[openssl-commits] [openssl] OpenSSL_1_0_1q create

Matt Caswell matt at openssl.org
Thu Dec 3 15:35:38 UTC 2015

The annotated tag OpenSSL_1_0_1q has been created
        at  075c0103d9e098bb44507e552e3dc45a13b8ce0f (tag)
   tagging  55615e8d48a4ddd684fcbfc7ba6523ed6414c8fc (commit)
  replaces  OpenSSL_1_0_1p
 tagged by  Matt Caswell
        on  Thu Dec 3 14:50:26 2015 +0000

- Log -----------------------------------------------------------------
OpenSSL 1.0.1q release tag

Adam Eijdenberg (1):
      Clarify return values for EVP_DigestVerifyFinal.

Alessandro Ghedini (11):
      Make BUF_strndup() read-safe on arbitrary inputs
      Validate ClientHello extension field length
      Do not treat 0 return value from BIO_get_fd() as error
      Replace malloc+strlcpy with strdup
      Fix memory leaks and other mistakes on errors
      Set salt length after the malloc has succeeded
      Fix typos
      Fix references to various RFCs
      Check memory allocation
      Remove useless code
      Add initial AppVeyor configuration

Andy Polyakov (1):
      e_os.h: limit _MSC_VER trickery to older compilers.

Ben Kaduk (1):
      GH367 follow-up, for more clarity

David Brodski (1):
      Fixed problem with multiple load-unload of comp zlib

David Woodhouse (1):
      RT3479: Add UTF8 support to BIO_read_filename()

Dirk Wetter (1):
      GH336: Return an exit code if report fails

Dr. Stephen Henson (19):
      Sort @sstacklst correctly.
      use X9.31 keygen by default in FIPS mode
      Err isn't always malloc failure.
      Fix memory leak if setup fails.
      Return error for unsupported modes.
      Update docs.
      Use default field separator.
      Check for FIPS mode after loading config.
      Make SRP work with -www
      SRP memory leak fix
      Link in applink with fips_premain_dso
      Don't try and parse boolean type.
      Limit depth of ASN1 parse printing.
      Fix uninitialised p error.
      Fix leak with ASN.1 combine.
      Add PSS parameter check.

Emilia Kasper (11):
      bntest: don't dereference the |d| array for a zero BIGNUM.
      BN_mod_exp_mont_consttime: check for zero modulus.
      RT 3493: fix RSA test
      RT4002: check for NULL cipher in p12_crpt.c
      OpenSSL 1.0.1n: add missing CHANGES entry
      RT3754: check for NULL pointer
      RT3757: base64 encoding bugs
      base64 decode: check for high bit
      BUF_strndup: tidy
      BUF_strdup and friends: update docs
      RT2772: accept empty SessionTicket

Ernie Hershey (1):
      GH322: Fix typo in generated comment.

GitHub User (1):
      Missing perldoc markup around < literal

Graeme Perrow (1):
      RT32671: wrong multiple errs TS_check_status_info

Gunnar Kudrjavets (1):
      RT3823: Improve the robustness of event logging

Guy Leaver (guleaver) (1):
      Fix seg fault with 0 p val in SKE

Hubert Kario (1):
      RT4051: fix ciphers man page typo

Ismo Puustinen (2):
      GH367: Fix dsa keygen for too-short seed
      GH367: use random data if seed too short.

Ivo Raisr (1):
      Make no-psk compile without warnings.

Kurt Roeckx (5):
      d2i: don't update input pointer on failure
      Fix more d2i cases to properly update the input pointer
      Use defined(__sun) instead of defined(sun)
      Set reference count earlier
      Use both sun and __sun

Loganaden Velvindron (1):
      Clear BN-mont values when free'ing it.

Marcus Meissner (1):
      mark openssl configuration as loaded at end of OPENSSL_config

Markus Rinne (1):
      RT4019: Duplicate -hmac flag in dgst.pod

Martin Vejnar (1):
      RT3774: double-free in DSA

Matt Caswell (24):
      Prepare for 1.0.1q-dev
      Add test for SSL_set_session_ticket_ext
      Fix SSL_set_session_ticket_ext when used with SSLv23_method
      Fix warning when compiling with no-ec2m
      Check for 0 modulus in BN_MONT_CTX_set
      Fix missing return value checks in SCTP
      Fix "make test" seg fault with SCTP enabled
      Fix DTLS session ticket renewal
      Fix building with OPENSSL_NO_TLSEXT.
      Fix session resumption
      Make sure OPENSSL_cleanse checks for NULL
      Fix SRP memory leaks
      Change functions to pass in a limit rather than calculate it
      Don't treat a bare OCTETSTRING as DigestInfo in int_rsa_verify
      Clarify the preferred way of creating patch files
      Minor EVP_SignInit_ex doc fix
      Fix missing malloc return value checks
      Only call ssl3_init_finished_mac once for DTLS
      Stop DTLS servers asking for unsafe legacy renegotiation
      Ensure all EVP calls have their returns checked where appropriate
      Return errors even if the cookie validation has succeeded
      Update CHANGES and NEWS
      make update
      Prepare for 1.0.1q release

Pascal Cuoq (4):
      Set flags to 0 before calling BN_with_flags()
      Move BN_CTX_start() call so the error case can always call BN_CTX_end().
      BN_GF2m_mod_inv(): check bn_wexpand return value
      ssl3_free(): Return if it wasn't created

Peter Waltenberg (1):
      Exit on error in ecparam

Rich Salz (14):
      Revert "Missing perldoc markup around < literal"
      Tweak README about rt and bug reporting.
      Move FAQ to the web.
      GH372: Remove duplicate flags
      RT4044: Remove .cvsignore files.
      RT4044: Remove .cvsignore files.
      This undoes GH367 for non-master
      GH398: Add mingw cross-compile, etc.
      Change --debug to -d for compat with old releases.
      Fix typo in previous merge
      Fix travis build for 1.0.1
      Avoid SHA1 weakness
      Some README and CONTRIBUTING cleanups.
      Fix release in README.

Richard Levitte (13):
      Stop using tardy
      Set numeric IDs for tar as well
      Remove extra '; \' in apps/Makefile
      Small script to re-encode files that need it to UTF-8
      Conversion to UTF-8 where needed
      Add new types to indent.pro
      Add emacs CC mode style for OpenSSL
      Add an example .dir-locals.el
      Remove auto-fill-mode
      Ignore .dir-locals.el
      When ENGINE_add finds that id or name is missing, actually return
      Make the match for previous cflags a bit more strict
      _BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead

Tim Zhang (1):

Viktor Dukhovni (2):
      GH correct organizationalUnitName
      Fix indentation

mancha (1):
      Fix author credit for e5c0bc6

mrpre (1):
      check bn_new return value


More information about the openssl-commits mailing list