[openssl-commits] [openssl] OpenSSL_1_0_2k create

Matt Caswell matt at openssl.org
Thu Jan 26 13:48:30 UTC 2017 

The annotated tag OpenSSL_1_0_2k has been created
        at  76599d516c660f785b503b6e256ecda43c3f89b4 (tag)
   tagging  081314d07705aa58912845c213a48414d8f616a9 (commit)
  replaces  OpenSSL_1_0_2j
 tagged by  Matt Caswell
        on  Thu Jan 26 13:22:36 2017 +0000

- Log -----------------------------------------------------------------
OpenSSL 1.0.2k release tag
-----BEGIN PGP SIGNATURE-----

iQEuBAABCAAYBQJYifgcERxtYXR0QG9wZW5zc2wub3JnAAoJENnE0m0OYESReOIH
/23ErvXiEDM375DOuM8k/+uAdhHxlkEUSLzOzbco25ck7z5B7TugOLw3SMNyrl39
4+6b4EHVC1PRnc6NhJ73XXbirIIFRBeeeZGdPs28Q2ZP68zOujrDVa7PX+CoQDav
x/qAKgPa9ngQW69GQb6mL1+vNyA4XVr7r6qsM2ZzVcOiStKozZ5nGjnFU99DFjvX
iT/heVZwJLaFZR54/oyT4EZBTUJv/JK52IkqH9BR/UxDpp/+UuSSCGn9j4jjpU88
DyaenkrDb4nOdncGLJ5cf2ex0tJi04sgOU6dWE+vwYY3hhv2nHJpAPZIpTf5Vr/L
dAQIjatRUuoMJXWmJiR2Apc=
=p+ix
-----END PGP SIGNATURE-----

Andy Polyakov (7):
      Makefile.org: clear APPS environment variable.
      bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity).
      modes/ctr128.c: fix false carry in counter increment procedure.
      INSTALL: clarify 386 and no-sse2 options.
      perlasm/x86_64-xlate.pl: refine sign extension in ea package.
      crypto/evp: harden RC4_MD5 cipher.
      bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqr8x_internal.

Beat Bolli (1):
      Use consistent variable names

Benjamin Kaduk (2):
      Fix grammar-o in CONTRIBUTING
      Fix a bug in clienthello processing

Bernd Edlinger (4):
      Fix a memory leak in RSA_padding_add_PKCS1_OAEP_mgf1
      Fix error handling in SSL_CTX_new
      Fix a ssl session leak due to OOM in lh_SSL_SESSION_insert
      Fix error handling in compute_key, BN_CTX_get can return NULL

Cristian Stoica (1):
      remove redundant zero assignments

David Woodhouse (1):
      Call ENGINE_init() before trying to use keys from engine

Dr. Matthias St. Pierre (1):
      Fix leak of secrecy in ecdh_compute_key()

Dr. Stephen Henson (1):
      Check input length to pkey_rsa_verify()

FdaSilvaYY (1):
      Clean one unused variable, plus an useless one.

Finn Hakansson (1):
      Fix typo.

Kurt Cancemi (1):
      Add missing error string for SSL_R_TOO_MANY_WARN_ALERTS

Kurt Roeckx (1):
      Make SSL_read and SSL_write return the old behaviour and document it.

Markus Triska (1):
      replace "will lookup up" by "will look up"

Matt Caswell (16):
      Prepare for 1.0.2k-dev
      Fix NEWS error
      Ensure we handle len == 0 in ERR_err_string_n
      A zero return from BIO_read/BIO_write() could be retryable
      Fix a double free in ca command line
      Fix length check writing status request extension
      Ensure we have length checks for all extensions
      Implement length checks as a macro
      Fix heartbeat_test
      Fail if an unrecognised record type is received
      Add a CHANGES entry for the unrecognised record type change
      Update CHANGES and NEWS
      Revert "Fix heartbeat_test"
      Fix SSL_VERIFY_CLIENT_ONCE
      Update CHANGES and NEWS for new release
      Prepare for 1.0.2k release

Matthias Kraft (1):
      Solution proposal for issue #1647.

Orgad Shaneh (5):
      Configure: Improve incremental build time
      mklink: Do not needlessly overwrite linked files...
      domd: Do not needlessly overwrite Makefiles
      mklink: Do not needlessly overwrite linked files...
      domd: Preserve Makefile time when it is unchanged

Patrick Steuer (2):
      Fix strict-warnings build
      Fix strict-warnings build

Rich Salz (8):
      Revert "Call ENGINE_init() before trying to use keys from engine"
      RT is put out to pasture
      Correctly find all critical CRL extensions
      Fix typo (reported by Matthias St. Pierre)
      Missed a mention of RT
      Check return value of some BN functions.
      GH1986: Document -header flag.
      Add missing va_end

Richard Levitte (19):
      apps/apps.c: initialize and de-initialize engine around key loading
      Make 'openssl prime ""' not segfault
      Fix no-des
      If an engine comes up explicitely, it must also come down explicitely
      apps: make setup_engine() and release_engine() available always
      %p takes void*, so make sure to cast arguments to void*
      Add $(EX_LIBS) to the LIBDEPS for libgost.so, just as for all other engines
      Secure our notification email.
      Clarify what X509_NAME_online does with the given buffer and size
      UI code style cleanup
      Remove extra bang
      VMS UI_OpenSSL: if the TT device isn't a tty, flag instead of error
      UI_OpenSSL()'s session opener fails on MacOS X
      Make 'err' lable in ssl_cert_dup unconditional
      Fix ssl_cert_dup: change one 'return NULL' to 'goto err'
      M_check_autoarg: sanity check the key
      Reformat M_check_autoarg to match our coding style
      Fix DSA parameter generation control error
      Better check of DH parameters in TLS data

Steven Fackler (1):
      Fix signatures of EVP_Digest{Sign,Verify}Update

Vitezslav Cizek (2):
      Degrade 3DES to MEDIUM in SSL2
      apps/speed.c: Fix crash when config loading fails

russor (1):
      zero pad DHE public key in ServerKeyExchange message for interop

-----------------------------------------------------------------------

More information about the openssl-commits mailing list