projects / oweals / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ec/ecp_nistz256.c: fix ecp_nistz256_set_from_affine.
[oweals/openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index cc142508b9a4852a0a958abf0c2f5393c3ef2799..f9562dd712c53ae75b83124e1b1fbb7a18275acb 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,21 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.0.2o and 1.0.2p [xx XXX xxxx]
+
+  *) Add blinding to ECDSA and DSA signatures to protect against side channel
+     attacks discovered by Keegan Ryan (NCC Group).
+     [Matt Caswell]
+
+  *) When unlocking a pass phrase protected PEM file or PKCS#8 container, we
+     now allow empty (zero character) pass phrases.
+     [Richard Levitte]
+
+  *) Certificate time validation (X509_cmp_time) enforces stricter
+     compliance with RFC 5280. Fractional seconds and timezone offsets
+     are no longer allowed.
+     [Emilia Käsper]
+
  Changes between 1.0.2n and 1.0.2o [27 Mar 2018]
 
   *) Constructed ASN.1 types with a recursive definition could exceed the stack
Unnamed repository; edit this file 'description' to name the repository.