Harmonize with OpenSSL_1_0_1-stable version of CHANGES.
This commit is contained in:
Bodo Möller
parent
1e024f05b2
commit
173350bcca
24
CHANGES
24
CHANGES
@ -105,7 +105,7 @@
|
||||
whose return value is often ignored.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 1.0.0 and 1.0.1 [xx XXX xxxx]
|
||||
Changes between 1.0.0a and 1.0.1 [xx XXX xxxx]
|
||||
|
||||
*) Add call to ENGINE_register_all_complete() to
|
||||
ENGINE_load_builtin_engines(), so some implementations get used
|
||||
@ -127,18 +127,17 @@
|
||||
|
||||
Changes between 1.0.0a and 1.0.0b [xx XXX xxxx]
|
||||
|
||||
|
||||
*) Fix WIN32 build system to correctly link an ENGINE directory into
|
||||
a DLL.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 1.0.0 and 1.0.0a [xx XXX xxxx]
|
||||
|
||||
Changes between 1.0.0 and 1.0.0a [01 Jun 2010]
|
||||
|
||||
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
|
||||
(CVE-2010-1633)
|
||||
[Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
|
||||
|
||||
Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]
|
||||
Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
|
||||
|
||||
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
|
||||
context. The operation can be customised via the ctrl mechanism in
|
||||
@ -979,7 +978,10 @@
|
||||
*) Change 'Configure' script to enable Camellia by default.
|
||||
[NTT]
|
||||
|
||||
Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
|
||||
Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
|
||||
|
||||
[NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
|
||||
OpenSSL 1.0.0.]
|
||||
|
||||
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
|
||||
access or freeing data twice (CVE-2010-0742)
|
||||
@ -990,6 +992,12 @@
|
||||
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
|
||||
[Steve Henson]
|
||||
|
||||
*) VMS fixes:
|
||||
Reduce copying into .apps and .test in makevms.com
|
||||
Don't try to use blank CA certificate in CA.com
|
||||
Allow use of C files from original directories in maketests.com
|
||||
[Steven M. Schweda" <sms@antinode.info>]
|
||||
|
||||
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
|
||||
|
||||
*) When rejecting SSL/TLS records due to an incorrect version number, never
|
||||
@ -998,8 +1006,8 @@
|
||||
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
|
||||
the previous behavior could result in a read attempt at NULL when
|
||||
receiving specific incorrect SSL/TLS records once record payload
|
||||
protection is active. (CVE-2010-####)
|
||||
[Bodo Moeller, Adam Langley]
|
||||
protection is active. (CVE-2010-0740)
|
||||
[Bodo Moeller, Adam Langley <agl@chromium.org>]
|
||||
|
||||
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
|
||||
could be crashed if the relevant tables were not present (e.g. chrooted).
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user