[openssl-commits] [openssl] OpenSSL_1_0_2a create
Matt Caswell
matt at openssl.org
Thu Mar 19 14:06:58 UTC 2015
The annotated tag OpenSSL_1_0_2a has been created
at ab2de707f72a82e0294bae08cca97455b635a656 (tag)
tagging 3df69d3aefde7671053d4e3c242b228e5d79c83f (commit)
replaces OpenSSL_1_0_2
tagged by Matt Caswell
on Thu Mar 19 13:31:16 2015 +0000
- Log -----------------------------------------------------------------
OpenSSL 1.0.2a release tag
Andy Polyakov (9):
modes/gcm128.c: fix OPENSSL_SMALL_FOOTPRINT compile failure on affected platforms (PowerPC and AArch64).
cms-test.pl: "localize" /dev/null even further [as follow-up to VMS].
Harmonize objects.pl output with new format.
Bring objects.pl output even closer to new format.
objects/obj_xref.h: revert reformat.
sha/asm/sha1-586.pl: fix typo.
Fix crash in SPARC T4 XTS.
evp/e_aes.c: fix SPARC T4-specific problem:
Avoid reading an unused byte after the buffer
Carl Jackson (1):
Fix regression in ASN1_UTCTIME_cmp_time_t
David Woodhouse (1):
Wrong SSL version in DTLS1_BAD_VER ClientHello
Dmitry-Me (1):
Fix wrong numbers being passed as string lengths
Doug Hogan (1):
Avoid a double-free in an error path.
Dr. Stephen Henson (20):
FIPS build fixes.
Check PKCS#8 pkey field is valid before cleansing.
Preliminary ASN1_TIME documentation.
Make objxref.pl output in correct format
Fix memory leak reporting.
typo
Document -no_explicit
Fix format script.
Check public key is not NULL.
Additional CMS documentation.
Cleanse PKCS#8 private key components.
fix warning
update ordinals
ASN.1 print fix.
additional configuration documentation
Add support for ServerInfo SSL_CONF option.
Free up ADB and CHOICE if already initialised.
Reject invalid PSS parameters.
Fix for CVE-2015-0291
Fix ASN1_TYPE_cmp
Edgar Pek (1):
Fix null-pointer dereference
Emilia Kasper (5):
Fix hostname validation in the command-line tool to honour negative return values.
Harmonize return values in dtls1_buffer_record
Fix undefined behaviour in shifts.
PKCS#7: avoid NULL pointer dereferences with missing content
Fix reachable assert in SSLv2 servers.
Eric Dequin (1):
Missing OPENSSL_free on error path.
Graeme Perrow (1):
RT3670: Check return from BUF_MEM_grow_clean
Kurt Cancemi (1):
Use constants not numbers
Kurt Roeckx (3):
Fix segfault with empty fields as last in the config.
Fix memory leak
Remove export ciphers from the DEFAULT cipher list
Matt Caswell (49):
Prepare for 1.0.2a-dev
Make DTLS always act as if read_ahead is set. The actual value of read_ahead is ignored for DTLS.
Remove explicit setting of read_ahead for DTLS. It never makes sense not to use read_ahead with DTLS because it doesn't work. Therefore read_ahead needs to be the default.
Provide documentation for all SSL(_CTX)?_(get|set)(_default)?_read_ahead functions.
Fix error handling in ssltest
Import evp_test.c from BoringSSL. Unfortunately we already have a file called evp_test.c, so I have called this one evp_extra_test.c
Fix a failure to NULL a pointer freed on error.
Provide documentation for i2d_ECPrivateKey and d2i_ECPrivateKey
Add dire warnings about the "reuse" capability of the d2i_* functions.
Remove pointless free, and use preferred way of calling d2i_* functions
Fix some minor documentation issues
Update the SHA* documentation Updates to include SHA224, SHA256, SHA384 and SHA512. In particular note the restriction on setting md to NULL with regards to thread safety.
Fix evp_extra_test.c with no-ec When OpenSSL is configured with no-ec, then the new evp_extra_test fails to pass. This change adds appropriate OPENSSL_NO_EC guards around the code.
Fix missing return value checks.
Fixed missing return value checks.
Fix d2i_SSL_SESSION for DTLS1_BAD_VER
Unchecked malloc fixes
Update mkerr.pl for new format
Fix DTLS1_BAD_VER regression
Prevent handshake with unseeded PRNG
Cleanse buffers
Fix seg fault in ASN1_generate_v3/ASN1_generate_nconf
Fix error handling in bn_exp
Fix EVP_DigestInit_ex with NULL digest
ASN1_primitive_new NULL param handling
Fix asn1_item_print_ctx
Fix dh_pub_encode
Fix dsa_pub_encode
Fix missing return checks in v3_cpols.c
SSL_check_chain fix
Add malloc failure checks
Move malloc fail checks closer to malloc
Fix memset call in stack.c
Add sanity check to PRF
Fix seg fault in s_time
Remove dead code from crypto
Dead code removal from apps
Multiblock corrupted pointer fix
Fix Seg fault in DTLSv1_listen
Fix DHE Null CKE vulnerability
Remove overlapping CHANGES/NEWS entries
Fix CHANGES discrepancies
Fix discrepancy in NEWS file
Update CHANGES for release
Update NEWS file
Fix a failure to NULL a pointer freed on error.
Fix unsigned/signed warnings
make update
Prepare for 1.0.2a release
Rainer Jung (1):
Fix NAME section of d2i_ECPKParameters to prevent broken symlinks when using the extract-names.pl script.
Rich Salz (5):
Make OPENSSL_config truly ignore errors.
Remove unused eng_rsax and related asm file
Remove obsolete support for old code.
Fixed bad formatting in crypto/des/spr.h
RT3684: rand_egd needs stddef.h
Richard Godbee (1):
BIO_debug_callback: Fix output on 64-bit machines
Richard Levitte (5):
dso_vms needs to add the .EXE extension if there is none already
VMS exit codes weren't handled well enough and were unclear
Transfer a fix from 1.0.1
Assume TERMIOS is default, remove TERMIO on all Linux.
Restore -DTERMIO/-DTERMIOS on Windows platforms.
-----------------------------------------------------------------------
More information about the openssl-commits
mailing list