Repo Frozen

Bernd Edlinger bernd.edlinger at hotmail.de
Mon Sep 9 16:33:12 UTC 2019


On 9/9/19 5:31 PM, Matt Caswell wrote:
> Richard has just frozen the repo in advance of the releases tomorrow.
> 
> There are still some PRs outstanding that we are expecting to be included and I
> will push as they become available:
> 
> 
> https://github.com/openssl/openssl/pull/9777
> Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
> 
> Awaiting an update from Bernd
> 

Done.

I have yet another PR, which is needed for 1.1.1
https://github.com/openssl/openssl/pull/9687
Fix a potential crash in rand_unix.c

Initially it was just a strict-warning issue,
then in the review we found a potential crash which
can happen after the entropy buffer grow patch was added,
which makes this a regression introduced after 1.1.1c.


Bernd.

> 
> https://github.com/openssl/openssl/pull/9802
> drbg: ensure fork-safety [1.1.1]
> 
> Approved, but awaiting input from Kurt
> 
> 
> https://github.com/openssl/openssl/pull/9811
> [1.0.2-bp][ec] match built-in curves on EC_GROUP_new_from_ecparameters
> 
> Not sure if Nicola wanted to do a final update, but otherwise its approved and
> ready to go.
> 
> 
> There will also be some CHANGES/NEWS type updates required
> 
> 
> Matt
> 
> 


More information about the openssl-project mailing list