Commit 82d63d30 authored Mar 17, 2004 by Mark J. Cox

Fix null-pointer assignment in do_change_cipher_spec() revealed

by using the Codenomicon TLS Test Tool (CAN-2004-0079)
Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
(CAN-2004-0112)
Ready for 0.9.7d build

Submitted by: Steven Henson
Reviewed by: Joe Orton
Approved by: Mark Cox

parent 8e6a84e7

CHANGES

+9 −1

Original line number	Diff line number	Diff line
		@@ -2,7 +2,15 @@
		OpenSSL CHANGES
		_______________

		Changes between 0.9.7c and 0.9.7d [xx XXX XXXX]
		Changes between 0.9.7c and 0.9.7d [17 Mar 2004]

		*) Fix null-pointer assignment in do_change_cipher_spec() revealed
		by using the Codenomicon TLS Test Tool (CAN-2004-0079)
		[Joe Orton, Steve Henson]

		*) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
		(CAN-2004-0112)
		[Joe Orton, Steve Henson]

		*) Make it possible to have multiple active certificates with the same
		subject in the CA index file. This is done only if the keyword

FAQ

+1 −1

Original line number	Diff line number	Diff line
		@@ -68,7 +68,7 @@ OpenSSL - Frequently Asked Questions
		* Which is the current version of OpenSSL?

		The current version is available from <URL: http://www.openssl.org>.
		OpenSSL 0.9.7c was released on September 30, 2003.
		OpenSSL 0.9.7d was released on March 17, 2004.

		In addition to the current stable release, you can also access daily
		snapshots of the OpenSSL development version at <URL:

LICENSE

+1 −1

Original line number	Diff line number	Diff line
		@@ -12,7 +12,7 @@
		---------------

		/* ====================================================================
		* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
		* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
		*
		* Redistribution and use in source and binary forms, with or without
		* modification, are permitted provided that the following conditions

NEWS

+8 −0

Original line number	Diff line number	Diff line
		@@ -5,6 +5,14 @@
		This file gives a brief overview of the major changes between each OpenSSL
		release. For more details please read the CHANGES file.

		Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:

		o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
		o Security: Fix null-pointer assignment in do_change_cipher_spec()
		o Allow multiple active certificates with same subject in CA index
		o Multiple X590 verification fixes
		o Speed up HMAC and other operations

		Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:

		o Security: fix various ASN1 parsing bugs.

README

+2 −2

Original line number	Diff line number	Diff line

		OpenSSL 0.9.7c 30 Sep 2003
		OpenSSL 0.9.7d 17 Mar 2004

		Copyright (c) 1998-2003 The OpenSSL Project
		Copyright (c) 1998-2004 The OpenSSL Project
		Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
		All rights reserved.