diff options
| author | Bodo Möller <bodo@openssl.org> | 2010-08-26 11:22:33 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2010-08-26 11:22:33 +0000 |
| commit | 173350bccaf25d6114a7108ccceabb974f125fa4 (patch) | |
| tree | bdeca611e5924968bbdfa3c1f7aad6ca41a068a8 /CHANGES | |
| parent | 1e024f05b284ef499441a2c529527b6ac3bdbda1 (diff) | |
Harmonize with OpenSSL_1_0_1-stable version of CHANGES.
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 24 |
1 files changed, 16 insertions, 8 deletions
@@ -105,7 +105,7 @@ whose return value is often ignored. [Steve Henson] - Changes between 1.0.0 and 1.0.1 [xx XXX xxxx] + Changes between 1.0.0a and 1.0.1 [xx XXX xxxx] *) Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), so some implementations get used @@ -127,18 +127,17 @@ Changes between 1.0.0a and 1.0.0b [xx XXX xxxx] - *) Fix WIN32 build system to correctly link an ENGINE directory into a DLL. [Steve Henson] - Changes between 1.0.0 and 1.0.0a [xx XXX xxxx] - + Changes between 1.0.0 and 1.0.0a [01 Jun 2010] + *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover (CVE-2010-1633) [Steve Henson, Peter-Michael Hager <hager@dortmund.net>] - Changes between 0.9.8n and 1.0.0 [xx XXX xxxx] + Changes between 0.9.8n and 1.0.0 [29 Mar 2010] *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher context. The operation can be customised via the ctrl mechanism in @@ -979,7 +978,10 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] - Changes between 0.9.8n and 0.9.8o [xx XXX xxxx] + Changes between 0.9.8n and 0.9.8o [01 Jun 2010] + + [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after + OpenSSL 1.0.0.] *) Correct a typo in the CMS ASN1 module which can result in invalid memory access or freeing data twice (CVE-2010-0742) @@ -990,6 +992,12 @@ SSL_library_init and not OpenSSL_add_all_algorithms() will fail. [Steve Henson] + *) VMS fixes: + Reduce copying into .apps and .test in makevms.com + Don't try to use blank CA certificate in CA.com + Allow use of C files from original directories in maketests.com + [Steven M. Schweda" <sms@antinode.info>] + Changes between 0.9.8m and 0.9.8n [24 Mar 2010] *) When rejecting SSL/TLS records due to an incorrect version number, never @@ -998,8 +1006,8 @@ - OpenSSL 0.9.8f if 'short' is longer than 16 bits, the previous behavior could result in a read attempt at NULL when receiving specific incorrect SSL/TLS records once record payload - protection is active. (CVE-2010-####) - [Bodo Moeller, Adam Langley] + protection is active. (CVE-2010-0740) + [Bodo Moeller, Adam Langley <agl@chromium.org>] *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted). |