[openssl-commits] [openssl] OpenSSL_1_1_0j create

Matt Caswell matt at openssl.org
Tue Nov 20 14:12:34 UTC 2018

The annotated tag OpenSSL_1_1_0j has been created
        at  21830324cf9f3f9589b30303c078189fda92cd2b (tag)
   tagging  74f2d9c1ec5f5510e1d3da5a9f03c28df0977762 (commit)
  replaces  OpenSSL_1_1_0i
 tagged by  Matt Caswell
        on  Tue Nov 20 13:41:22 2018 +0000

- Log -----------------------------------------------------------------
OpenSSL 1.1.0j release tag


Andy Polyakov (8):
      crypto/init.c: improve destructor_key's portability.
      crypto/bn: add more fixed-top routines.
      rsa/rsa_ossl.c: implement variant of "Smooth CRT-RSA."
      bn/bn_blind.c: use Montgomery multiplication when possible.
      bn/bn_lib.c: conceal even memmory access pattern in bn2binpad.
      rsa/rsa_ossl.c: fix and extend commentary [skip ci].
      ssl/s3_enc.c: fix logical errors in ssl3_final_finish_mac.
      arch/async_posix.h: improve portability.

Benjamin Kaduk (2):
      Avoid shadowing 'free' in X509_LOOKUP_met_set_free
      apps: allow empty attribute values with -subj

Bernd Edlinger (2):
      Fix a warning from MSVC build
      Make the config script fail with an error code if Configure failed

Billy Brumley (3):
      More EVP ECC testing: positive and negative
      [test] ECC: make sure negative tests pass for the right reasons
      [crypto/bn] swap BN_FLG_FIXED_TOP too

Daniel Bevenius (1):
      Document OPENSSL_VERSION_TEXT macro

Dmitry Belyavskiy (1):
      Backport #7007 to 1.1.0

Dr. Matthias St. Pierre (1):
      md_rand.c: don't stop polling until properly initialized

Eric Brown (1):
      Remove redundant ASN1_INTEGER_set call

Eric Curtin (1):
      New openssl subject parser hard to debug

Jakub Wilk (1):
      Fix example in crl(1) man page

Matt Caswell (9):
      Prepare for 1.1.0j-dev
      Free SSL object on an error path
      The req documentation incorrectly states that we default to md5
      Clarify the EVP_DigestSignInit docs
      Check the return value from ASN1_INTEGER_set
      Add an explicit cast to time_t
      Update CHANGES and NEWS for new release
      Update copyright year
      Prepare for 1.1.0j release

Nicola Tuveri (5):
      Backport #6648 to OpenSSL_1_1_0-stable
      Fix segfault in RSA_free() (and DSA/DH/EC_KEY)
      Harmonize the error handling codepath
      Split test/evptests.txt into separate files.
      Move evp test programs input data to its own data dir

Paul Kehrer (2):
      add getter for tbsResponseData and signatureAlgorithm on OCSP_BASICRESP
      add docs for OCSP_resp_get0_signature

Pauli (11):
      Zero memory in CRYPTO_secure_malloc.
      Check the return from BN_sub() in BN_X931_generate_Xpq().
      Make OBJ_NAME case insensitive.
      Key zeroization fix for EVP_SealInit.
      Add a compile time test to verify that openssl/rsa.h and complex.h can     coexist.
      Use 'i' as parameter name not 'I'.
      Use secure_getenv(3) when available.
      DSA mod inverse fix
      Timing vulnerability in DSA signature generation (CVE-2018-0734).
      Timing vulnerability in ECDSA signature generation (CVE-2018-0735)
      Add a constant time flag to one of the bignums to avoid a timing leak.

Richard Levitte (15):
      openssl req: don't try to report bits
      CAPI engine: add support for RSA_NO_PADDING
      crypto/ui/ui_openssl.c: make sure to recognise ENXIO and EIO too
      crypto/bn/asm/x86_64-gcc.c: remove unnecessary redefinition of BN_ULONG
      Small cleanup (util/mkdef.pl, crypto/bio/bss_log.c, include/openssl/ocsp.h)
      Clean out aliases in include/openssl/symhacks.h
      Allow parallel install
      Have install targets depend on more precise build targets
      VMS build: colon after target must be separated with a space
      Fix cherry-pick error
      Windows build: build foo.d after foo.obj
      Configuration: make sure the shared_sources table doesn't contain empty elements
      Fix rpath-related Linux "test_shlibload" failure.
      test/recipes/90-test_shlibload.t needs $target{shared_extension}
      Fix typo in util/perl/OpenSSL/Test.pm

Rod Vagg (1):
      Remove brace from bad cherry-pick of DSA reallocation fix

Shane Lontis (4):
      key zeroisation for pvkfmt now done on all branch paths
      key zeroisation fix for p12
      hkdf zeroization fix
      RSA padding Zeroization fixes

Sohaib ul Hassan (1):
      Implement coordinate blinding for EC_POINT

Tomas Mraz (1):
      Fix copy&paste error found in Coverity scan

Viktor Dukhovni (2):
      Only CA certificates can be self-issued
      Apply self-imposed path length also to root CAs

Viktor Szakats (1):
      minor fixes for Windows

parasssh (1):
      Fix typos in documentation.


More information about the openssl-commits mailing list