The annotated tag OpenSSL_1_0_2o has been created at d891c9c53470048f5a4ff334bcd2036f9070d3aa (tag) tagging 3ce7bc40a3c48da1c96c2d04c10045bd797c6aa3 (commit) replaces OpenSSL_1_0_2n tagged by Matt Caswell on Tue Mar 27 14:55:22 2018 +0100
- Log ----------------------------------------------------------------- OpenSSL 1.0.2o release tag -----BEGIN PGP SIGNATURE----- iQEuBAABCAAYBQJauk1KERxtYXR0QG9wZW5zc2wub3JnAAoJENnE0m0OYESRWP0I AIze+GYMM6xnkVgogSCBcFGeYA06M0KRyHMc/P6CG4EvIlj4U8Wl3ru+WCdIhco+ iQIHa3V7vrO6TXMvh3x7Cj/y/SZYQRlCFvAB39iucorQTtxnsJcMcqD7UxLIoKSI 6Yxc/jVPRRIK1WIO0UtOscm5CjysBswfxnLiDmFCfpHq3C8cG1/3JxpdBdKzSA1X OQyGbWMJlBhTMepxgbPn/UC7zysVegE59aW38bYUXC/UnsAbgHB23sqQDYY6Ae4T S857Mq9s59x4SRTop2dK9+412R4gKgoQeAoiaVnTYgvp+KefhV3YFuQpPtaNcN3X N66Zi91pjiBjFv0Vws4Igeg= =vDy1 -----END PGP SIGNATURE----- Andy Polyakov (2): ec/ecp_nistp*.c: sanitize for undefined/implmentation-specific behaviour. Fix timing leak in BN_from_montgomery_word. Bernd Edlinger (7): Swap the check in ssl3_write_pending to avoid using the possibly indeterminate pointer value in wpend_buf. Remove code that prints "<SPACES/NULS>" in hexdumps when the data block ends with SPACEs or NULs. Fix a possible memory leak in engine_table_register Minor style fixup on recent commit 99bb59d at ssl_scan_clienthello_tlsext Fix some bugs with the cfb1 bitsize handling Fix ecparam -genkey with point compression or DER outform Fix dsaparam -genkey with DER outform Cristian Stoica (2): merge two mutual exclusive #ifdefs to improve clarity fix several typos in README.gost David Benjamin (2): Make BN_num_bits_word constant-time. Don't leak the exponent bit width in BN_mod_exp_mont_consttime. Dr. Matthias St. Pierre (3): Add missing prototype for FIPS callback bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data BIO_s_mem.pod: fix indirection for out parameter **pp FdaSilvaYY (1): Fix an incoherent test. Ivan Filenko (1): Fix typo in ASN1_STRING_length doc J Mohan Rao Arisankala (1): Cleanup ctxs if callback fail to retrieve session ticket Jonathan Scalise (1): Changed OPENSSL_gmtime so macOS uses threadsafe gmtime_r instead of gmtime. Konstantin Shemyak (1): Corrected 'cms' exit status when key or certificate cannot be opened Kurt Roeckx (1): Fix propotype to include the const qualifier Matt Caswell (23): Prepare for 1.0.2o-dev Fix initialisation in fatalerrtest Fix the buffer sizing in the fatalerrtest Fix a switch statement fallthrough Tolerate DTLS alerts with an incorrect version number Revert BN_copy() flag copy semantics change Don't allow an empty Subject when creating a Certificate Don't crash on a missing Subject in index.txt Make sure we check an incoming reneg ClientHello in DTLS Sanity check the ticket length before using key name/IV Improve error handling in pk7_doit Free the correct type in OBJ_add_object() Revert "Don't allow an empty Subject when creating a Certificate" Revert "Don't crash on a missing Subject in index.txt" Report a readable error on a duplicate cert in ca app Allow multiple entries without a Subject even if unique_subject == yes Fix a memory leak in the ca application The default conv_form is uncompressed Limit ASN.1 constructed types recursive definition depth Update CHANGES and NEWS for the new release Update copyright year make update Prepare for 1.0.2o release Pavel Kopyl (2): X509V3_EXT_add_nconf_sk, X509v3_add_ext: fix errors handling do_body: fix heap-use-after-free. Philippe Antoine (1): Checks ec_points_format extension size Rich Salz (5): Standardize syntax around sizeof(foo) Add fingerprint text, remove MD5 Fix BN doc Add warnings to thread doc. Fix credit for SRP code Richard Levitte (8): Remove unicode characters from source Remove three test programs that snuck in Configure: use a better method to identify gcc and derivates Add missing tests to the VMS test scripts test/maketests.com: remove irrelevant comment Update the license end year Remove useless -D_ENDIAN from MPE/iX-gcc config crypto/engine/eng_cryptodev.c: don't treat a void* like an array Samuel Weiser (3): Replaced variable-time GCD with consttime inversion to avoid side-channel attacks on RSA key generation used ERR set/pop mark consttime flag changed Todd Short (1): Fix error-path memory leak in asn_mime.c Viktor Dukhovni (3): Document the X509_V_FLAG_PARTIAL_CHAIN flag Add missing comma between references Fix wrong case in documentation of -CRLfile option White_Rabbit (1): Update s_client doc adding xmpp as value for -starttls ----------------------------------------------------------------------- _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits