[openssl-commits] [openssl] OpenSSL_1_0_2h create

Matt Caswell matt at openssl.org
Tue May 3 13:58:30 UTC 2016

The annotated tag OpenSSL_1_0_2h has been created
        at  2bf3af72664b963ee5702efd561d63ae2dc507f6 (tag)
   tagging  5dd94f1847c744929a3bd24819f1c99644bb18c7 (commit)
  replaces  OpenSSL_1_0_2g
 tagged by  Matt Caswell
        on  Tue May 3 14:46:41 2016 +0100

- Log -----------------------------------------------------------------
OpenSSL 1.0.2h release tag

Andy Polyakov (4):
      perlasm/x86_64-xlate.pl: handle binary constants early.
      bn/asm/x86[_64]-mont*.pl: complement alloca with page-walking.
      PPC assembly pack: remove branch hints.
      s390x assembly pack: cache capability query results.

David Benjamin (1):
      Fix memory leak on invalid CertificateRequest.

Dr. Stephen Henson (11):
      Sanity check PVK file fields.
      Don't shift serial number into sign bit
      Fix FIPS SSLv2 test
      Harden ASN.1 BIO handling of large amounts of data.
      Reject inappropriate private key encryption ciphers.
      Add size limit to X509_NAME structure.
      Sanity check buffer length.
      Add checks to X509_NAME_oneline()
      Don't free ret->data if malloc fails.
      Fix i2d_X509_AUX: pp can be NULL.
      Fix ASN1_INTEGER handling.

Eric S. Raymond (1):
      RT4358: Extra ] in doc/ocsp.pod

Kurt Roeckx (3):
      Remove LOW from the default
      Add no-ssl2-method
      Check that we have enough padding characters.

Matt Caswell (16):
      Prepare for 1.0.2h-dev
      Fix a potential double free in EVP_DigestInit_ex
      Ensure that memory allocated for the ticket is freed
      Add a check for a failed malloc
      Fix the no-comp option for Windows
      Fix a signed/unsigned warning
      Ensure we check i2d_X509 return val
      Fix encrypt overflow
      Prevent EBCDIC overread for very long strings
      Avoid overflow in EVP_EncodeUpdate
      Ensure EVP_EncodeUpdate handles an output length that is too long
      Add documentation for EVP_EncodeInit() and similar functions
      Remove some documentation for functions not in 1.0.x
      Update CHANGES and NEWS for the new release
      make update
      Prepare for 1.0.2h release

Rich Salz (1):
      Fix NULL deref in apps/pkcs7

Richard Levitte (2):
      Recognise 32-bit Solaris in util/shlib_wrap.sh
      Touch the correct variables for the system; shlib_wrap.sh on Solaris

TJ Saunders (2):
      Issue #719:
      Remove confusing comment.

Todd Short (1):
      Fix ALPN

Viktor Dukhovni (3):
      Retain SSLv2 methods as functions that return NULL
      expose SSLv2 method prototypes
      Fix buffer overrun in ASN1_parse().


More information about the openssl-commits mailing list