[openssl-commits] [openssl] OpenSSL_1_0_2q create

Matt Caswell matt at openssl.org
Tue Nov 20 14:12:34 UTC 2018

The annotated tag OpenSSL_1_0_2q has been created
        at  4bd676413494473ed5f3011c7ffa423eaae79468 (tag)
   tagging  5707219a6aae8052cb98aa361d115be01b8fd894 (commit)
  replaces  OpenSSL_1_0_2p
 tagged by  Matt Caswell
        on  Tue Nov 20 13:45:20 2018 +0000

- Log -----------------------------------------------------------------
OpenSSL 1.0.2q release tag


Andy Polyakov (7):
      x509v3/v3_purp.c: resolve Thread Sanitizer nit.
      crypto/bn: add more fixed-top routines.
      rsa/rsa_eay.c: implement variant of "Smooth CRT-RSA."
      bn/bn_blind.c: use Montgomery multiplication when possible.
      bn/bn_lib.c: conceal even memmory access pattern in bn2binpad.
      util/domd: omit superfluous shift in -MD handling.
      rsa/rsa_ossl.c: fix and extend commentary [skip ci].

Bernd Edlinger (1):
      Make the config script fail with an error code if Configure failed

Billy Brumley (1):
      CVE-2018-5407 fix: ECC ladder

Daniel Bevenius (1):
      Document OPENSSL_VERSION_TEXT macro

Dr. Matthias St. Pierre (3):
      drbg_get_entropy: force a reseed before calling ssleay_rand_bytes()
      md_rand.c: don't stop polling until properly initialized
      Fix 'no-ecdh' build

Eric Brown (1):
      Remove redundant ASN1_INTEGER_set call

Hubert Kario (1):
      document the -no_ecdhe option in s_server man page

Jakub Wilk (1):
      Fix example in crl(1) man page

Manikantan Subramanian (1):
      Use gethostbyname_r if available

Matt Caswell (9):
      Prepare for 1.0.2q-dev
      The req documentation incorrectly states that we default to md5
      Clarify the EVP_DigestSignInit docs
      Check the return value from ASN1_INTEGER_set
      Properly handle duplicated messages from the next epoch
      Update CHANGES and NEWS for new release
      Update copyright year
      make update
      Prepare for 1.0.2q release

Nicola Tuveri (1):
      Access `group->mont_data` conditionally in EC_GROUP_set_generator()

Pauli (5):
      Check the return from BN_sub() in BN_X931_generate_Xpq().
      Merge 1.0.2 setuid calls to getenv(3) safety.
      Merge DSA reallocation timing fix CVE-2018-0734.
      Merge to 1.0.2: DSA mod inverse fix.
      Add a constant time flag to one of the bignums to avoid a timing leak.

Richard Levitte (6):
      VMS: add missing x509_time test to test scripts
      openssl req: don't try to report bits
      CAPI engine: add support for RSA_NO_PADDING
      crypto/ui/ui_openssl.c: make sure to recognise ENXIO and EIO too
      crypto/bn/asm/x86_64-gcc.c: remove unnecessary redefinition of BN_ULONG
      VMS: ensure crypto/getenv.c is included in the build

Viktor Dukhovni (2):
      Only CA certificates can be self-issued
      Apply self-imposed path length also to root CAs

Vitezslav Cizek (1):
      DSA: Check for sanity of input parameters


More information about the openssl-commits mailing list