[openssl] OpenSSL_1_1_1m create

Matt Caswell matt at openssl.org
Tue Dec 14 16:33:31 UTC 2021

The annotated tag OpenSSL_1_1_1m has been created
        at  a38e83deaf94cf3c1158b9d93f9083396757ce55 (tag)
   tagging  ac3cef223a4c61d6bee34527b6d4c8c6432494a7 (commit)
  replaces  OpenSSL_1_1_1l
 tagged by  Matt Caswell
        on  Tue Dec 14 15:45:01 2021 +0000

- Log -----------------------------------------------------------------
OpenSSL 1.1.1m release tag


Allan Jude (1):
      Fix detection of ARMv7 and ARM64 CPU features on FreeBSD

Bernd Edlinger (19):
      Fix the array size of dtlsseq in tls1_enc
      Avoid using undefined value in generate_stateless_cookie_callback
      Fix some strict gcc-12 warnings
      Check for null-pointer dereference in dh_cms_set_peerkey
      Fix instances of pointer addition with the NULL pointer
      Fix enable-asan with C++ buildtest
      Fix the "Out of memory" EVP KDF scrypt test
      Fix no-tls1_3 tests
      Use applink to fix windows tests
      Fix a NPD bug in engines/e_dasync.c
      Fix a memory leak in the afalg engine
      Fix some possible memory leaks in EVP_CipherInit_ex
      Fix double-free in e_dasync.c
      Fix a memory leak in tls_parse_stoc_key_share
      Fix a memory leak in ssl_create_cipher_list
      Avoid loading of a dynamic engine twice
      Add a test case for duplicate engine loading
      Fix a deadlock in OBJ_NAME_add
      Fix a carry overflow bug in bn_sqr_comba4/8 for mips 32-bit targets

Chenglong Zhang (1):
      Fix speed, use OPENSSL_free instead of free

Daniel Krügler (1):
      Ensure that _GNU_SOURCE is defined for bss_dgram.c

David Carlier (1):
      Darwin platform allows to build on releases before Yosemite/ios 8.

Dmitry Belyavskiy (2):
      Bindhost/bindport should be freed
      No EtM for GOST ciphers

Dr. David von Oheimb (4):
      BIO_push.pod: fix confusing text and add details on corner cases
      Fix ssl_free() and thus BIO_free() to respect BIO_NOCLOSE
      BIO_f_ssl.pod: Make clear where an SSL BIOs are expected as an argument
      OBJ_nid2obj.pod: Replace remaining 'B<' by 'I<' were appropriate

Dr. Matthias St. Pierre (1):
      doc/man3/SSL_set_fd.pod: add note about Windows compiler warning

Lenny Primak (1):
      MacOS prior to 10.12 does not support random API correctly

Matt Caswell (15):
      Prepare for 1.1.1m-dev
      Clarify what SSL_get_session() does on the server side in TLSv1.3
      Correct the documentation for SSL_set_num_tickets()
      New extensions can be sent in a certificate request
      Extend custom extension testing
      Ensure pkey_set_type handles ENGINE references correctly
      Add tests for ENGINE problems
      Fix the s_server psk_server_cb for use in DTLS
      Fix no-cmac
      Fix a gcc 11.2.0 warning
      Reset the rwstate before calling ASYNC_start_job()
      Clarify and correct the EVP_CTRL_AEAD_SET_TAG docs
      Fix documentation for tlsext_ticket_key
      Update copyright year
      Prepare for 1.1.1m release

Mattias Ellert (1):
      Openssl fails to compile on Debian with kfreebsd kernels (kfreebsd-amd64, kfreebsd-i386). The error reported by the compiler is:

Mingjun.Yang (1):
      Add sm2 encryption test case from GM/T 0003.5-2012

Nicola Tuveri (3):
      Add tests for i2d_TYPE_fp and d2i_TYPE_fp
      Fix d2i_ECPKParameters_fp and i2d_ECPKParameters_fp macros
      [ec] Do not default to OPENSSL_EC_NAMED_CURVE for curves without OID

Nikita Ivanov (1):
      Fix nc_email to check ASN1 strings with NULL byte in the middle

PW Hu (2):
      Fix some documentation errors related to return values
      Fix: invoking x509_name_cannon improperly

Pauli (3):
      doc: document the rsa_oaep_md: pkeyopt
      speed: range check the argument given to -multi for 1.1.1
      doc: fix macro name

Peiwei Hu (2):
      test/ssl_old_test.c: Fix potential leak
      Fix BIO_get_md_ctx return value check

Richard Levitte (12):
      test/ec_internal_test: link with libapps.a too
      VMS: Compensate for compiler type incompatibility
      DOCS: Update the page for 'openssl passwd' to not duplicate some info
      VMS: Fix misspelt type
      Fix test/recipes/01-test_symbol_presence.t to allow for stripped libraries
      Fix test/recipes/01-test_symbol_presence.t to disregard version info
      ERR: Add a missing common reason string
      DOC: Add a few previously documented functions
      TEST: Enable and fix test_bn2padded() in test/bntest.c
      Fix faulty detail in BN_rand() manual
      Add some CHANGES entries for 1.1.1m
      Update NEWS for 1.1.1m

Tianjia Zhang (2):
      apps/ciphers: Fix wrong return value when using -convert parameter
      ssl: Correct filename in README

Tomas Mraz (3):
      CI: Replace windows-2016 with windows-2022

Viktor Dukhovni (2):
      Prioritise DANE TLSA issuer certs over peer certs
      Test for DANE cross cert fix

x2018 (2):
      check the return value of BN_new() and BN_dup()
      free the Post-Handshake Auth digest when there is an error saving the digest

zhaozg (3):
      ts: fix memleaks caused by TS_VERIFY_CTX_set_imprint
      cms: fix memleaks in cms_env.c
      evp: fix EVP_PKEY_get0_EC_KEY when EC_KEY is SM2


More information about the openssl-commits mailing list