Monthly Status Report (February)

Matt Caswell matt at
Tue Mar 2 12:43:12 UTC 2021

As well as normal reviews, responding to user queries, wiki user
requests, OMC business, support customer issues, CLA submissions,
handling security reports, etc., key activities this month:

- Completed and pushed the PR to remove compile time algorithm checks 
from libssl
- Removed some TODO(OpenSSL1.2) references
- Removed a DSA related TODO
- Created a patch for the CipherUpdate overflow issue (CVE-2021-23840)
- Wrote the security advisory for CVE-2021-23839/CVE-2021-23840/CVE-23841
- Deprecated the SRP APIs
- Sprint planning for the Hydrogen sprint
- Created a patch for the X509_issuer_and_serial_hash() issue 
- Manged and performed the 1.1.1j and 1.0.2y security releases
- Fixed "openssl dhparam -check"
- Investigated memory allocation issue in OPENSSL_cleanup()
- Fixed issues with the pem2der decoder where the type of thing we are 
loading could be forgotten when moving to the next decoder in the chain.
- PR to duplicate the file and func error string to avoid a crash where 
a provider gets unloaded with errors still on the stack
- Added documentation for all the remaining symbols that have been added 
since 1.1.1 but were still undocumented
- Performed the alpha12 release
- Fixed mingw build failure
- Fixed an issue where a lock was held in ossl_namemap_doall_names while 
calling a user callback
- Sprint planning for the Helium sprint
- Implemented PR to cache legacy keys in an EVP_PKEY instead of 
downgrading it
- Significant ongoing work to investigate 1.1.1 test failures when run 
against the 3.0 libraries


More information about the openssl-project mailing list