Loading CHANGES +16 −8 Original line number Diff line number Diff line Loading @@ -105,7 +105,7 @@ whose return value is often ignored. [Steve Henson] Changes between 1.0.0 and 1.0.1 [xx XXX xxxx] Changes between 1.0.0a and 1.0.1 [xx XXX xxxx] *) Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), so some implementations get used Loading @@ -127,18 +127,17 @@ Changes between 1.0.0a and 1.0.0b [xx XXX xxxx] *) Fix WIN32 build system to correctly link an ENGINE directory into a DLL. [Steve Henson] Changes between 1.0.0 and 1.0.0a [xx XXX xxxx] Changes between 1.0.0 and 1.0.0a [01 Jun 2010] *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover (CVE-2010-1633) [Steve Henson, Peter-Michael Hager <hager@dortmund.net>] Changes between 0.9.8n and 1.0.0 [xx XXX xxxx] Changes between 0.9.8n and 1.0.0 [29 Mar 2010] *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher context. The operation can be customised via the ctrl mechanism in Loading Loading @@ -979,7 +978,10 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] Changes between 0.9.8n and 0.9.8o [xx XXX xxxx] Changes between 0.9.8n and 0.9.8o [01 Jun 2010] [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after OpenSSL 1.0.0.] *) Correct a typo in the CMS ASN1 module which can result in invalid memory access or freeing data twice (CVE-2010-0742) Loading @@ -990,6 +992,12 @@ SSL_library_init and not OpenSSL_add_all_algorithms() will fail. [Steve Henson] *) VMS fixes: Reduce copying into .apps and .test in makevms.com Don't try to use blank CA certificate in CA.com Allow use of C files from original directories in maketests.com [Steven M. Schweda" <sms@antinode.info>] Changes between 0.9.8m and 0.9.8n [24 Mar 2010] *) When rejecting SSL/TLS records due to an incorrect version number, never Loading @@ -998,8 +1006,8 @@ - OpenSSL 0.9.8f if 'short' is longer than 16 bits, the previous behavior could result in a read attempt at NULL when receiving specific incorrect SSL/TLS records once record payload protection is active. (CVE-2010-####) [Bodo Moeller, Adam Langley] protection is active. (CVE-2010-0740) [Bodo Moeller, Adam Langley <agl@chromium.org>] *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted). Loading Loading
CHANGES +16 −8 Original line number Diff line number Diff line Loading @@ -105,7 +105,7 @@ whose return value is often ignored. [Steve Henson] Changes between 1.0.0 and 1.0.1 [xx XXX xxxx] Changes between 1.0.0a and 1.0.1 [xx XXX xxxx] *) Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), so some implementations get used Loading @@ -127,18 +127,17 @@ Changes between 1.0.0a and 1.0.0b [xx XXX xxxx] *) Fix WIN32 build system to correctly link an ENGINE directory into a DLL. [Steve Henson] Changes between 1.0.0 and 1.0.0a [xx XXX xxxx] Changes between 1.0.0 and 1.0.0a [01 Jun 2010] *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover (CVE-2010-1633) [Steve Henson, Peter-Michael Hager <hager@dortmund.net>] Changes between 0.9.8n and 1.0.0 [xx XXX xxxx] Changes between 0.9.8n and 1.0.0 [29 Mar 2010] *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher context. The operation can be customised via the ctrl mechanism in Loading Loading @@ -979,7 +978,10 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] Changes between 0.9.8n and 0.9.8o [xx XXX xxxx] Changes between 0.9.8n and 0.9.8o [01 Jun 2010] [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after OpenSSL 1.0.0.] *) Correct a typo in the CMS ASN1 module which can result in invalid memory access or freeing data twice (CVE-2010-0742) Loading @@ -990,6 +992,12 @@ SSL_library_init and not OpenSSL_add_all_algorithms() will fail. [Steve Henson] *) VMS fixes: Reduce copying into .apps and .test in makevms.com Don't try to use blank CA certificate in CA.com Allow use of C files from original directories in maketests.com [Steven M. Schweda" <sms@antinode.info>] Changes between 0.9.8m and 0.9.8n [24 Mar 2010] *) When rejecting SSL/TLS records due to an incorrect version number, never Loading @@ -998,8 +1006,8 @@ - OpenSSL 0.9.8f if 'short' is longer than 16 bits, the previous behavior could result in a read attempt at NULL when receiving specific incorrect SSL/TLS records once record payload protection is active. (CVE-2010-####) [Bodo Moeller, Adam Langley] protection is active. (CVE-2010-0740) [Bodo Moeller, Adam Langley <agl@chromium.org>] *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted). Loading
