Change in default behavior from 1.0.1g to 1.0.1h

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Change in default behavior from 1.0.1g to 1.0.1h

Andy Schmidt
I just tracked down an obscure bug in our certificate authentication
code to a change in in the global mask for ASN.1 strings in
I have a couple of questions about this:

1. Was this change made for a security related reason?
That is, by changing global_mask back to the 1.0.1g initialized value,
are we introducing a security vulnerability?

2. Is there a changelist somewhere in the source tarball that lists
the 1.0.1g to 1.0.1h revisions? Or a list that outlines changes in the
default settings?
This would be extremely helpful to incorporating newly released 1.0.1
subversions. The file CHANGES appears to only list security

Any help is greatly appreciated.

Andy Schmidt
OpenSSL Project                       
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]