summaryrefslogtreecommitdiffstats
path: root/CHANGES
AgeCommit message (Collapse)Author
2021-12-14Prepare for 1.1.1m releaseOpenSSL_1_1_1mMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-12-14Add some CHANGES entries for 1.1.1mRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17269)
2021-08-24Prepare for 1.1.1m-devMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-08-24Prepare for 1.1.1l releaseOpenSSL_1_1_1lMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-08-24Updates to CHANGES and NEWS for the new releaseMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-03-25Prepare for 1.1.1l-devMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-03-25Prepare for 1.1.1k releaseOpenSSL_1_1_1kMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-03-25Update CHANGES and NEWS for new releaseMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2021-02-16Prepare for 1.1.1k-devMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-02-16Prepare for 1.1.1j releaseOpenSSL_1_1_1jMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-02-16Update CHANGES and NEWS for new releaseMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2021-01-20Ensure SRP BN_mod_exp follows the constant time pathMatt Caswell
SRP_Calc_client_key calls BN_mod_exp with private data. However it was not setting BN_FLG_CONSTTIME and therefore not using the constant time implementation. This could be exploited in a side channel attack to recover the password. Since the attack is local host only this is outside of the current OpenSSL threat model and therefore no CVE is assigned. Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this issue. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13889)
2020-12-08Prepare for 1.1.1j-devMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-12-08Prepare for 1.1.1i releaseOpenSSL_1_1_1iMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-12-08Update CHANGES and NEWS for new releaseMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-12-04CHANGES: Move misplaced change itemRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13605)
2020-12-03x509_vfy.c: Restore rejection of expired trusted (root) certificateDr. David von Oheimb
The certificate path validation procedure specified in RFC 5280 does not include checking the validity period of the trusted (root) certificate. Still it is common good practice to perform this check. Also OpenSSL did this until version 1.1.1h, yet commit e2590c3a162eb118c36b09c2168164283aa099b4 accidentally killed it. The current commit restores the previous behavior. It also removes the cause of that bug, namely counter-intuitive design of the internal function check_issued(), which was complicated by checks that actually belong to some other internal function, namely find_issuer(). Moreover, this commit adds a regression check and proper documentation of the root cert validity period check feature, which had been missing so far. Fixes #13471 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13585)
2020-12-03Configuration: darwin64-arm64-cc for Apple siliconStuart Carnie
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12369)
2020-10-16Add a CHANGES entry for the SSL_SECOP_TMP_DH changeMatt Caswell
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/13136)
2020-09-22Prepare for 1.1.1i-devMatt Caswell
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
2020-09-22Prepare for 1.1.1h releaseOpenSSL_1_1_1hMatt Caswell
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
2020-09-22Updates CHANGES and NEWS for the new releaseMatt Caswell
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12949)
2020-07-22Avoid errors with a priori inapplicable protocol boundsViktor Dukhovni
The 'MinProtocol' and 'MaxProtocol' configuration commands now silently ignore TLS protocol version bounds when configurign DTLS-based contexts, and conversely, silently ignore DTLS protocol version bounds when configuring TLS-based contexts. The commands can be repeated to set bounds of both types. The same applies with the corresponding "min_protocol" and "max_protocol" command-line switches, in case some application uses both TLS and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g. TLSv1_server_method()) also silently ignore version bounds. Previously attempts to apply bounds to these protocol versions would result in an error. Now only the "version-flexible" SSL_CTX instances are subject to limits in configuration files in command-line options. Expected to resolve #12394 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> GH: #12507
2020-06-11Do not allow dropping Extended Master Secret extension on renegotiatonTomas Mraz
Abort renegotiation if server receives client hello with Extended Master Secret extension dropped in comparison to the initial session. Fixes #9754 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12099)
2020-06-04enable DECLARE_DEPRECATED macro for Oracle Developer Studio compilerVladimir Kotal
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9575)
2020-04-21Prepare for 1.1.1h-devMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-04-21Prepare for 1.1.1g releaseOpenSSL_1_1_1gMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-04-21Update CHANGES and NEWS for release of 1.1.1gMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-04-18Add a CHANGES entry for AES constant timeBernd Edlinger
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11411)
2020-03-31Prepare for 1.1.1g-devMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-03-31Prepare for 1.1.1f releaseOpenSSL_1_1_1fMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2020-03-25Document the revert of the proper reporting of an unexpected EOFTomas Mraz
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11400)
2020-03-19Add a CHANGES entry for BN_generate_prime_exBernd Edlinger
BN_generate_prime_ex no longer avoids factors 3..17863 in p-1 when not computing safe primes. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9387)
2020-03-17Prepare for 1.1.1f-devMatt Caswell
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
2020-03-17Prepare for 1.1.1e releaseOpenSSL_1_1_1eMatt Caswell
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
2020-03-17Update CHANGES for the new releaseMatt Caswell
Reviewed-by: Mark J. Cox <mark@awe.com> (Merged from https://github.com/openssl/openssl/pull/11342)
2020-03-11Revert "Stop accepting certificates signed using SHA1 at security level 1"Matt Caswell
This reverts commit 68436f0a8964e911eb4f864bc8b31d7ca4d29585. The OMC did not vote in favour of backporting this to 1.1.1, so this change should be reverted. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11282)
2020-02-27VMS: mitigate for the C++ compiler that doesn't understand certain pragmasRichard Levitte
This only affects __DECC_INCLUDE_EPILOGUE.H and __DECC_INCLUDE_PROLOGUE.H, which are used automatically by HP and VSI C/C++ compilers. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11159)
2020-02-06Fix misspelling errors and typos reported by codespellDr. Matthias St. Pierre
Fixes #10998 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11000)
2020-02-05Stop accepting certificates signed using SHA1 at security level 1Kurt Roeckx
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> GH: #10786 (cherry picked from commit b744f915ca8bb37631909728dd2529289bda8438)
2020-01-15Fix documentation of return value for EVP_Digest{Sign,Verify}Init()Richard Levitte
They never returned the negative values that the documentation stated. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10847)
2019-12-06Add a CHANGES entry for CVE-2019-1551Bernd Edlinger
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10575)
2019-11-02VMS: Added new method to gather entropy on VMS, based on SYS$GET_ENTROPY.Richard Levitte
This system services is based on FreeBSD 12's getentropy(), and is therefore treated the same way as getentropy() with regards to amount of entropy bits per data bit. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8926) (cherry picked from commit 8b9896eb293a0861f0b8c191b7a278f176b729e6)
2019-10-15issue-8493: Fix for filenames with newlines using openssl dgstPauli
The output format now matches coreutils *dgst tools. [ edited to remove trailing white space ] Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (cherry picked from commit f3448f5481a8d1f6fbf5fd05caaca229af0b87f7) Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/10094)
2019-09-17apps/pkcs12: print multiple PKCS#12 safeBag attribute values if presentJon Spillett
Currently the pkcs12 app will only ever print the first value of a multi-value attribute. This is OK for some attributes (e.g. friendlyName, localKeyId) but may miss values for other attributes. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9751) (cherry picked from commit dbcc7b45670483cc89428afe1d3c363ef83d76df)
2019-09-10Prepare for 1.1.1e-devMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2019-09-10Prepare for 1.1.1d releaseOpenSSL_1_1_1dMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2019-09-10Remove duplicate CHANGES entryMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9844)
2019-09-10Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkeyBernd Edlinger
An attack is simple, if the first CMS_recipientInfo is valid but the second CMS_recipientInfo is chosen ciphertext. If the second recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct encryption key will be replaced by garbage, and the message cannot be decoded, but if the RSA decryption fails, the correct encryption key is used and the recipient will not notice the attack. As a work around for this potential attack the length of the decrypted key must be equal to the cipher default key length, in case the certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9777) (cherry picked from commit 5840ed0cd1e6487d247efbc1a04136a41d7b3a37)
2019-09-10Update CHANGES and NEWS for the new releaseMatt Caswell
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9841)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-13 10:53:34 +0000