update changelog to get the right openbsd source tags

update changelog
Update changelog
2016-06-07 07:03:19 -05:00 · 2016-06-06 05:04:55 -05:00 · 2016-05-30 09:07:24 -05:00 · 2016-05-30 09:04:43 -05:00 · 2016-05-03 09:29:38 -05:00 · 2016-05-03 02:38:40 -05:00
3 changed files with 44 additions and 1 deletions
--- a/41
+++ b/41
@@ -28,12 +28,53 @@ history is also available from Git.

 LibreSSL Portable Release Notes:

+2.2.9 - Security fix
+
+	* Correct a problem that prevents the DSA signing algorithm from
+	  running in constant time even if the flag BN_FLG_CONSTTIME is set.
+	  This issue was reported by Cesar Pereida (Aalto University), Billy
+	  Brumley (Tampere University of Technology), and Yuval Yarom (The
+	  University of Adelaide and NICTA). The fix was developed by Cesar
+	  Pereida. See OpenBSD 5.8 errata 17, June 6, 2016
+
+2.2.8 - Reliability fix
+
+	* Fixed an error in libcrypto when parsing some ASN.1 elements > 16k.
+
+2.2.7 - Security Update
+
+	* Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding.
+	From OpenSSL.
+
+2.2.6 - Security Update
+
+	* Deprecated the SSL_OP_SINGLE_DH_USE flag.
+
+2.2.5 - Reliability Update
+
+	* Fixes from OpenSSL 1.0.1q
+	 - CVE-2015-3194 - NULL pointer dereference in client side certificate
+	                   validation.
+	 - CVE-2015-3195 - Memory leak in PKCS7 - not reachable from TLS/SSL
+
+	* The following OpenSSL CVEs did not apply to LibreSSL
+	 - CVE-2015-3193 - Carry propagating bug in the x86_64 Montgomery
+	                   squaring procedure.
+	 - CVE-2015-3196 - Double free race condition of the identify hint
+	                   data.
+
+	 See https://marc.info/?l=openbsd-announce&m=144925068504102
+
 2.2.4 - Build and bug fixes

 	* Backported build fixes for CMake on Windows, OSX and Linux

 	* Fixes for a memory leak and out-of-bounds access in OBJ_obj2txt
 	  reported by Qualys Security.
+	 - CVE-2015-5333 - memory leak in OBJ_obj2txt
+	 - CVE-2015-5334 - 1-byte buffer overflow in OBJ_obj2txt
+
+	 See http://www.openwall.com/lists/oss-security/2015/10/16/1

 2.2.3 - Bug fixes, build enhancements

--- a/crypto/Makefile.am
+++ b/crypto/Makefile.am
@@ -3,6 +3,7 @@ include $(top_srcdir)/Makefile.am.common
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/asn1
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/evp
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes
+AM_CPPFLAGS += -I$(top_srcdir)/crypto

 lib_LTLIBRARIES = libcrypto.la

@@ -119,6 +120,7 @@ libcrypto_la_SOURCES += mem_dbg.c
 libcrypto_la_SOURCES += o_init.c
 libcrypto_la_SOURCES += o_str.c
 libcrypto_la_SOURCES += o_time.c
+noinst_HEADERS += constant_time_locl.h
 noinst_HEADERS += cryptlib.h
 noinst_HEADERS += md32_common.h
 noinst_HEADERS += o_time.h
--- a/dist-win.sh
+++ b/dist-win.sh
@@ -22,7 +22,7 @@ for ARCH in X86 X64; do

 	echo Building for $HOST

-	CC=$HOST-gcc ./configure --host=$HOST
+	CC=$HOST-gcc ./configure --host=$HOST --with-openssldir=c:/libressl/ssl
 	make clean
 	PATH=$PATH:/usr/$HOST/sys-root/mingw/bin \
 	   make -j 4 check
Author	SHA1	Message	Date
Brent Cook	9ce9c4d2e8	update changelog to get the right openbsd source tags	2016-06-07 07:03:19 -05:00
Brent Cook	5dacd8e02c	update changelog	2016-06-06 05:04:55 -05:00
Brent Cook	c0cb9e9ae1	Update changelog	2016-05-30 09:07:24 -05:00
Brent Cook	17bf566573	set windows binary OPENSSLDIR to something plausible	2016-05-30 09:04:43 -05:00
Brent Cook	fa41ca5182	moved patch upstream	2016-05-03 09:29:38 -05:00
Brent Cook	bb9c1f2838	prefer limits.h over sys/limits.h	2016-05-03 02:38:40 -05:00
Brent Cook	2169962cb4	update Changelog	2016-05-03 02:38:40 -05:00
Brent Cook	9092f35957	add constant_time_locl.h	2016-05-02 22:46:25 -05:00
Brent Cook	92902f7040	update changelog for 2.2.6	2016-01-28 12:17:23 -06:00
Brent Cook	271ad075dd	update ChangeLog for 2.2.5	2015-12-05 13:15:46 -06:00