[openssl-commits] [openssl] OpenSSL_1_0_1t create

Matt Caswell matt at openssl.org
Tue May 3 13:58:30 UTC 2016 

The annotated tag OpenSSL_1_0_1t has been created
        at  82aa4a2104c3456a66aed4c55da51f6ddecf3648 (tag)
   tagging  3d2e575b3f71b4d66c0b948d411d8e936f192127 (commit)
  replaces  OpenSSL_1_0_1s
 tagged by  Matt Caswell
        on  Tue May 3 14:49:52 2016 +0100

- Log -----------------------------------------------------------------
OpenSSL 1.0.1t release tag

Andy Polyakov (1):
      bn/asm/x86[_64]-mont*.pl: complement alloca with page-walking.

David Benjamin (1):
      Fix memory leak on invalid CertificateRequest.

Dr. Stephen Henson (11):
      Sanity check PVK file fields.
      Don't shift serial number into sign bit
      Fix FIPS SSLv2 test
      Harden ASN.1 BIO handling of large amounts of data.
      Reject inappropriate private key encryption ciphers.
      Add size limit to X509_NAME structure.
      Sanity check buffer length.
      Add checks to X509_NAME_oneline()
      Don't free ret->data if malloc fails.
      Fix i2d_X509_AUX: pp can be NULL.
      Fix ASN1_INTEGER handling.

Kurt Roeckx (3):
      Remove LOW from the default
      Add no-ssl2-method
      Check that we have enough padding characters.

Matt Caswell (16):
      Prepare for 1.0.1t-dev
      Fix a potential double free in EVP_DigestInit_ex
      Ensure that memory allocated for the ticket is freed
      Add a check for a failed malloc
      Fix the no-comp option for Windows
      Fix a signed/unsigned warning
      Ensure we check i2d_X509 return val
      Fix encrypt overflow
      Prevent EBCDIC overread for very long strings
      Avoid overflow in EVP_EncodeUpdate
      Ensure EVP_EncodeUpdate handles an output length that is too long
      Add documentation for EVP_EncodeInit() and similar functions
      Remove some documentation for functions not in 1.0.x
      Update CHANGES and NEWS for the new release
      make update
      Prepare for 1.0.1t release

Rich Salz (1):
      Fix NULL deref in apps/pkcs7

Viktor Dukhovni (3):
      Retain SSLv2 methods as functions that return NULL
      expose SSLv2 method prototypes
      Fix buffer overrun in ASN1_parse().

-----------------------------------------------------------------------

More information about the openssl-commits mailing list