Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/openssl/openssl.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/CHANGES
diff options
context:
space:
mode:
authorLutz Jänicke <jaenicke@openssl.org>2003-01-15 17:56:47 +0300
committerLutz Jänicke <jaenicke@openssl.org>2003-01-15 17:56:47 +0300
commit0748cdc7f1775deac6b5bc0d583c7caa219a16b8 (patch)
tree986291f1aa413b5395383ee541d1953eeae68fe5 /CHANGES
parentb2c71c489ddeb82a551171d5cb9c80eb36375c30 (diff)
Fix initialization sequence to prevent freeing of unitialized objects.
Submitted by: Nils Larsch <nla@trustcenter.de> PR: 459
Diffstat (limited to 'CHANGES')
-rw-r--r--CHANGES6
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 85bd963ae9..863a975a88 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@
Changes between 0.9.7 and 0.9.7a [XX xxx 2003]
+ *) DSA routines: under certain error conditions uninitialized BN objects
+ could be freed. Solution: make sure initialization is performed early
+ enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
+ Nils Larsch <nla@trustcenter.de> via PR#459)
+ [Lutz Jaenicke]
+
*) Another fix for SSLv2 session ID handling: the session ID was incorrectly
checked on reconnect on the client side, therefore session resumption
could still fail with a "ssl session id is different" error. This
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 05:38:38 +0300