Add news section for OpenSSL 0.9.6a. Please add what's missing
This commit is contained in:
Richard Levitte
parent
1777e3fd5e
commit
0e810cf6b0
1 changed files with 22 additions and 0 deletions
22
NEWS
22
NEWS
|
|
@ -5,6 +5,28 @@
|
|||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
|
||||
|
||||
o Security fix: change behavior of OpenSSL to avoid using
|
||||
environment variables when running as root.
|
||||
o Security fix: check the result of RSA-CRT to reduce the
|
||||
possibility of deducing the private key from an incorrectly
|
||||
calculated signature.
|
||||
o Security fix: prevent Bleichenbacher's DSA attack.
|
||||
o Security fix: Zero the premaster secret after deriving the
|
||||
master secret in DH ciphersuites.
|
||||
o Bug fixes for Win32, HP/UX and Irix.
|
||||
o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
|
||||
memory checking routines.
|
||||
o Bug fixes for RSA operations in threaded enviroments.
|
||||
o Bug fixes in misc. openssl applications.
|
||||
o Remove a few potential memory leaks.
|
||||
o Add tighter checks of BIGNUM routines.
|
||||
o Shared library support has been reworked for generality.
|
||||
o More documentation.
|
||||
o New function BN_rand_range()
|
||||
o Add "-rand" option to openssl s_client and s_server.
|
||||
|
||||
Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
|
||||
|
||||
o Some documentation for BIO and SSL libraries.
|
||||
|
|
|
|||
Loading…
Reference in a new issue