-4353
      o Fix for TLS version checking bug CVE-2013-6449
      o Fix for DTLS retransmission bug CVE-2013-6450

  Major ch