Added 1.1.8 and 1.2.9 release

This commit is contained in:
Paul Bakker 2013-09-26 10:12:19 +02:00
parent f18084a201
commit c13aab18dc

View file

@ -1,4 +1,4 @@
PolarSSL ChangeLog
PolarSSL ChangeLog (Sorted per branch, date)
= PolarSSL-1.3.0 released on 2013-09-26
Features
@ -61,6 +61,21 @@ Security
* RSA blinding on CRT operations to counter timing attacks
(found by Cyril Arnaud and Pierre-Alain Fouque)
= Version 1.2.9 released 2013-09-25
Changes
* x509_verify() now case insensitive for cn (RFC 6125 6.4)
Bugfix
* Fixed potential memory leak when failing to resume a session
* Fixed potential file descriptor leaks (found by Remi Gacogne)
* Minor fixes
Security
* Fixed potential heap buffer overflow on large hostname setting
* Fixed potential negative value misinterpretation in load_file()
* RSA blinding on CRT operations to counter timing attacks
(found by Cyril Arnaud and Pierre-Alain Fouque)
= Version 1.2.8 released 2013-06-19
Features
* Parsing of PKCS#8 encrypted private key files
@ -257,6 +272,17 @@ Security
* Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
Vanderbeken)
= Version 1.1.8 released on 2013-09-25
Bugfix
* Fixed potential memory leak when failing to resume a session
* Fixed potential file descriptor leaks
Security
* Potential buffer-overflow for ssl_read_record() (independently found by
both TrustInSoft and Paul Brodeur of Leviathan Security Group)
* Potential negative value misinterpretation in load_file()
* Potential heap buffer overflow on large hostname setting
= Version 1.1.7 released on 2013-06-19
Changes
* HAVEGE random generator disabled by default