2014/04/08 09:45 roberto@pierot * released openssl-1.0.1g-flx2.1 : TLS heartbeat read overrun (CVE-2014-0160) Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack (CVE-2014-0076) upgrade includes code from these patches which have been removed: - 0004-typo.patch (CMS_decrypt mismatch rcert with NULL) - 0005-Fix-bug-in-X509_V_FLAG_IGNORE_CRITICAL-CRL-handling.patch - 0006-Omit-initial-status-request-callback-check.patch - 0007-Use-default-digest-implementation-in-dgst.c.patch - 0008-Add-loaded-dynamic-ENGINEs-to-list.patch 2014/02/06 18:58 roberto@pierot * released openssl-1.0.1f-flx2.3 : 0004-typo.patch (CMS_decrypt mismatch rcert with NULL) 0005-Fix-bug-in-X509_V_FLAG_IGNORE_CRITICAL-CRL-handling.patch 0006-Omit-initial-status-request-callback-check.patch 0007-Use-default-digest-implementation-in-dgst.c.patch 0008-Add-loaded-dynamic-ENGINEs-to-list.patch 0009-Backport-TLS-padding-extension-from-master.patch 2014/02/03 10:58 roberto@pierot * released openssl-1.0.1f-flx2.1 2013/12/16 20:21 roberto@pierot * released openssl-1.0.1e-flx2.2 warning header to openssl.cnf 2013/10/09 11:54 roberto@pierot * released openssl-1.0.1e-flx2.1 2013/01/21 15:50 willy@pcw.home.local * released openssl-1.0.1c-flx2.4 * fix build for any arm* platform 2013/01/14 14:08 willy@wtap * released openssl-1.0.1c-flx2.3 2012/12/31 11:33 willy@wtap * restored correct optimizations ; previous patch removed -O3 in favor of -Os which is slower (-2% measured) * removed obsolete flag -DSSL_ALLOW_ADH added by previous patch and which was removed in 0.9.5 in 2000 ! * removed forced options that are wrong on some platforms. The correct optimization options are already implied by the target OS. * added again support for ARM and SPARC which benefit from assembly code * added some error control in do_compile_only() 2012/10/08 10:26 emeric@ebr-laptop * released openssl-1.0.1c-flx2.2 * Fix missing optims and cipher patch. 2012/06/01 11:00 djc@wks-ddc.exosec.local * released openssl-1.0.1c-flx2.1 2011/10/07 11:34 willy@wtap * released openssl-0.9.8r-flx2.2 * use the arch-specific objdump utility * default architecture is not necessarily x86 2011/07/11 13:05 wlallemand@wlallemand-desktop * released openssl-0.9.8r-flx1.1 * upgrade to 0.9.8r * i586 and x86_64 packages 2010/11/30 15:32 emeric@ebr-laptop * released openssl-0.9.8p-flx1.1