[openssl-commits] [openssl] OpenSSL_1_1_0c create

Matt Caswell matt at openssl.org
Thu Nov 10 17:55:24 UTC 2016

The annotated tag OpenSSL_1_1_0c has been created
        at  48a90131b4e70d8e4b125a64d6c99307c70d7a76 (tag)
   tagging  91eaf079b7430cb4ebb7f3ccabe74aa383b27c4e (commit)
  replaces  OpenSSL_1_1_0b
 tagged by  Matt Caswell
        on  Thu Nov 10 14:03:42 2016 +0000

- Log -----------------------------------------------------------------
OpenSSL 1.1.0c release tag


Andrea Grandi (3):
      Add missing .pod extension to EVP_PKEY_CTX_set_tls1_prf_md
      Fix broken link to ASYNC_get_wait_ctx and rewrap the paragraph
      Improve PRF documentation

Andy Polyakov (6):
      x86_64 assembly pack: add Goldmont performance results.
      test/bntest.c: regression test for CVE-2016-7055.
      bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity).
      aes/asm/aesp8-ppc.pl: improve [backward] portability.
      test: add TLS application data corruption test.
      test/evptests.txt: add negative tests for AEAD ciphers.

Ben Laurie (5):
      Don't use des when disabled.
      Make dependencies if Makefile is new.
      Remove untrue comment.
      Fix no-ocsp.
      Remove blank line.

Benjamin Kaduk (1):
      Fix grammar-o in CONTRIBUTING

Claus Assmann (1):
      Fix grammar error in SSL_CTX_set_min_proto_version

David Benjamin (9):
      Test CBC mode padding.
      Don't test quite so many of them.
      Address review comments.
      Switch back to assuming TLS 1.2.
      Add missing parameter.
      Add a basic test for BN_bn2dec.
      Implement RSASSA-PKCS1-v1_5 as specified.
      Make RSA_sign.pod less confusing.
      Improve RSA test coverage.

David Woodhouse (2):
      Restore '-keyform engine' support for s_client
      Disable encrypt_then_mac negotiation for DTLS.

Dr. Stephen Henson (8):
      Add SRP test vectors from RFC5054
      SRP code tidy.
      fix memory leak
      Fix X509_NAME decode for malloc failures.
      Add memory leak detection to d2i_test
      Fix embedded string handling.
      Don't set choice selector on parse failure.
      add test for CVE-2016-7053

EasySec (1):
      When no SRP identity is found, no error was reported server side

FdaSilvaYY (4):
      Fix copy-paste test labels
      Add error checking, small nit on ouput
      Allow null in  X509_CRL_METHOD_free
      Missing BN_RECP_CTX field init.

Kurt Roeckx (1):
      conf fuzzer: also check for an empty file

Mat (1):
      Do not set load_crypto_strings_inited when OPENSSL_NO_ERR is defined

Matt Caswell (32):
      Prepare for 1.1.0c-dev
      Fix some mem leaks in sslapitest
      Add support for testing renegotiation
      Update README.ssltest.md
      Extend the renegotiation tests
      Add DTLS renegotiation tests
      Fix no-dtls
      Fix an Uninit read in DTLS
      Fix missing NULL checks in NewSessionTicket construction
      Ensure we handle len == 0 in ERR_err_string_n
      A zero return from BIO_read()/BIO_write() could be retryable
      Add a test for BIO_read() returning 0 in SSL_read() (and also for write)
      Fix a double free in ca command line
      Fix length check writing status request extension
      Ensure we have length checks for all extensions
      Implement length checks as a macro
      Fix read_ahead
      Add a read_ahead test
      Fail if an unrecognised record type is received
      Add a test for unrecognised record types
      Add a CHANGES entry for the unrecognised record type change
      Partial revert of 3d8b2ec42 to add back DSO_pathbyaddr
      Add a DSO_dsobyaddr() function
      Ensure that libcrypto and libssl do not unload until the process exits
      Add a test to dynamically load and unload the libraries
      Link using -znodelete
      Implement GET_MODULE_HANDLE_EX_FLAG_PIN for windows
      Always ensure that init_msg is initialised for a CCS
      Partial revert of "Fix client verify mode to check SSL_VERIFY_PEER"
      Fix the no-tls option
      Update CHANGES and NEWS
      Prepare for 1.1.0c release

Mike Aizatsky (1):
      [fuzzers] do not fail fuzzers with empty input

Rich Salz (6):
      RT is put out to pasture
      GH1546: Fix old names in cryptodev code.
      Fix typo (reported by Matthias St. Pierre)
      Update CRYPTO_set_mem_debug() doc
      Missed a mention of RT
      Zero stack variable with DSA nonce

Richard Levitte (34):
      apps/apps.c: initialize and de-initialize engine around key loading
      Remove automatic RPATH
      Remove automatic RPATH - add user rpath support
      Remove automatic RPATH - adapt shlib_wrap.sh
      Remove automatic RPATH - Add a CHANGES entry
      If an engine comes up explicitely, it must also come down explicitely
      apps: instead of varying implementation, make setup_engine a function always
      apps: remove some #ifndef clutter
      Correct installation test in appveyor
      Efence is antiquated, remove all traces of using it
      Add some notes on shared library names on different platforms
      Backdated note in CHANGES about shared library names
      VMS: tell the C compiler to use the ISO C94 standard
      Mark VC templates correctly.
      Unix Makefile: Some sed implementation truncate long lines.  Use perl instead.
      HPUX: Add the forgotten $(DSTDIR) when linking DSOs
      Secure our notification email.
      Test recipes: remove duplicate OpenSSL::Test usage
      test/build.info: typo, $ missing
      Clang doesn't like -znodelete, make it a linker flag instead
      test/shlibloadtest: small fixes
      Enable memory debugging while testing
      Don't assume to know the shared library extension
      Travis: add a strict build
      VMS build file template: assign 'arch' to local symbol table
      VMS: pretend to use -znodelete
      Fix the LIBZ macro on VC config targets
      Windows: use default ZLIB1 unless --with-zlib-lib is set
      INSTALL: small typo
      Unix Makefile: Make sure to use $(PERL) when running ./Configure
      Fix no-dso (shlibloadtest)
      Fix the evp_test Ctrl keyword processing
      chacha20/poly1305: make sure to clear the buffer at correct position
      Fix no-cms (CVE-2016-7053)

Sergey Bronnikov (1):
      Fix link to LibFuzzer

Steven Fackler (1):
      Fix signatures of EVP_Digest{Sign,Verify}Update

Tomas Mraz (1):
      Engine afalg: properly set operation type also on big endian.

Vitezslav Cizek (1):
      Configure: remove superfluous 0x

Xiaoyin Liu (1):
      Fix typo

choury (1):
      fix invalid use of incomplete type X509_STORE_CTX


More information about the openssl-commits mailing list