[openssl-commits] [openssl] OpenSSL_1_0_2f create
Matt Caswell
matt at openssl.org
Thu Jan 28 14:42:21 UTC 2016
The annotated tag OpenSSL_1_0_2f has been created
at 983d1b7f21942b1373f6b2854dee6d36eac97219 (tag)
tagging 95605f3ae1ec8857e8cb612ce35805a3b0207d21 (commit)
replaces OpenSSL_1_0_2e
tagged by Matt Caswell
on Thu Jan 28 13:57:22 2016 +0000
- Log -----------------------------------------------------------------
OpenSSL 1.0.2f release tag
Alessandro Ghedini (1):
Validate ClientHello session_id field length and send alert on failure
Andy Polyakov (2):
ec/ecp_nistz256_table.c: fix potential misalignment problem with Sun C.
x86_64 assembly pack: tune clang version detection even further.
Billy Brumley (1):
RT3863 ECC: Add missing NULL check. Set a flag
Daniel Kahn Gillmor (1):
The functions take a SSL *, not a SSL_CTX *
David Benjamin (1):
Fix memory leak in DSA redo case.
Dr Stephen Henson (1):
Don't use applink for static builds.
Dr. Stephen Henson (2):
Don't check RSA_FLAG_SIGN_VER.
To avoid possible time_t overflow use X509_time_adj_ex()
Emilia Kasper (1):
Fix a ** 0 mod 1 = 0 for real this time.
Kristian Amlie (1):
Don't use "grep -q", "-q" is not POSIX, and fails on Solaris.
Kurt Roeckx (2):
File is about s_time, not s_client
Change minimum DH size from 768 to 1024
Matt Caswell (15):
Prepare for 1.0.2f-dev
Add a return value check
Fix DTLS handshake fragment retries
Ensure |rwstate| is set correctly on BIO_flush
Fix URLs mangled by reformat
Fix more URLs mangled by reformat
Fix error when server does not send CertificateStatus message
Ensure we don't call the OCSP callback if resuming a session
Add some documentation for the OCSP callback functions
Handle SSL_shutdown while in init more appropriately
Prevent small subgroup attacks on DH/DHE
Always generate DH keys for ephemeral DH cipher suites
Add a test for small subgroup attacks on DH/DHE
Update CHANGES and NEWS for release
Prepare for 1.0.2f release
Mouse (6):
Fixed a bug preventing pkeyutl from accessing keys directly on the token via engine_pkcs11
Fixed crash (SIGSEGV) when freeing of ex_data stumbles upon a NULL-pointer.
Remove unnecessary debugging fprintf
Pass engine=NULL to EVP_PKEY_CTX_new(), unless "-engine_impl" was given
Root cause discovered and fixed, this fix became unnecessary
pkeyutl: allow peerkey for EC_DERIVE to reside on a hardware token (public key for now)
Prayag Verma (1):
Update license year range to 2016
Rich Salz (4):
Refer to website for acknowledgements.
Provide better "make depend" warning.
RT4202: Update rt URL's.
GH issue 572: Error in help message
Richard Levitte (15):
Small changes to creating dists
In travis, build from a "source release" rather than from the build tree
Do not add symlinks in the source release
Change tar owner and group to just 0
Cleanup the EVP_MD_CTX before exit rather than after
Make it possible to affect the way dists are made
Adapt the OS X build to use the OS X tar
Not all 'find's know -xtype, use -type instead
Fix tarball production to keep test/bctest and util/pod2mantest
Remove the "eay" c-file-style indicators
Have BIO_get_conn_int_port use BIO_ctrl instead BIO_int_ctrl
Document how BIO_get_conn_ip and BIO_get_conn_int_port actually work
Correct or add comments indicating what controls belong to what
BIO_s_datagram() ctrl doesn't support SEEK/TELL, so don't pretend it does
Fix BSD -rpath parameter
Uri Blumenthal (1):
Changed help output
Viktor Dukhovni (3):
Fix X509_STORE_CTX_cleanup()
Empty SNI names are not valid
Better SSLv2 cipher-suite enforcement
Zi Lin (1):
NGX-2040 - fix wildcard match on punycode/IDNA DNS names
arijitnayak (1):
Wrong definition of the macro SSL_set1_sigalgs in ssl.h
-----------------------------------------------------------------------
More information about the openssl-commits
mailing list