[openssl-commits] [openssl] OpenSSL_1_0_2e create
Matt Caswell
matt at openssl.org
Thu Dec 3 15:35:38 UTC 2015
The annotated tag OpenSSL_1_0_2e has been created
at d299bbd186a06e10ca1c8b12ecc24ee177a07126 (tag)
tagging bfe07df40c13ea2564bb4577620180e3f4849e23 (commit)
replaces OpenSSL_1_0_2d
tagged by Matt Caswell
on Thu Dec 3 14:44:31 2015 +0000
- Log -----------------------------------------------------------------
OpenSSL 1.0.2e release tag
Adam Eijdenberg (1):
Clarify return values for EVP_DigestVerifyFinal.
Alessandro Ghedini (15):
GH371: Print debug info for ALPN extension
GH354: Memory leak fixes
Add initial Travis CI configuration
Make BUF_strndup() read-safe on arbitrary inputs
Validate ClientHello extension field length
Fix travis 1.0.2 builds
Do not treat 0 return value from BIO_get_fd() as error
Replace malloc+strlcpy with strdup
Fix memory leaks and other mistakes on errors
Set salt length after the malloc has succeeded
Fix typos
Fix references to various RFCs
Check memory allocation
Remove useless code
Add initial AppVeyor configuration
Andy Polyakov (10):
modes/asm/ghash-armv4.pl: make it compile by clang. RT#3989
aesni-sha256-x86_64.pl: fix crash on AMD Jaguar.
bn/asm/s390x.S: improve performance on z196 and z13 by up to 26%. [even z10 is couple percent faster]. Triggered by RT#4128, but solves the problem by real modulo-scheduling.
bn/asm/ppc64-mont.pl: adapt for little-endian.
aes/asm/vpaes-ppc.pl: eliminate overhung stores in misaligned cases.
Makefile.org: add LC_ALL=C to unify error [and other] messages.
x86_64 assembly pack: tune clang version detection.
crypto/sparcv9cap.c: add SIGILL-free feature detection for Solaris.
perlasm/ppc-xlate.pl: comply with ABIs that specify vrsave as reserved.
bn/asm/x86_64-mont5.pl: fix carry propagating bug (CVE-2015-3193).
Anton Blanchard (1):
RT3990: Fix #include path.
Ben Kaduk (1):
GH367 follow-up, for more clarity
David Brodski (1):
Fixed problem with multiple load-unload of comp zlib
David Woodhouse (2):
RT3998: fix X509_check_host.pod release to 1.0.2
RT3479: Add UTF8 support to BIO_read_filename()
Dirk Wetter (1):
GH336: Return an exit code if report fails
Dr. Stephen Henson (26):
Sort @sstacklst correctly.
correct example
use X9.31 keygen by default in FIPS mode
Err isn't always malloc failure.
Fix memory leak if setup fails.
Return error for unsupported modes.
Documentation for SSL_check_chain()
Update docs.
Match SUITEB strings at start of cipher list.
Use default field separator.
Check for FIPS mode after loading config.
Constify ECDSA_METHOD_new.
Make SRP work with -www
Handle SSL_ERROR_WANT_X509_LOOKUP
SRP memory leak fix
Link in applink with fips_premain_dso
Don't try and parse boolean type.
Typo.
RFC5753 compliance.
Fix self signed handling.
Reject TLS 1.2 ciphersuites if not allowed.
Limit depth of ASN1 parse printing.
Fix uninitialised p error.
Fix leak with ASN.1 combine.
Add PSS parameter check.
Add test for CVE-2015-3194
Emilia Kasper (14):
rsaz_exp.h: align license with the rest of the contribution
bntest: don't dereference the |d| array for a zero BIGNUM.
BN_mod_exp_mont_consttime: check for zero modulus.
RT 3493: fix RSA test
RT4002: check for NULL cipher in p12_crpt.c
Add missing CHANGES entry for 1.0.2
RT3754: check for NULL pointer
RT3757: base64 encoding bugs
base64 decode: check for high bit
BUF_strndup: tidy
BUF_strdup and friends: update docs
Document BUF_strnlen
RT2772: accept empty SessionTicket
make depend: prefer clang over makedepend
Ernie Hershey (1):
GH322: Fix typo in generated comment.
GitHub User (1):
Missing perldoc markup around < literal
Graeme Perrow (1):
RT32671: wrong multiple errs TS_check_status_info
Gunnar Kudrjavets (1):
RT3823: Improve the robustness of event logging
Guy Leaver (guleaver) (1):
Fix seg fault with 0 p val in SKE
Hiroyuki YAMAMORI (2):
Fix DTLS1.2 buffers
Fix DTLS1.2 compression
Hubert Kario (1):
GH351: -help text for some s_client/s_server flags
Ismo Puustinen (3):
GH364: Free memory on an error path
GH367: Fix dsa keygen for too-short seed
GH367: use random data if seed too short.
Ivo Raisr (1):
Make no-psk compile without warnings.
John Foley (1):
Use memmove instead of memcpy.
Kurt Roeckx (6):
d2i: don't update input pointer on failure
Fix return values when adding serverinfo fails.
Fix more d2i cases to properly update the input pointer
Use defined(__sun) instead of defined(sun)
Set reference count earlier
Use both sun and __sun
Loganaden Velvindron (1):
Clear BN-mont values when free'ing it.
Marcus Meissner (1):
mark openssl configuration as loaded at end of OPENSSL_config
Markus Rinne (1):
RT4019: Duplicate -hmac flag in dgst.pod
Martin Vejnar (1):
RT3774: double-free in DSA
Matt Caswell (27):
Prepare for 1.0.2e-dev
Add test for SSL_set_session_ticket_ext
Fix SSL_set_session_ticket_ext when used with SSLv23_method
Fix write failure handling in DTLS1.2
Fix warning when compiling with no-ec2m
Check for 0 modulus in BN_MONT_CTX_set
Fix missing return value checks in SCTP
Fix "make test" seg fault with SCTP enabled
Fix DTLS session ticket renewal
Fix building with OPENSSL_NO_TLSEXT.
Fix session resumption
Make sure OPENSSL_cleanse checks for NULL
Fix SRP memory leaks
Change functions to pass in a limit rather than calculate it
Don't treat a bare OCTETSTRING as DigestInfo in int_rsa_verify
Clarify the preferred way of creating patch files
Minor EVP_SignInit_ex doc fix
Ensure the dtls1_get_*_methods work with DTLS_ANY_VERSION
Fix missing malloc return value checks
Remove redundant check from tls1_get_curvelist
Only call ssl3_init_finished_mac once for DTLS
Stop DTLS servers asking for unsafe legacy renegotiation
Ensure all EVP calls have their returns checked where appropriate
Remove cookie validation return value trick
Update CHANGES and NEWS
make update
Prepare for 1.0.2e release
Nicholas Cooper (1):
RT3959: Fix misleading comment
Pascal Cuoq (5):
Set flags to 0 before calling BN_with_flags()
Properly check return type of DH_compute_key()
Move BN_CTX_start() call so the error case can always call BN_CTX_end().
BN_GF2m_mod_inv(): check bn_wexpand return value
ssl3_free(): Return if it wasn't created
Peter Mosmans (1):
RT3346: Fix test_bn regexp for Windows using MSYS.
Peter Waltenberg (1):
Exit on error in ecparam
Rich Salz (19):
Revert "Missing perldoc markup around < literal"
Tweak README about rt and bug reporting.
Various doc fixes from GH pull requests
Fix 1.0.2 build break
Move FAQ to the web.
GH345: Remove stderr output
GH372: Remove duplicate flags
Remove the "times" directory.
RT3767: openssl_button.gif should be PNG
Remove bogus CHANGES entries
RT4044: Remove .cvsignore files.
RT4044: Remove .cvsignore files.
This undoes GH367 for non-master
GH398: Add mingw cross-compile, etc.
Change --debug to -d for compat with old releases.
Fix typo in previous merge.
Various README and CONTRIBUTING updates
Fix release in README
Fix README version typo
Richard Levitte (14):
Stop using tardy
Set numeric IDs for tar as well
Remove extra '; \' in apps/Makefile
Small script to re-encode files that need it to UTF-8
Conversion to UTF-8 where needed
Add new types to indent.pro
Add emacs CC mode style for OpenSSL
Add an example .dir-locals.el
Remove auto-fill-mode
Ignore .dir-locals.el
When ENGINE_add finds that id or name is missing, actually return
Make the match for previous cflags a bit more strict
_BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead
Add cleanup of *.s
Tim Zhang (1):
Fix the comment for POINT_CONVERSION_UNCOMPRESSED
Viktor Dukhovni (5):
GH correct organizationalUnitName
Better handling of verify param id peername field
Cleaner handling of "cnid" in do_x509_check
Fix indentation
Good hygiene with size_t output argument.
mancha (1):
Fix author credit for e5c0bc6
mrpre (1):
check bn_new return value
-----------------------------------------------------------------------
More information about the openssl-commits
mailing list