From 3e06fb754e025168bdf450de87be5953f0c65cbf Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Fri, 11 Oct 2002 17:56:34 +0000 Subject: [PATCH] synchronize with 0.9.7-stable version of this file --- CHANGES | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/CHANGES b/CHANGES index 1c40b76a3d..f686c85b92 100644 --- a/CHANGES +++ b/CHANGES @@ -281,7 +281,15 @@ TODO: bug: pad x with leading zeros if necessary EC_GROUP_get_nid() [Nils Larsch ] - *) The "block size" for block ciphers in CFB and OFB mode should be 1. - [Steve Henson] - *) Make sure tests can be performed even if the corresponding algorithms have been removed entirely. This was also the last step to make OpenSSL compilable with DJGPP under all reasonable conditions. @@ -317,8 +322,8 @@ TODO: bug: pad x with leading zeros if necessary # Place yourself outside of the OpenSSL source tree. In # this example, the environment variable OPENSSL_SOURCE # is assumed to contain the absolute OpenSSL source directory. - mkdir -p objtree/`uname -s`-`uname -r`-`uname -m` - cd objtree/`uname -s`-`uname -r`-`uname -m` + mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`" + cd objtree/"`uname -s`-`uname -r`-`uname -m`" (cd $OPENSSL_SOURCE; find . -type f -o -type l) | while read F; do mkdir -p `dirname $F` ln -s $OPENSSL_SOURCE/$F $F @@ -2001,7 +2006,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k overflow checks added in 0.9.6e. This prevents DoS (the assertions could call abort()). [Arne Ansper , Bodo Moeller] - + Changes between 0.9.6d and 0.9.6e [30 Jul 2002] *) Add various sanity checks to asn1_get_length() to reject @@ -2052,11 +2057,6 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k too small for 64 bit platforms. (CAN-2002-0655) [Matthew Byng-Maddick and Ben Laurie (CHATS)> - *) Remote buffer overflow in SSL3 protocol - an attacker could - supply an oversized master key in Kerberos-enabled versions. - (CAN-2002-0657) - [Ben Laurie (CHATS)] - *) Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized session ID to a client. (CAN-2002-0656) [Ben Laurie (CHATS)] @@ -2151,13 +2151,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k value is 0. [Richard Levitte] - *) Add the configuration target linux-s390x. - [Neale Ferguson via Richard Levitte] - *) [In 0.9.6d-engine release:] Fix a crashbug and a logic bug in hwcrhk_load_pubkey(). [Toomas Kiisk via Richard Levitte] + *) Add the configuration target linux-s390x. + [Neale Ferguson via Richard Levitte] + *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag variable as an indication that a ClientHello message has been -- 2.25.1