Commit graph

73 commits

Author SHA1 Message Date
Dr. Stephen Henson
b7e7aa00de Begin release of OpenSSL 0.9.8i. 2008-09-15 10:28:13 +00:00
Lutz Jänicke
32f1f622f6 Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f 2007-10-19 08:25:53 +00:00
Ben Laurie
dd00266757 Ready to roll. 2007-10-11 14:58:15 +00:00
Dr. Stephen Henson
272f9f3d27 Update NEWS file. 2007-09-06 12:59:34 +00:00
Dr. Stephen Henson
29c0866b38 Update docs and NEWS file. 2007-08-23 22:53:57 +00:00
Dr. Stephen Henson
ac319217d0 Update NEWS file. 2007-02-22 01:35:24 +00:00
Bodo Möller
0c66d3ae37 fix typo 2006-09-28 13:30:28 +00:00
Bodo Möller
bd869183d5 for completeness, include 0.9.7l information 2006-09-28 13:29:08 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Mark J. Cox
df20b6e79b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by:  Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Dr. Stephen Henson
df22f59f6e Update NEWS file. 2006-05-04 11:23:28 +00:00
Mark J. Cox
64932f9e4a Add fixes for CAN-2005-2969
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00
Richard Levitte
1d01c9d43d Last additions to the release documentation. 2005-07-05 18:32:05 +00:00
Richard Levitte
b2d27e376d Some new news. 2005-06-21 05:46:41 +00:00
Richard Levitte
b257c152c6 A couple more things were added. 2005-05-30 22:51:05 +00:00
Richard Levitte
e0ee5ea962 Added news items for OpenSSL 0.9.8. 2005-05-19 19:12:36 +00:00
Richard Levitte
36521f0150 Add a NEWS item for 0.9.7g. 2005-04-11 15:05:45 +00:00
Dr. Stephen Henson
03386677ed Update NEWS 2004-10-25 17:11:19 +00:00
Dr. Stephen Henson
2990244980 ASN1 parse fix and release file changes. 2003-09-30 16:47:33 +00:00
Richard Levitte
138f970e6e Add the 0.9.6j news. 2003-04-10 20:38:24 +00:00
Richard Levitte
1774e22d6f New NEWS 2003-04-10 19:33:09 +00:00
Richard Levitte
d8cbc93585 Update release information 2003-02-19 14:02:37 +00:00
Richard Levitte
1fc73fef48 Keep NEWS in HEAD up to date. 2002-12-06 00:39:03 +00:00
Richard Levitte
9801fb61d0 Add news items for 0.9.6h and expand on the 0.9.7 news as well. 2002-11-18 23:58:24 +00:00
Richard Levitte
36969082bb Update with the status for 0.9.6g. 2002-08-12 06:54:54 +00:00
Richard Levitte
fbe792f0ac 0.9.6f is released 2002-08-08 22:55:28 +00:00
Lutz Jänicke
b218af2b27 0.9.6e and 0.9.7-beta3 are out. 2002-07-30 11:32:47 +00:00
Lutz Jänicke
5012158adf Minor typos
Submitted by: jufi@nerdnet.de
Reviewed by:
PR: 138
2002-07-10 17:34:54 +00:00
Bodo Möller
ea4f109c99 AES cipher suites are now official (RFC3268) 2002-07-04 08:51:09 +00:00
Bodo Möller
ece0bdf1fd typo 2002-06-17 13:59:12 +00:00
Lutz Jänicke
e1f7ea25d2 Make change uniqueIdentifier -> x500UniqueIdentifier clearly visible.
Submitted by:
Reviewed by:
PR: 82
2002-06-12 20:46:38 +00:00
Bodo Möller
47234cd3d2 update 2002-05-05 23:47:46 +00:00
Lutz Jänicke
151457ab16 Handle headings uniformly to allow automatic processing. 2002-04-18 08:11:31 +00:00
Lutz Jänicke
e4fb49775b Synchronize with 0.9.7-stable. 2002-04-11 18:43:52 +00:00
Richard Levitte
ef5f6a08ff Synchronise with the 0.9.6 branch. 2001-12-20 16:58:26 +00:00
Bodo Möller
83978bd37a information on 0.9.6c-engine 2001-11-12 22:10:15 +00:00
Mark J. Cox
a3790c0d01 Phew, finished
Submitted by:
Reviewed by:
PR:
2001-11-12 20:30:01 +00:00
Mark J. Cox
63b6090f7c I've still got one left; the backport of the Broadcom UBSEC driver to
0.9.6 that we've got - just waiting for clearance on that one
Submitted by:
Reviewed by:
PR:
2001-11-12 15:32:11 +00:00
Bodo Möller
e0457d5f7c the PRNG race conditions were mostly a theoretical issue, remove from NEWS 2001-11-12 11:33:38 +00:00
Bodo Möller
ae52ec9869 add changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c 2001-11-12 11:28:15 +00:00
Bodo Möller
4dec4f646d update 2001-09-11 12:26:56 +00:00
Bodo Möller
4fea8145e2 News for 0.9.6a. 2001-03-30 10:46:15 +00:00
Richard Levitte
307bf4dae2 Stress the news about the name change. 2001-03-29 15:15:10 +00:00
Richard Levitte
7cdd2aa128 Add news section for OpenSSL 0.9.6a. Please add what's missing 2001-03-28 13:36:13 +00:00
Ulf Möller
3ba25ee86a branches have been merged. 2000-12-20 15:42:01 +00:00
Richard Levitte
83f2571782 Add news items early. Please fill in with what I have forgotten. 2000-11-19 14:10:07 +00:00
Ulf Möller
fda05b2155 spelling 2000-09-23 19:08:16 +00:00
Dr. Stephen Henson
dbba890cf1 Only use the new informational verify codes if we
specifically ask for them.

Fix typo in docs.
2000-09-22 21:32:08 +00:00
Richard Levitte
b22bda21a1 Add news and a description of the ENGINE part and how it's currently
distributed.
2000-09-20 15:52:26 +00:00
Bodo Möller
b38d84d867 Additions for 0.9.6. 2000-09-20 15:22:02 +00:00