Commit graph

85 commits

Author SHA1 Message Date
Dr. Stephen Henson
7890b562bc fix for CVE-2010-4180 2010-12-02 18:49:28 +00:00
Dr. Stephen Henson
a188fc01fe oops, no corrected fix needed for 0.9.8 branch 2010-12-01 17:48:59 +00:00
Dr. Stephen Henson
1948f9e042 update NEWS 2010-12-01 17:16:36 +00:00
Dr. Stephen Henson
2ae47ddbc2 fix CVE-2010-3864 2010-11-16 14:26:18 +00:00
Dr. Stephen Henson
22872a5363 Prepare for release. 2010-06-01 14:47:12 +00:00
Dr. Stephen Henson
3416d11926 update NEWS file 2010-05-27 15:02:27 +00:00
Dr. Stephen Henson
4fae868811 prepare for release 2010-03-24 13:16:55 +00:00
Dr. Stephen Henson
7070cdba4e Prepare for 0.9.8m release 2010-02-25 17:18:23 +00:00
Dr. Stephen Henson
68be98d1a6 update references to new RI RFC 2010-02-12 22:02:07 +00:00
Dr. Stephen Henson
8b8a2928af prepare for release 2010-01-20 17:26:02 +00:00
Dr. Stephen Henson
e10051ef3f Prepare for 0.9.8k release. 2009-03-25 10:46:56 +00:00
Dr. Stephen Henson
6287fa5396 Prepare for 0.9.8j release. 2009-01-07 10:50:54 +00:00
Dr. Stephen Henson
b7e7aa00de Begin release of OpenSSL 0.9.8i. 2008-09-15 10:28:13 +00:00
Lutz Jänicke
32f1f622f6 Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f 2007-10-19 08:25:53 +00:00
Ben Laurie
dd00266757 Ready to roll. 2007-10-11 14:58:15 +00:00
Dr. Stephen Henson
272f9f3d27 Update NEWS file. 2007-09-06 12:59:34 +00:00
Dr. Stephen Henson
29c0866b38 Update docs and NEWS file. 2007-08-23 22:53:57 +00:00
Dr. Stephen Henson
ac319217d0 Update NEWS file. 2007-02-22 01:35:24 +00:00
Bodo Möller
0c66d3ae37 fix typo 2006-09-28 13:30:28 +00:00
Bodo Möller
bd869183d5 for completeness, include 0.9.7l information 2006-09-28 13:29:08 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Mark J. Cox
df20b6e79b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by:  Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Dr. Stephen Henson
df22f59f6e Update NEWS file. 2006-05-04 11:23:28 +00:00
Mark J. Cox
64932f9e4a Add fixes for CAN-2005-2969
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00
Richard Levitte
1d01c9d43d Last additions to the release documentation. 2005-07-05 18:32:05 +00:00
Richard Levitte
b2d27e376d Some new news. 2005-06-21 05:46:41 +00:00
Richard Levitte
b257c152c6 A couple more things were added. 2005-05-30 22:51:05 +00:00
Richard Levitte
e0ee5ea962 Added news items for OpenSSL 0.9.8. 2005-05-19 19:12:36 +00:00
Richard Levitte
36521f0150 Add a NEWS item for 0.9.7g. 2005-04-11 15:05:45 +00:00
Dr. Stephen Henson
03386677ed Update NEWS 2004-10-25 17:11:19 +00:00
Dr. Stephen Henson
2990244980 ASN1 parse fix and release file changes. 2003-09-30 16:47:33 +00:00
Richard Levitte
138f970e6e Add the 0.9.6j news. 2003-04-10 20:38:24 +00:00
Richard Levitte
1774e22d6f New NEWS 2003-04-10 19:33:09 +00:00
Richard Levitte
d8cbc93585 Update release information 2003-02-19 14:02:37 +00:00
Richard Levitte
1fc73fef48 Keep NEWS in HEAD up to date. 2002-12-06 00:39:03 +00:00
Richard Levitte
9801fb61d0 Add news items for 0.9.6h and expand on the 0.9.7 news as well. 2002-11-18 23:58:24 +00:00
Richard Levitte
36969082bb Update with the status for 0.9.6g. 2002-08-12 06:54:54 +00:00
Richard Levitte
fbe792f0ac 0.9.6f is released 2002-08-08 22:55:28 +00:00
Lutz Jänicke
b218af2b27 0.9.6e and 0.9.7-beta3 are out. 2002-07-30 11:32:47 +00:00
Lutz Jänicke
5012158adf Minor typos
Submitted by: jufi@nerdnet.de
Reviewed by:
PR: 138
2002-07-10 17:34:54 +00:00
Bodo Möller
ea4f109c99 AES cipher suites are now official (RFC3268) 2002-07-04 08:51:09 +00:00
Bodo Möller
ece0bdf1fd typo 2002-06-17 13:59:12 +00:00
Lutz Jänicke
e1f7ea25d2 Make change uniqueIdentifier -> x500UniqueIdentifier clearly visible.
Submitted by:
Reviewed by:
PR: 82
2002-06-12 20:46:38 +00:00
Bodo Möller
47234cd3d2 update 2002-05-05 23:47:46 +00:00
Lutz Jänicke
151457ab16 Handle headings uniformly to allow automatic processing. 2002-04-18 08:11:31 +00:00
Lutz Jänicke
e4fb49775b Synchronize with 0.9.7-stable. 2002-04-11 18:43:52 +00:00
Richard Levitte
ef5f6a08ff Synchronise with the 0.9.6 branch. 2001-12-20 16:58:26 +00:00
Bodo Möller
83978bd37a information on 0.9.6c-engine 2001-11-12 22:10:15 +00:00
Mark J. Cox
a3790c0d01 Phew, finished
Submitted by:
Reviewed by:
PR:
2001-11-12 20:30:01 +00:00
Mark J. Cox
63b6090f7c I've still got one left; the backport of the Broadcom UBSEC driver to
0.9.6 that we've got - just waiting for clearance on that one
Submitted by:
Reviewed by:
PR:
2001-11-12 15:32:11 +00:00