Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
9 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 4dc83677 编写于 作者: B Bodo Moeller
浏览文件
操作

Sync CHANGES and NEWS files. 

(Various changes from the master branch are now in the 1.0.2 branch too.)
上级 ca567a03
展开全部 隐藏空白更改
内联 并排
Showing with 446 addition and 241 deletion
CHANGES
浏览文件 @ 4dc83677
此差异已折叠。
NEWS
浏览文件 @ 4dc83677
...@@ -5,10 +5,17 @@ ...@@ -5,10 +5,17 @@
This file gives a brief overview of the major changes between each OpenSSL This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file. release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:
o Corrected fix for CVE-2013-0169
Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d: Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
o Include the fips configuration module. o Include the fips configuration module.
o Fix OCSP bad key DoS attack CVE-2013-0166
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
o Fix for TLS AESNI record handling flaw CVE-2012-2686
Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c: Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
...@@ -40,6 +47,15 @@ ...@@ -40,6 +47,15 @@
o Preliminary FIPS capability for unvalidated 2.0 FIPS module. o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
o SRP support. o SRP support.
Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k:
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
o Fix OCSP bad key DoS attack CVE-2013-0166
Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j:
o Fix DTLS record length checking bug CVE-2012-2333
Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i: Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i:
o Fix for ASN1 overflow bug CVE-2012-2110 o Fix for ASN1 overflow bug CVE-2012-2110
...@@ -116,6 +132,15 @@ ...@@ -116,6 +132,15 @@
o Opaque PRF Input TLS extension support. o Opaque PRF Input TLS extension support.
o Updated time routines to avoid OS limitations. o Updated time routines to avoid OS limitations.
Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y:
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
o Fix OCSP bad key DoS attack CVE-2013-0166
Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x:
o Fix DTLS record length checking bug CVE-2012-2333
Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w: Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w:
o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110) o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册