diff options
Diffstat (limited to 'doc/relnotes/1_10_6.rst')
| -rw-r--r-- | doc/relnotes/1_10_6.rst | 47 |
1 files changed, 0 insertions, 47 deletions
diff --git a/doc/relnotes/1_10_6.rst b/doc/relnotes/1_10_6.rst deleted file mode 100644 index 241ab801c..000000000 --- a/doc/relnotes/1_10_6.rst +++ /dev/null @@ -1,47 +0,0 @@ -Version 1.10.6, 2013-11-10 -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -* The device reading entropy source now attempts to read from all - available devices. Previously it would break out early if a partial - read from a blocking source occured, not continuing to read from a - non-blocking device. This would cause the library to fall back on - slower and less reliable techniques for collecting PRNG seed - material. Reported by Rickard Bellgrim. - -* HMAC_RNG (the default PRNG implementation) now automatically reseeds - itself periodically. Previously reseeds only occured on explicit - application request. - -* Fix an encoding error in EC_Group when encoding using EC_DOMPAR_ENC_OID. - Reported by fxdupont on github. - -* In EMSA2 and Randpool, avoid calling name() on objects after deleting them if - the provided algorithm objects are not suitable for use. Found by Clang - analyzer, reported by Jeffrey Walton. - -* If X509_Store was copied, the u32bit containing how long to cache validation - results was not initialized, potentially causing results to be cached for - significant amounts of time. This could allow a certificate to be considered - valid after its issuing CA's cert expired. Expiration of the end-entity cert - is always checked, and reading a CRL always causes the status to be reset, so - this issue does not affect revocation. Found by Coverity scanner. - -* Avoid off by one causing a potentially unterminated string to be passed to - the connect system call if the library was configured to use a very long path - name for the EGD socket. Found by Coverity Scanner. - -* In PK_Encryptor_EME, PK_Decryptor_EME, PK_Verifier, and PK_Key_Agreement, - avoid dereferencing an unitialized pointer if no engine supported operations - on the key object given. Found by Coverity scanner. - -* Avoid leaking a file descriptor in the /dev/random and EGD entropy sources if - stdin (file descriptor 0) was closed. Found by Coverity scanner. - -* Avoid a potentially undefined operation in the bit rotation operations. Not - known to have caused problems under any existing compiler, but might have - caused problems in the future. Caught by Clang sanitizer, reported by Jeffrey - Walton. - -* Increase default hash iterations from 10000 to 50000 in PBES1 and PBES2 - -* Add a fix for mips64el builds from Brad Smith. |