Add a few more bug fixes to the ChangeLog

author: Theo Buehler <tb@openbsd.org> 2020-12-08 18:49:51 +0100
committer: Theo Buehler <tb@openbsd.org> 2020-12-08 18:49:51 +0100
commit: 69968ab38e0a03a66e96a4d48d51cc74a5c64473 (patch)
tree: 0fcae544555ea83c4308127024607f55fce7ec7a
parent: c50f8e2c6c066be053a2886cfddc41992fb2ca82 (diff)
download: portable-69968ab38e0a03a66e96a4d48d51cc74a5c64473.tar.gz
portable-69968ab38e0a03a66e96a4d48d51cc74a5c64473.tar.bz2
portable-69968ab38e0a03a66e96a4d48d51cc74a5c64473.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index d65412e..0a7dc36 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,18 @@ LibreSSL Portable Release Notes:
        * Malformed ASN.1 in a certificate revocation list or a timestamp
          response token can lead to a NULL pointer dereference.
+        Bug fixes
+        * Move point-on-curve check to set_affine_coordinates to avoid
+          verifying ECDSA signatures with unchecked public keys.
+        * Fix SSL_is_server() to behave as documented by re-introducing the
+          client-specific methods.
+        * Avoid undefined behavior due to memcpy(NULL, NULL, 0).
+        * Mark a few more internal static tables const.
 3.3.0 - Development release
        * Make openssl(1) s_server ignore -4 and -6 for compatibility with
author	Theo Buehler <tb@openbsd.org>	2020-12-08 18:49:51 +0100
committer	Theo Buehler <tb@openbsd.org>	2020-12-08 18:49:51 +0100
commit	69968ab38e0a03a66e96a4d48d51cc74a5c64473 (patch)
tree	0fcae544555ea83c4308127024607f55fce7ec7a
parent	c50f8e2c6c066be053a2886cfddc41992fb2ca82 (diff)
download	portable-69968ab38e0a03a66e96a4d48d51cc74a5c64473.tar.gz portable-69968ab38e0a03a66e96a4d48d51cc74a5c64473.tar.bz2 portable-69968ab38e0a03a66e96a4d48d51cc74a5c64473.zip

diff --git a/ChangeLog b/ChangeLog index d65412e..0a7dc36 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -33,6 +33,18 @@ LibreSSL Portable Release Notes:
33	* Malformed ASN.1 in a certificate revocation list or a timestamp	33	* Malformed ASN.1 in a certificate revocation list or a timestamp
34	response token can lead to a NULL pointer dereference.	34	response token can lead to a NULL pointer dereference.
35		35
		36	Bug fixes
		37
		38	* Move point-on-curve check to set_affine_coordinates to avoid
		39	verifying ECDSA signatures with unchecked public keys.
		40
		41	* Fix SSL_is_server() to behave as documented by re-introducing the
		42	client-specific methods.
		43
		44	* Avoid undefined behavior due to memcpy(NULL, NULL, 0).
		45
		46	* Mark a few more internal static tables const.
		47
36	3.3.0 - Development release	48	3.3.0 - Development release
37		49
38	* Make openssl(1) s_server ignore -4 and -6 for compatibility with	50	* Make openssl(1) s_server ignore -4 and -6 for compatibility with