Current OpenSSL-Bugs Milestones and Bugs

6 items todo for release: 0.9.7e  
312 gcc warning in bss_bio.c  
356 Bug in CRLF translation in PKCS7_sign  
447 [Fwd: Bug#176058: openssl: Should ask password only after basic input validation] Nice to have 
465 [patch] X509_LOOKUP_hash_dir with multiple directories problem  
468 When server session cache fills up...  
678 Crash in lhash code in openssl 0.9.7a  
18 items todo for release: 0.9.8  
11 Fw: trustway pkcs11 engine for openssl Nice to have 
44 OpenSSL_add_all_algorithms problems in Win32 Normal 
61 OPENSSL_SYS_MSDOS is confusing Normal 
92 Prototypes SSL_write() & SSL_read() problem in openssl/ssl.h for 64-bit applications  
136 [Fwd: Bug#151197: openssl: verify should fail when verification fails] Normal 
153 Public API for sending SSL/TLS alerts wanted Nice to have 
181 Makefile enhancement requests Normal 
266 [PATCH] Proposed proxy client functionality in s_client Nice to have 
270 API: certificate chain handling incomplete  
438 SCEP Nice to have 
448 [Fwd: Bug#176062: openssl: Expired certificates and recertification] Normal 
478 make uninstall Wishlist 
480 Support for local ip address binding for connect BIO's. Nice to have 
601 extend opensslconf.h to have a flag for every available feature  
773 No OAEP support for S/MIME Wishlist 
1155 openssl-0.9.8 causes MS Windows fatal error when executing 'openssl exngine xxx' Critical 
1336 OpenSSL support for Kerberos Critical 
1349 Error passing password with stdin Normal 
1038 items not filed  
536 Bug in kssl ?  
547 SSL_CTX_free messes with external session cache  
549 Enhancemant Request  
573 Possible bug in conf parser  
582 Contribution: Support for VisualStudio 6  
589 Re :"Possible stack overflow in openssl-0.9.7b" (fwd)  
590 BUG REPORT: X509_get_signature_type() returning NID_undef  
594 enhancement request  
597 SSL_set_session() problem (?)  
598 OpenSSL: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry  
611 Fw: Bug in SSL_Shutdown?  
635 Manual pages.  
636 Example in man page for BIO_new_bio_pair incorrect?  
646 Fix for Linux problems using TERMIOS  
651 submission: GOST objects  
671 [patch, 0.9.7b] export (i2s|s2i|i2v|v2i)_ASN1_(IA5|BIT)STRING  
684 Memory Leaks in RSA_eay_private_decrypt  
696 SSLv2: server requires client certificate despite SSL_VERIFY_PEER  
706 PATCH suuport FreeBSD amd64  
719 BUG: Incorrect child exit status handling in Configure 0.9.7c  
721 BUG: Short passwords not allowed 0.9.7c  
724 RQ: Library name unification for Win32 possible?  
736 0.9.6k another misuse of RSA_size()  
738 enhancement request  
782 IBM patches to OpenSSL-0.9.7c  
783 ASN1_INTEGER_get/ASN1_INTEGER_set patch  
784 Library cleanup functionality  
786 0.9.7: OPENSSL_NO_SHA flag  
787 New target platform  
791 CBC padding patch for FIPS-81  
795 Uninitialized Variables, Prototype Mismatches, Portability  
796 bug & fix: "compatibility_version" incorrect in 0.9.7c on OSX 10.3.1  
798 Adding fieldName_required to req command (TSU NOTIFICATION)  
799 extending openssl config to add X509v3 extension support  
803 Probs with win32 builds of openssl-0.9.7c  
805 base64 BIO too picky about whitespace  
809 enc(1) exits with 0 even after write errors  
828 [PATCH] "openssl smime -verify" on binary files  
838 REQ: Creating a BIO from a FILE* should retain (TEXT) access modes  
839 Patch pk7_lib.c:PKCS7_get_recip_info()  
843 EBCDIC patches for 0.9.7c  
844 [Fwd: Bug#235600: openssl: CA.pl and -signcert: some minor issues]  
880 Client error  
898 CRYPTO_dbg_malloc multithread bug  
911 Passing in an OAEP padding parameter  
913 [PATCH] pkcs11 engine  
916 Bug Report  
936 Bug in smime-command mime format  
937 uid  
953 PKCS7: sign data without keeping it in the memory  
954 CloseClient: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry  
955 Implementation of SSL_SESSION_get_session_id  
980 "-starttls smtp" not standard compliant and leads to misleading "unknown protocol" error  
981 openssl-0.9.7e fail in X509_OBJECT_idx_by_subject/sk_find/sk_sort  
984 X509_NAME modified bit doesn't cover entry data changes.  
992 RSA_check_key() should have a callback argument  
1003 Request: entropy gathering  
1007 bug report: EVP_SealInit  
1013 test idea exits with error but tests are OK  
1015 don't use O_NOFOLLOW on Solaris...  
1019 renegotiation failure - bug report.  
1027 bug report  
1029 Linking Error  
1033 BUG REPORT : Unreachable code in OpenSSL 0.9.7f  
1051 SSL_CTX_set_default_paths  
1052 openssl ca: generate subjectAltName from config  
1055 [Fwd: Bug#272281: include musclecard engine support in openssl]  
1062 [Fwd: Bug#295449: openssl: x509 -CAserial no longer works]  
1065 [Fwd: Bug#247435: openssl: pkcs12: MAC verify should be quieter]  
1067 OpenSSL symmetric crypto padding check incompatible with XMLENC  
1068 X509_NAME_add_entry: inserting with loc == 0 and set == 0 creates wrong set  
1093 dhparam file test  
1099 Problem with keysize operations  
1104 [Bug Reoprt] -days parameter overflow  
1132 Re: submission of OpenSSL changes  
1154 Bug report - broken links on www.openssl.org  
1162 add a "discover-server-ciphers" to s_client  
1163 add a "list-client-ciphers" option to s_server  
1164 BUG: namespace pollution in openssl 0.9.8  
1165 Bug Report  
1166 Search for Signature File  
1169 Crash in OpenSSL - write_pending  
1174 ectest and libefence  
1181 [PATCH] adds RFC 3280 compatible mail attribute  
1187 Openssl - unable to load from /usr/local/ssl/openssl.cnf on win nt  
1189 Bug Report and Patch : -subj option of the req command does not refer openssl.cnf to check the minimum and maximum limits of each field  
1193 gcc depracated "-mcpu=" option  
1208 Any plans to support SMIME v3 (i.e. RFCs 3850/3851 or 2632/2633)?  
1215 Bug Report for OpenSSL  
1216 Solaris 10, SunStudio 10 how-to  
1222 Please introduce versioned symbols  
1227 Runnning openssl test  
1232 [PATCH] Flush s_server stdout after state change completed  
1234 Failing to load zlib.so results in other errors later.  
1241 apps/s_client.c: 2 changes in initial handshake  
1244 changing TMP_D causes build to fail  
1255 about S/MIME sign code.  
1290 [PATCH] Convert destest.c to use DES_* functions.  
1291 [PATCH] Remove old libdes support?  
1292 SSL_add_dir_cert_subjects_to_stack does not check for read access of file, breaking TLS enabled LDAP clients  
1295 Crash in ssl3_write_pending  
1298 OpenSSL bug in libcrypto.so:RAND_poll() crashes apache2 @ startup  
1325 patch for c_rehash to accept more filename extensions  
1327 Bug in openssl/util/mkdef.pl (HEAD)  
1328 FW: (Repost) SSL_shutdown and SSL_free issues  
1351 Bug Report - error generating a cert request  
1353 memory leak in EVP sign and verification functions  
1369 BUG Openssl executable 0.9.8a (Unix) fails when setuid/setgid  
1378 Contribution: twopipe patch for speed test  
1379 Build failure on cygwin: #error MDC2 is disabled  
1386 Bug Report OpenSSL  
1400 spurious CRs in S/MIME clearsigned mails  
1401 Proxy module  
1412 [BUG] race/leak in X509_PUBKEY_get  
1416 [PATCH] display UPN if in subjectAltName  
1423 New releases on announce mailing list  
1424 Re: CRL update revision for X509_add_crl  
1425 Request: make X509_NAME_oneline() use same formatter as X509_NAME_print_ex()  
1444 Insufficient error reporting in openssl ca  
1449 [PATCH] Suspend and reinstate certificates in CA application  
1450 Please include this config in furture configuration files  
1454 RSA key exponents different from 3 and F4  
1466 X.509 name's printing  
1470 [PATCH] fix some memory leaks in asn1 crypto  
1482 [PATCH] add "ciphertext stealing" support to the EVP library  
1487 ssl v3 session resume failure -NO INTERNAL LOOKUP- version 0.9.8d  
1491 [BUG][PATCH] malloc and friends returns not checked  
1505 [patch] ssl/s3_pkt.c  
1509 bug report: www.openssl.org http server sending wrong Content-Encoding header  
1518 [PATCH] Securing private RSA keys  
1519 Possible bug in Windows Vista  
1520 request for checking if -in and -out files are same  
1522 [PATCH] fail to assert "pkeyp" and "x509p" variables in demos/x509/mkcert.c  
1523 Re: how to extract signature from public key using openssl?  
1534 [Bug report] Verification fails caused by too many CA certs  
1535 Show RFC3779 status in version app  
1536 bug report  
1540 apps.c:app_get_pass -- bug with -pass{in,out} on same file:filename  
1541 quick patch in ssl/t1_enc.c  
1542 others quick patches for memory leaks in pk7_smime.c and pk7_mime.c  
1543 memory leak in crypto/asn1/x_x509a.c  
1544 bug report: openssl applications crashing due to uninitialized variables  
1550 [bug report] openssl-0.9.7a segfault in lh_insert  
1553 mscrypto engine for 0.9.8  
1556 CRYPTO_set_id_callback/CRYPTO_set_idptr_callback issues  
1567 idea.h installation in 0.9.7m branch  
1570 Bug Report: makevms OpenSSL 9.8.e  
1571 Bug Report: OpenSSL 9.8.e  
1579 [PATCH] Check fgets return value  
1584 INSTALL.W32 Configure prefix must be unix format directory delimeters  
1600 Man page bugs  
1601 Open SSL Error on dshxsun9  
1605 ECDSA memory leak bug report  
1608 [BUG] SSL_get_error returns SSL_ERROR_SSL if read() returns -1 / EINTR  
1615 [PATCH] Using uninitialized value "(c).q"  
1617 Bug report: RAND_poll problem on Solaris - select call failing  
1623 Bug report: default CA certs file path ignored  
1631 OpenSSL loading engines multiple times in interactive mode  
1633 Bug - MayBe  
1634 [PATCH] FIPS186 PRNG for OpenSSL  
1636 OpenSSL AES test issue  
1639 BUG in BN_mod_inverse  
1642 patch purify errors  
1643 Less random source on windows due to wrong error handling of CryptoGenRandom  
1656 Clients compiled with tls extention can't talk to some servers.  
1658 Request for help: rc2test error  
1665 Contribution of aes.pod  
1666 0.9.8g req for existing RSA may need entropy  
1670 SSL_CTX_load_verify_locations() fails without error with invalid files  
1673 ssl handshake failure when protocol specified (0.9.8g)  
1675 RSA_set_method(3) inconsistency  
1678 PATCH: Timeout bugs on windows in RAND_poll()  
1680 Possible Bug: x509_name_ex_d2i segmentation fault under IA-64  
1682 BIO_snprintf can NOT work properly on HPUX 11.23 IA for 32bits mode  
1683 OPENSSL_NO_{RSA,DSA,DH} defines not honored  
1688 Re: [PATCH] Fix parallel build  
1690 BN_GF2m_mod_arr() infinite loop  
1697 openssl 2.2.8g: failure to check the return value of sk_new_null() in /apps/pkcs12.c, ocsp.c, engine.c and cr12p7.c  
1698 potential bugs discovered by interprocedural code analysis for version 0.9.8g of Openssl  
1704 bug report, Windows VC-32 debug build  
1705 Infinite loop in BN_GF2m_mod_arr  
1711 DTLS: Handshake does not detect missing/incomplete records in flight.  
1714 DTLS: Memory leak when server receives close alert from unknown peer  
1715 DTLS: Finished message is not buffered for retransmition  
1716 Bug report for DTLS  
1718 OpenSSL 0.9.8h Possible Bug with SSL_read timeout  
1719 Bug Report  
1721 compilation error on ubuntu hardy x86_64  
1723 enhancement request  
1729 Bug in add_cert_dir - crypto/x905/by_dir.c  
1730 Nice to have, Enhancement, Patch: Add support for xmpp in s_client starttls  
1733 Facing problem with ssleay.dll  
1734 Enhancement Request: for dsaparam to have 2 number inputs for "p" and "q". Tested version of openssl 0.9.8g  
1737 [PATCH openssl 0.9.8g] s_client: add sieve starttls protocol support  
1739 [PATCH] [openssl 0.9.8c] Using a private key in an engine to timestamp.  
1740 enhancement contribution to the req command  
1744 SSL_CTX_set_tmp_dh(3ssl) man page feedback  
1746 bug report: minor output bug in x509 rsa public keys? (with possible patch)  
1747 capi engine and mingw  
1755 config silently ignores standard compiler search path on AIX and reverts from gcc to cc  
1756 PATCH: v3_addr_canonize() needs to set comparision function  
1766 [PATCH] s_client -reconnect and -starttls don't work together  
1767 bug of EVP_Cipher when use openssl engine  
1769 bug report: Array overruns  
1771 CVS Head crypto/jpake/Makefile - missing install rule?  
1775 0.9.9-today: bug: size_tification missed a few spots --> compile issues on native Win32/64 + SuSE64: patch/diff included  
1781 make makefiles traceable in 0.9.8i  
1797 re: unable to verify timestamps sgined with a certificate that is now expired  
1798 patch requested for safestack  
1804 bug report: minor fixes to EVP_EncryptInit.pod  
1808 enc(1) Salt option: -S  
1815 [PATCH] Constness improvements  
1816 bug in DES_xcbc_encrypt() for decrypting 8 bytes of input (?)  
1817 smime does not add CRs  
1818 RSA_verify man page not accurate  
1819 Calls to OBJ_txt2nid for a non-registered objects adds bogus "first num too large" errors from a2d_ASN1_OBJECT  
1820 mem leak BN_mpi2bn  
1825 Segmentation Fault  
1830 [PATCH] TLS Key Material Extractor  
1832 PATCH: force IPv4/IPv6 for s_client  
1848 Bug found in BN_is_prime_fasttest_ex( )  
1850 Bug Report--openssl crashes at SSL_write()  
1852 [BUG] Invalid Proxy Certificates Pass Validation  
1865 BIO printf() - floating point BIO_printf() et al support bug fix + extras (patch included)  
1867 Fw:About OpenSSL crashed in 0.9.8g  
1872 [PATCH] Change 'Q' and 'R' behavior in s_client  
1873 SMIME_write_PKCS7 and CRLF in base64 signature  
1875 Fwd: [PATCH] Small bug fixes and coding style corrections  
1876 cross compilation patch from TANDBERG  
1877 Static code analysis  
1878 [PATCH] Fix RSA blinding locking hole  
1885 [PATCH] PSK support for 0.9.8j  
1886 [PATCH] Null chiper support PSK/PKI for 0.9.8j  
1893 Fwd: X509_STORE_add_crl does not replace CRLs  
1909 bug report: OpenSSL can generate invalid version 1 certificates  
1911 Please add 'rsa3072' to openssl speed  
1912 BIO_printf/BIO_vprintf error in 0.9.8k  
1915 Bug Report : Abort when race condition occurs in ERR_get_state  
1916 [PATCH] Fix for memleaks, use after free and optimizations  
1919 Bug in buffer_ctrl in BIO_f_buffer?  
1927 [PATCH] openssl ocsp app to autodetect ocsp_uri and issuer  
1928 interface bug on Windows 64  
1941 Missing man page: c_rehash(3ssl)  
1948 [PROPOSAL] change ecdsatest,enginetest to fit into 8.3 naming scheme  
1956 [enhancement request] load_key in ts.c  
1964 [PATCH 02/14] Only use gcc if CC has not been provided.  
1971 [PATCH 09/14] Only test speeds up to 4K packets.  
1975 [PATCH 13/14] Add support for CPU usage reporting.  
1982 Bug report - crash in SSL_write  
1988 OpenSSL 1.0.0 Beta 3 minor bug report  
2008 RFE: disable default verify paths in s_client  
2011 block cipher pad is wrong  
2014 Feature request: RFC 5126  
2016 feature request: SHA2 and ECC ciphersuites.  
2017 Error in installing open-ssl software  
2018 BUG: rsautl reports "RSA operation error" when decryption output is empty  
2021 sni bug  
2024 [doc bug] missing .pods  
2030 bug report: bn_rand function  
2108 [PATCH] Message digest functions  
2119 Patch for dgst Man Page  
2123 Buggy openssl header causes compilation errors  
2146 [Fwd: Re: unexpected message during renegotiate attempt]  
2150 make -n install DOES ACTUALLY INSTALL everything  
2163 OpenSSL 1.0.0-beta5: header clean ups  
2166 Incompatibility with IBM Rational Purify  
2172 [BUG] Incorrect input checking in openssl enc  
2176 OPENSSL_ia32cap_loc() inconsistent  
2185 security vulnerability fixed  
2187 winsock.h inclusion in dtls1.h (bug?)  
2189 Bug Report  
2193 bug report openssl-0.9.8m crypto/bio/bss_dgram.c  
2196 openssl1.0.0beta5 problems on FreeBSD  
2201 1.0 beta5, Solaris cc compile options  
2203 [PATCH] fix fallback to default verify paths  
2205 bug report: ECDSA in TLS handshake  
2206 [PATCH] Implicitly support non-delegated OCSP response signing  
2210 man EVP_DigestInit(3) example little omission  
2213 Unable to read Class 3 type CA certificates properly using EVP_EncodeUpdate & EVP_EncodeFinal functions.  
2216 OBJ_NAME_* and EVP_PBE_*interfaces are not MT-safe  
2217 OpenSSL_add_all_algorithms() (and similar) aren't very suitable for library use  
2222 RFC5081 support  
2227 [PATCH] Define OPENSSL_SYS_BSD  
2232 OpenSSL 1.0.0 - Mac OS X Univesal Binary Build Link errors  
2234 PATCH to fix broken c_rehash's $openssl derivation  
2236 Snow Leopard (non macports) fails to link with default options  
2237 Building Openssl on OpenVMS using "extended parse-style"  
2238 RE: Memory leak in \crypto\objects\o_names.c in method 'OBJ_NAME_add'.  
2242 Win64 build enhancements  
2243 [patch] s_client.c: segmentation fault  
2248 CVS HEAD: bug in evp_locl.h - wrong number of bytes/bits passed to encrypt routine in loop  
2256 CVS HEAD: question: must this be hardcoded '8' or is it 'md_len' in disguise? :-S  
2257 CVS HEAD: [quite probable] bug in ssl3_write: does not indirect through callback like it sibling ssl3_read  
2267 Thread-safety issue: build_SYS_str_reasons() calls strerror()  
2270 CVS HEAD: bugfix for BIO printf() code: floating point does not print + other wrongs in that code path  
2272 PATCH: add -compat_old option to c_rehash (vs. OpenSSL-1_0_0-stable)  
2274 SSL demo programs in openssl-1.0.0  
2280 Bug in 1.0.0: X509_VERIFY_PARAM_new does not check malloc return value  
2281 Bug in 1.0.0: SSL_new() leaks s->param if s->method->ssl_new() fails  
2282 [PATCH] Add PVK to usage of rsa and dsa commands  
2285 [patch] use winsock2.h  
2286 ElGamel over ECC  
2287 A bug of PKCS8?  
2288 [PATCH] Support optional caching of the certificate chain when using external session caching  
2289 [PATCH 1/3] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it properly  
2290 [PATCH 2/3] apps/speed: fix digest speed measurement and add hmac-sha1 test  
2291 [PATCH 3/3] engine/padlock: implement sha1/sha224/sha256 acceleration  
2298 Build failure on WinCE platform openssl-1.0.0 & 1.0.0a  
2299 [PATCH] Null cipher support PSK/PKI for 1.0.0  
2300 BUG REPORT: md2(3)/md5(3) man page HISTORY section inconsistency  
2301 Re: Slow crypto initialization.  
2303 BUG: rc5_skey.c:122: error: unsupported inline asm while trying to compile with llvm-2.7  
2308 safestack.h not declared extern "C"  
2310 OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability  
2317 Whitespace bug in ./config for Openssl 1.0.0a (OS X 10.6.4)  
2318 [PATCH] Fix hurd-x86 target  
2320 enhancement request  
2324 convert c_rehash from perl to POSIX shell  
2325 memory corruption after libssl is unloaded from memory  
2330 [BUG] lack of debug-mingw build target. just mingw and ming64.  
2336 SKM_ASN1_SET_OF_d2i macro is broken  
2337 [PATCH] Openssl asm BN/AES/SHA1 acceleration for SH4 and MIPS32  
2348 OpenSSL doesn't work with Linksys WRT54G  
2349 build problems with 1.0.0a windows 64 bit AMD  
2352 PATCH: Add new extended key usage ipsecIKE  
2354 [PATCH] Increase Default RSA Key Size to 2048-bits  
2355 Support for SHA2 ciphersuite in TLS  
2357 openssl-1.0.0a -- PATCH for 'make -n install'  
2362 Bug report  
2363 bug: memory allocated by DH_new() may never be free()ed  
2364 [patch] add proper dependencies to fix parallel build  
2369 mail/rfc822Mailbox should be encoded as IA5String, not DirectoryString  
2378 Bug report: interoperability problem  
2379 Bug: bio_set_accept_port does not accept * as a port  
2383 OpenSSL line break bugs  
2384 [PATCH] no-hw Install Fail  
2386 Bug Report and Patch: Incompatible types in SKM_ASN1_SET_OF_d2i  
2387 [PATCH] wrong handling of CAfile/CApath in s_client  
2388 out-of-date comment for renegotiation handling  
2389 [PATCH] Supporting the -md and -sigopt options in OCSP utility  
2391 [PATCH] Clarify usage text for "x509" and "req" commands regarding supported signing digests  
2392 Haiku patch for openssl-1.0.0c  
2398 [PATCH] gost code cleanup  
2400 [Bug Report and Patch] Missing initialization in ASN1_STRING_to_UTF8  
2401 PATCH: Spelling corrections in FAQ  
2402 PATCH: config and Configure for Xcode Awareness  
2405 AIX 5.3 ./config hangs forever  
2406 Argument type warning on i2d_ASN1_SET  
2414 [critical bug]openssl1.0.0c coredump, if compile option "shared" is enabled  
2415 [possible bugs]insignificant bugs in md_rand.c?  
2419 1.0.0c build on Intel Core i3 ignores my "--prefix=" option, installs in /usr. How to fix?  
2420 patch enabling OpenSSL to be built with LSB compilers  
2421 [PATCH] Fix function signature of SSL_set_tmp_dh_callback in man page  
2422 Re: What is the REALLY proper way to use an ENGINE?  
2426 [PATCH] fix Borland C++ 5.5 compilation  
2427 [PATCH] fix Borland C++ 5.5 redefine  
2428 [PATCH] fix Borland C++ 5.5 compilation /2  
2429 [PATCH] fix Borland C++ 5.5 compilation /3  
2431 Member of Te4 in aes_core.c needs to be cast to u32 before being shifted  
2433 Const char * parameter of ASN1_STRING_set_default_mask_asc  
2436 pkcs12 enhancements  
2437 [PATCH] config on aix assumes cc is not gcc, can cause build to fail  
2439 bug report: memory leak  
2441 Memory leak on OpenSSL 0.9.7f 22 Mar 2005  
2445 openssl-1.0.0c loses base64 data if newline missing  
2447 possible weakness, encryption password truncation (FreeBSD 8.0; OpenSSL 0.9.8n)  
2450 bug report: open ssl configuration problem with "no-idea"  
2451 [PATCH] Enhancement: Telnet START_TLS in s_client  
2452 error at make test  
2454 enable engine key for dsa command  
2455 print dsa pubin/pubout options  
2460 OCSP server uses only IP6  
2461 Windows: Crypto DllMain() invokes getenv() CRT function  
2465 [PATCH] Silence compiler warnings in RFC 3779 code  
2467 undefined reference to `main'  
2472 req command silently ignores digest specifier when using EC signatures (0.9.8 only)  
2473 openssl-0.9.8i : How generate Import libraries for the export symbols in shared libraray  
2476 [PATCH] Underinitialized array ssl_cipher_methods: 1.0.0d-1.0.1-stable-SNAP-20110321: All platforms.  
2477 openssl-1.0.0d build ... make test fail  
2478 ./config shared no-rc2 no-rc4 no-des no-ssl2 ... make test fail  
2479 Fix for runtime exception when linking against win64a static libraries  
2481 Full-duplex SSL/TLS renegotiation failure (reproducible 100% of the time)  
2483 X509 conversions  
2485 Heap walking in RAND_poll causes deadlock in process on Windows Server 2008 R2 (x64) that uses libCurl, OpenSSL and ADO  
2486 OpenSSL script error  
2487 Possible bug  
2488 Fwd: [PATCHv2] Crypto: Eliminate the unneccesary sk_PKCS7_RECIP_INFO_value call  
2489 [PATCH] Crypto: Eliminate the unneccesary "sig" variable usage  
2490 [PATCH] Crypto: Eliminate the unneccesary "tmp_bn" variable usage  
2491 [PATCH] Crypto: Eliminate the unneccesary "vv" variable usage  
2492 [PATCH] Crypto: Eliminate the unneccesary null check  
2493 [PATCH] Engines: Eliminate the unneccesary null check  
2494 [SEC FIX]: Add premaster cleaning for GOST ciphersuites: All platforms, 1.0.0d  
2496 [PATCH] Fix compile problems when various ciphers are disabled  
2498 [PATCH] iOS Support  
2500 [bug-report] Configure with shared option on BSD systems  
2501 Inquiry re possible Itanium issue in 0.9.7m  
2503 openssl-1.0.0d build bug ? i686 build does not define AES_unwrap_key and other symbols on x86_64  
2508 rt website hits cookie error for me  
2509 BUG/ENHANCEMENT: ciphers(1ssl) doesn't list some algos (or their selection is not possible at all)  
2510 [PATCH] Bad time value when issuing openssl x509 -text -in  
2511 OpenSSL.org HTTPS version is broken  
2512 [PATCH] Fix for BIO_new_accept()  
2513 [PATCH] fix spelling error s/paramter/parameter/  
2514 Patch to tsget command in openssl-1.0.0d  
2515 patch - add new aes xts modes to lookup table  
2517 [PATCHES] - Misc misspellings, source and docs  
2518 [PATCHES] - pod2man Errors  
2520 Bug Report  
2521 Enhancement Request  
2523 Patch to use standard RFC 5054 constants and behavior for TLS-SRP (OpenSSL 1.0.1)  
2525 [PATCH] Enhancement: Output Format for req Keys  
2528 setup_engine curious return value  
2530 crypto/dsa/dsa_gen.c::dsa_builtin_paramgen has potential uninitialized seed  
2532 [PATCH] Fix insufficient privilege checking  
2534 Hardcoded MIN_LEN prevents using VALID passphrase from stdin  
2536 Memory leak in d2i_RSA_PUBKEY() (concise test code included)  
2537 potential use of uninitialized variable in x509_lu.c  
2539 bug: OpenSSL 1.0.0d - unexpected DTLS handshake retransmits  
2544 Issues with EVP_VerifyFinal  
2545 Openssl-1.0.0d fails to install on MacBook Air  
2546 [bug report] openssl-1.0.0d, "ecparam" command got error when after first run.  
2547 [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl genrsa creates world readable private key files  
2552 PATCH: add ability to print root certificate 'issuer' field when using openssl verify  
2554 Patch: AF_ALG dynamic engine for linux >= 2.6.38  
2558 [patch] make windres controllable via build env var settings  
2560 missing NULL pointer check in ocsp_req_find_signer  
2561 Memory leak with SSL built-in compressions  
2564 PKCS7_cert_from_signer_info Enhancement Request  
2565 More tolerant detection of XMPP starttls sequence  
2570 Timing related bug in openssl pkcs  
2572 Correct help output in openssl cms  
2574 [PATCH] ECC point coordinate blinding  
2575 [PATCH] remove redundant check in tls code  
2580 RE: Missing MD commands in app/openssl help  
2583 confusing output on windows build in openssl1.0.0d  
2584 ssltest -test_cipherlist bug incorrectly skipping ciphers  
2585 Diffie  
2590 change commonName entry for default openssl config file  
2591 bug report : cryptlib.c : within CRYPTO_thread_id() use pthread_self() instead of getpid()  
2593 [PATCH] 1.0.1-STABLE build fails on VMS  
2595 Capitalize X509 subject key STREET according to rfc1779  
2596 report possible bug in 1.0.0e install.  
2597 bug report (pkcs12.c)  
2599 Support for SHA256 and other MDs in X509 SubjectKeyIdentifier - PATCH  
2600 Inconsistent end of lines  
2601 Support for use of sha256 for certificate comparisons - PATCH  
2604 bug report : openssl 0.9.8r  
2605 Directly Create Public Key File from Cert - PATCH  
2607 openssl compilation with clang crashes  
2609 Bug report: req man page example mistake  
2610 Bug(?): both the "!SSLv3" and the "!TLSv1" cipher strings seem to mutually delete the ciphersuites from the other set as well  
2611 [PATCH] Support of TLSv1 in s_time  
2612 Segfault protection in X509v3 extension API - PATCH  
2615 BIO_flush segmentation fault with SSL BIO  
2616 Missing initialization in the CHIL engine  
2617 pkeyutl fails depending on order of options - PATCH  
2618 PATCH - Wrong exit code for pkeyutl -verify  
2621 (bug report) Core in OpenSSL library while doing LDAP SSL Bind and UnBind  
2622 Buffer overflow using UI_add_input_string  
2626 ENHANCEMENT: please update default_bits to 2048 in default openssl.cnf  
2629 finalize MD2 removal  
2630 Segmentation-fault in ssleay_rand_bytes() after generating a large (INT_MAX) random buffer  
2631 Incompatibility with iOS 5 ?  
2634 Fail to verify server with a trusted CA root in the middle of the chain  
2638 s_client -servername BLAH not honoured with -starttls xmpp  
2640 [PATCH] support xmpp servers in starttls  
2641 Move the libraries needed for static linking to Libs.private  
2642 Bug Report: s_client uses forged/blacklisted EHLO hostname in smtp  
2643 Possible bug in 1.0.0e - make fails when using "no-ecdh" config option  
2649 'make' or 'make install' failed when in another Makefile  
2650 major ssl read/ write performance improvement - updated  
2651 [PATCH] s_client, proxy support  
2654 [PATCH] support LDFLAGS in Makefiles  
2659 Problem with DH Exchange with the Oakley Groups (RFC 2412)  
2660 Makefile error when list of links is empty  
2662 NPN patch breaks DTLS Finished exchange  
2664 config does not allow disabling npn  
2665 s_client support for starttls ldap  
2666 Enhancement request/Bug request (bit of both)  
2667 Add -starttls irc support to s_client  
2668 Compilation failure with IPV6 : patch  
2670 [BUG] OpenSSL 1.0.1 beta 1 released (on VMS FAILED)  
2674 [PATCH] Fix compilation on GNU/Hurd and GNU/kFreeBSD  
2676 1.0.1-beta1 issue: RSA exponent 1 is NOT ok  
2679 1.0.1-beta1 issue: Wrong Error Message for short RSA-key  
2680 1.0.1-beta1 issue: Public EC key is shown as private with -text option  
2684 [PATCH] pod2html build fix  
2688 OpenSSL 1.0.1 beta 2 report on Cygwin 1.5.25  
2689 Sparc Assembler warning: backport cn=22016 to 1.0.1.  
2690 Use of uninitialized value $output in asm/md5-x86_64.pl line 115.  
2691 [Bug] gost89_get_asn1_parameters fails  
2692 [OpenSSL 1.0.1 beta 2] SHLIB_VERSION_NUMBER  
2693 [OpenSSL 1.0.1 beta 2] crypto/ec/ec_key.c - double header inclusion  
2694 [OpenSSL 1.0.1 beta 2] crypto/ts/ts.h - double header inclusion  
2695 [OpenSSL 1.0.1 beta 2] engines/e_aep.c - double header inclusion  
2699 openssl dgst -sha1 -verify ... sais verification failure whet it is ok in a concrete set of data  
2712 Be more liberal when trying to recognize the XMPP starttls headers  
2721 openssl freebsd 8.2 install, compile error  
2722 ssleay_rand_add and ssleay_rand_bytes donot work stably in low resource environment  
2723 [Patch] Fix NULL pointer dereference in EVP_DigestInit_ex with NULL type  
2724 [Patch] Openssl 1.0.1 beta2 - srtp.h defines SSL_get_selected_srtp_profile() twice  
2725 [Patch] Openssl 1.0.1 beta2 - ec_key.c - EC_KEY_generate_key() overwrites user-defined private key  
2726 the linker complain about undefined symbols  
2729 Openssl exe is taking the CR as part of input (password) when we run the exe from a java/C++/command line and press "enter" key from command line  
2731 Bug in OpenSSL 1.0.0g  
2740 infinite loop in nonblocking SSL_shutdown() upon permanent error  
2741 [PATCH] 1.0.1-beta3 fails to build on Windows if --with-fipsdir is used  
2752 objects.txt - update of extended key usage  
2753 Patch: let application explicitly seed RNG on Unix  
2754 Ugly interaction of (openssl x509)'s option -x509toreq with -outform/-text/-noout  
2758 Bug in use of CRYPTO_ex_data  
2759 SSL_read / SSL_ERROR_WANT_READ / ENOTCONN infinite loop  
2766 TLS 1.2 Compliance - IDEA cipher not disabled  
2767 test/testssl script does not exercise TLS 1.2  
2770 openssl cryptodev fixes  
2772 Bug w/ patch: OpenSSL 1.0.1 rejects empty NewSessionTicket  
2773 Openssl Query  
2774 OpenSSL 1.0.1 doesn't compile when configured with "no-tls1"  
2777 OpenSSL 1.0.1 TLS Version Handling Errors  
2779 OpenSSL 1.0.1 doesn't compile with NO_STDIO/NO_FP_API  
2785 Bug RSA x509 key doesn't get generated  
2787 [PATCH] enc: compress before compress/base64 is applied  
2788 Problems with OpenSSL "no-tlsext" option  
2801 Lost alert if client receives bad hello in dtls1_read_bytes  
2808 [PATCH] DTLS/SCTP Finished Auth Bug  
2809 [PATCH] DTLS/SCTP struct authchunks Bug  
2812 BUG: infinite loop when using s_client's xmpp starttls operation  
2814 Bug Report: Cannot compile OpenSSL 1.0.1c with EC  
2815 Windows build with Cygwin perl redirecting output incorrectly  
2818 [patch] Cipher list TLSv1.2 as token; ciphers(1) update  
2819 [patch] Cipher list TLSv1.2 as token; ciphers(1) update  
2820 man pages case (in)sensitivity  
2823 Bug: FTBFS compiling openssl 1.01c with musl libc  
2824 Bug ? - Not Thread-safety for SSL Key usage im requests ?  
2829 OpenSSL port in FreeBSD: DTLS networking problem  
2831 patches for openssl 1.0.1c digest stuff  
2832 Code Cleanup: FULL_UNROLL is unused?  
2833 BIO_CTRL_DGRAM_QUERY_MTU handling is wrong due to bad getsockopt() use  
2839 [PATCH] Support DTLS compatibility with DTLS1_BAD_VER client  
2840 [PATCH] Restore alg_section to 1.0.1c  
2842 [PATCH] trivial: drop spurious end-of-comment token  
2843 [PATCH] trivial: drop another spurious end-of-comment  
2845 Impact on OpenSSL 0.9.8h from upcoming Microsoft patch  
2846 [PATCH 1/4] Remove unfinished/unused code with memory leaks (to silence static analyzer)  
2847 [PATCH 2/4] Don't "check" uninitialized memory  
2848 [PATCH 3/4] Drop auth null check since we've already dereferenced it earlier  
2849 [PATCH 4/4] Drop redundant (since we deref'd it 12 lines earlier) null check  
2851 cms command - Request to handle S/MIME v3.2 mail  
2852 Bug Report, open-ssl-1.0.1c, Ubuntu 11.04, 64-bit, gcc 4.4.5  
2855 [PATCH] Fix forward loops in Squid 3.2  
2856 cryptlib.c: dynlock destroy call during (un)locking  
2857 ssleay32's buffer check bug ?  
2860 [PATCH 0/4] Improve XMPP protocol support for starttls on s_client  
2861 [patch] Improve ability to specity req subjectAltName from the command-line  
2864 ASN1_STRING_to_UTF8: fix uninitialized memory read  
2865 Shared build broken in 1.0.1c  
2867 des_ede3_cfb1_cipher(): output cropping  
2868 [patch] CA - change order of gencrl and revoke  
2869 [PATCH] DTLS Mobility support  
2870 OpenSSL 0.9.8o 01 Jun 2010 configuration file dir bug  
2871 bug report  
2872 Bug Report  
2873 [Bug] -noemailDN only affects Subject DN  
2876 SSL reports Too many open files  
2877 openssl rand does not check write(2) return code  
2878 [PATCH] s_client -fd  
2880 Modification of the capi engine to support loading key from CERT_SYSTEM_STORE_LOCAL_MACHINE  
2881 [BUG][PATCH] TLS 1 & 1.1 client ciphersuites incorrectly truncated  
2882 [Urgent] OpenSSL"ASN1 Bio vulnerability" - Information Request  
2883 bugs in crypto/asn1/tasn_new.c and crypto/srp/srp_vfy.c  
2885 SSL_accept segfault  
2886 openssl cms cmsout serial number output format  
2887 [PATCH] decode more message/content types in apps  
2889 safestack macros fail for C++ compilers that care about extern "C" function types  
2890 ERR_string_error passes wrong buffer size  
2891 deadlock in X509_PUBKEY_get without recursive mutexes  
2892 [BUG]Cannot make openssl-1.0.2-stable-SNAP-20121003  
2893 [BUG]Cannot make openssl-1.0.2-stable-SNAP-20121003  
2894 [Bug] openssl crl -nameopt has no effect  
2895 Sendmail v8.14.4 is not working with OpenSSL 0.9.8m onwards on AIX  
2898 ERROR: Undefined symbol in setting openssl  
2899 bug in openssl tool: User Notice Explicit Text is not shown  
2901 no-rsa build bug in 1.0.1c  
2902 [PATCH] add strings for SSL state related to Next Protocol Negotiation  
2903 [PATCH] add strings for SSL state related to Next Protocol Negotiation  
2905 Double locking bug added in openssl-1.0.0h crypto/asn1/x_pubkey.c  
2906 enhancement: test suite won't work when parent directories have spaces  
2911 enhancement request: Windows RT support  
2912 Error in SSLv23 connection to some servers  
2913 Incorrect salt length indication for RSA-PSS signatures  
2914 Crash in x_name.c on out of memory  
2916 EAP-TLS error: RSA_padding_check_PKCS1_type_1:block type is not 01  
2917 [PATCH] dsa: fix return code when -noout is used  
2918 [PATCH] Testcase for GOST R 34.11-94 (openssl/engines/ccgost/gosthash.c)  
2919 [Bug] Incorrect return code and printing of modulus in dsa module  
2920 Problems building openssl-1.0.1c on 64bit PA-RISC HPUX  
2923 X509_cmp() introduces unnecessary dependency on SHA1  
2924 X509_verify_cert() fails unsafe if check_issued() fails  
2925 RSASSA-PSS trailer field and salt length representation  
2927 Domain names that exceed 61 characters  
2928 openSSL 1.0.1c serious bug in Win32 makefiles, easy to fix: linker binary variable name LINK collides with buildsystem variable LINK . please rename  
2931 Bad output of -purpose with the x509 command  
2932 smime cmdline utility ignores errors  
2933 [Bug] Days wrong if -enddate is passed to openssl ca  
2934 A set of fixes for non-working hardware RNG set as default  
2936 Properly set default trusted CA paths if -CAfile and -CApath not used  
2938 [PATCH] Severe resource leak in tls_P_hash() (v1.0.1 and up)  
2939 Re: [FIX] 1.0.0d: All platforms: GOST server MUST check correctness of shared UKM  
2941 Memory leaks in ca.c  
2942 threads(3) gives wrong signature for CRYPTO_set_dynlock_create_callback()  
2943 Bug Report: openssl enc -bf silently ignores key data after the first 128 bits  
2944 PVS-Studio and OpenSSL  
2945 bug: linking static OpenSSL 1.0.1c on EL6 seems to cause breakage  
2946 Enhancement request: inquiry about the date of releasing of 1.0.1d  
2947 leap year date handling  
2949 OpenSSL bug  
2950 [PATCH] Fix speed.c to show human readable output  
2951 [PATCH] Fix speed.c to fork N threads  
2953 s_server to show connection duration and transfer speed  
2956 incomplete archive  
2957 genpkey for DH key generation does not honor recommended private length  
2960 protocol bug in s2_pkt.c  
2961 [PATCH] Enhance DH Paramgen to allow setting of "recommended private key size"  
2962 [patch] openssl s_{client,server} improvements for Kerberos  
2964 OBJ_nid2obj() result value should be const  
2965 [PATCH] dgst: Prepend digest type when reading from stdin, too  
2966 OpenSsl Library crashed,  
2967 Minor Bug - Options Missing from Application Usage  
2968 Possible bug report  
2969 bug/enchancement request  
2970 Re: pkg/47521: security/openssl mastersites completion and communication with upstream -- contribution  
2973 patch for c_rehash to accept more filename extensions  
2976 openssl x509 is hardcoded to require CSR in PEM format  
2977 CVS still mentioned on openssl.org pages  
2980 bug report: s_time slow with -www and -reuse  
2982 Security Advisory as of 2013-02-05  
2983 type errors in different configurations of openssl??  
2986 aix building of openssl-1.0.1e  
2987 "openssl speed" bug with the -multi option on multi-core/processor environments  
2990 Bug Report:openssl timezone issue  
2995 [PATCH] - Added ability to set the iteration count for the enc function of the openssl commandline tool.  
2997 Problems with build because of compiler warnings, etc.  
2998 Linking libgost.so  
2999 Incomplete fix to remove SSL3_RECORD->orig_len  
3006 [PATCH] Remove duplicated code in speed.c  
3007 BUG: OpenSSL 1.0.1e VC-WIN64A build fails when configured with 'no-ec'  
3008 Possible bug when using DTLS with a BIO pair  
3009 test failure, x64 openssl 1.0.1.e on OS X  
3010 [BUG] Dynamic engine error handling crash  
3012 bug report - excess free  
3013 Sending SCSV when TLS extensions are disabled  
3015 Bug with encoding / decoding Implicitly tagged, Optional GENERAL_NAMEs??  
3016 openssl ts fix  
3018 Superfluous and crash prone code in apps/x509.c  
3019 [PATCH] avoid null pointer dereference in ubsec_dh_generate_key()  
3023 [Patch] Remove redundant logical expressions  
3024 Segfault with 'openssl enc' when using aes-cbc-hmac-sha1  
3027 man page -starttls incomplete  
3028 PEM_X509_INFO_read_bio() fails to process RSA private key if in initial position (regression in OpenSSL 1.0.0 and later)  
3031 [PATCH] Undef X509_NAME also in x509v3.h like x509.h  
3032 Possible openssl bug - EVP_CIPHER_CTX_iv_length dont report correct value after EVP_CTRL_GCM_SET_IVLEN  
3034 BUG REPORT: core dump when ssl renegociation  
3035 Patch to properly detect and default to 64bit on OSX  
3037 [PATCH] so 1.0.1e will build with "no-tlsext" option specified  
3044 Receiving Error "Invalid Server SSL Protocol (error:140A90F1:SSL routines:SSL_CTX_new:unable to load ssl2 md5 routines)"  
3045 bug report: AES XTS fails for data unit size > 4KB  
3047 What bugs are fixed in OpenSSL-1.0.1e  
3048 [Bug] openssl-1.0.1e-fips-2.0.3 Illegal instruction  
3049 c_rehash skips PEM files with windows line feeds  
3050 x509 PEM certificate input parsing bug  
3053 [PATCH] Check for null pointer in cms envelopedData  
3056 Add secure DSA nonce flag.  
3057 [PATCH] Fix POD errors with pod2man from Perl 5.18.  
3058 support for intel compiler on Windows  
3060 [PATCH] empty_record_limit  
3061 [PATCH] dsa_crash  
3062 [PATCH] asm_volatile  
3063 [PATCH] exp_zero_mod_one  
3064 [PATCH] small_prime_generation  
3066 [PATCH] constant_time_rsa_padding  
3067 [PATCH] premaster_constant_time  
3069 An enhancement to EC key generation to enable compact point representation  
3070 Bug Report  
3072 Strange behaviour when talking to microsoft exchange  
3076 openssl 1.0.1e outdated manuals  
3077 rbuf_freelist and wbuf_freelist corrupted.  
3078 Makefile: install rule builds components  
3079 FIPS Capable 1.0.1e with no-shared and -no-comp fails to compile  
3081 openssl-fips-2.0.N  
3082 [PATCH] Filter listed protocols from help options based on compile settings  
3083 [PATCH] Adds sanity checking to malloc()/calloc()/alloca() calls in OpenSSL 1.0.1c  
3084 openssl-1.0.1e: Configure lacks disable of SSLV2 and Compression by default  
3085 config on *nix does not reject incorrect arguments  
3086 Re: OpenSSL  
3088 openssl crl - verify a CRL signature  
3091 ms\ntdll.mak bug  
3092 BUG: Verify return code: 20 (unable to get local issuer certificate) with openssl 1.0.1  
3096 OpenSSL 1.0.1e: valgrind errors with -DPURIFY set  
3098 Enhancement - Validation of country code  
3099 bug report  
3100 [patch] remove some useless code in BN_uadd  
3105 [PATCH] config matches OUT with full os/compiler line  
3108 bss_dgram.c does not honor OPENSSL_NO_SOCK  
3109 [openssl.org #3041[PATCH] DTLS message_sequence number wrong in rehandshake ServerHello  
3114 Bug report: Spelling error in apps/ocsp.c  
3115 s3_srvr.c out-of-bound dereference (minor bug)  
3119 bug (minor) & suggestion for a fix  
3121 Request concerning revoke system for openSSL  
3123 [openssl.org ##2823] Bug: FTBFS compiling openssl 1.01c with musl libc  
3124 potential bug in ssl/s3_cbc.c  
3127 Bug Report: deadlock in openssl 1.0.1e when using FIPS 2.0.1  
3131 [PATCH] Added -signerhash flag to sign files with cades extensions.  
3133 minor make install improvement for Windows/Visual Studio in ms\nt.mak  
3135 Not all items displayed by list-cipher-commands are in OBJ_sn2nid()  
3136 [PATCH] get rid of extra space when printing -subject and -issuer in x509  
3137 The behavior of CRYPTO_set_mem_functions() in FIPS mode  
3138 80-bit Elliptic Curves with !MEDIUM !LOW !EXP cipher list  
3140  
3142 Remove extraneous initialization from state_machine.c  
3143 ENGINE_load_rdrand sane failure code  
3144 Please, I need a command "isrevoked" in the Latest openssl 1.0 version  
3145 openssl auto install to /usr/local/lib64  
3153 [bug report] native issetugid function not used under Solaris  
3155 Bug report: S/MIME base64 decoding fails on files that have 76 base64 characters per line  
3157 PATCH Win32/64 openssl 1.0.1e fixes  
3158 [bug] bad output for 'openssl ciphers -ssl2' built with 'no-ssl2'  
3159 [Bug with PATCH] Null pointer dereference in ssleay_rand_bytes() and etc.  
3163 [PATCH] DSTU-4145-2002 engine implementation  
3164 [PATCH] require DH group of 1024 bits  
3166 RE: Possible bug/leak in OpenSSL ssl/bio_ssl.c:ssl_ctrl(BIO_CTRL_POP)  
3167 openssl pkcs8 does not convert from PKCS8 to "traditional format private key"  
3168 PKCS12 bug when using same file for export password and key passphrase  
3171 integer undefined behaviors  
3176 Locking problem in fips_drgb_rand.c  
3180 Brainpool Elliptic Curves in OpenSSL version 1.0.2 - Re: #2239: [PATCH] RFC 5639 support  
3181 [PATCH] OCB  
3185 Patch to add -tls switch to s_client  
3186 Problem in configuring SSL in OPENLDAP  
3187 openssl rand -hex 4294967297 generates only 1 byte (2 hex digits)  
3190 Patch to add -tls switch to s_server  
3192 [PATCH] Fix spurious error in DSA verification failure  
3196 Default CRYPTO_THREADID for Mac OS X with Posix Threads  
3197 Patch for config and darwin64 on Mac OS X  
3204 J-PAKE test fails  
3205 [PATCH] Bring TLS Extension Support Up To Date w/RFCs (ALPN, RFC6961, RFC6962)  
3209 Web man page for OPENSSL_VERSION_NUMBER claims it has 9 hex digits.  
3212 smime verification failure  
3215 [bug report] SSLv23 connection fails but SSLv3 works  
3219 OpenSSL - AES in SSLv3.  
3222 [PATCH] asn1,evp: Add delete functions for app methods  
3225 make 'failure'  
3226 [PATCH] crypto/srp/srp_lib.c: add/correct some error handling  
3227 Deadlock in OpenSSL 1.0.1e.  
3228 Bug report: openssl 1.0.1f build fails with "make: invalid option"  
3230 Deficiency in the Perl script openssl/crypto/objects/objects.pl  
3233 'make depend' emits warnings on OSX wth 1.0.1f  
3236 support for DNSSEC in openssl  
3239 PATCH: formatting errors in NAME lines of two manual pages  
3240 [PATCH] Efficient 1024-bit and 2048-bit modular exponentiation for AVX512 capable x86_64 processors  
3246 CSR version is not printed properly  
3256 [PATCH] RSA512+SHA512 incompatibility results in errors  
3257 [RFE] automatically choose signature hash strength according to key size when generating certificates  
3258 [RFE] Enable large Discrete Logarithm Diffie-Hellman groups  
3260 Several issues with hash algorithm selection in cipher suites  
3263 BUG: loading a config file from a drive with no media results in exit(1)  
3268 some CHANGES spelling fixes  
3276 Possible Bug/Opportunity for Improvement when loading ECDSA Key/Cert (Feature Request?)  
3291 Patch/enhancement to CA.pl script  
3301 [PATCH] Silently discard too long heartbeat messages per RFC 6520  
3358 openssl should create private keys with stricter permissions  
3388 Locking inefficiency  
3391 [PATCH] NULL function pointer call in n_ssl3_mac (ssl/s3_enc.c)  
3407 report: dgst(1) manpage  
3419 verify -help output is bad  
3420 Magic constants in SSL_CTX_set_tlsext_ticket_key_cb() and .pod  
3422 Misaligned pointers for buffers cast to an unsigned int* in md32_common.h  
3423 Undefined behavior in crypto/cast/c_enc.c  
3447 Build environment updates  
3454 remove OPENSSL_SYS_WIN constraint for EC_GFp_nistp224_method()  
3455 Compile error on Tandem NonStop (including patch)  
3458 PATCH: ensure debug builds with GCC include -g3 -ggdb  
3461 PATCH: expanded explanation of PEM ENCRYPTION  
3462 PATCH: fix return code on bad parameter in EVP_BytesToKey  
3463 [PATCH] Add support of no_application_protocol alert in ALPN protocol selection  
3464 openssl s_client waiting for input on Windows  
3466 PATCH: fix bad return value in dsa utility when using -noout option  
3468 Error create cer for Apache  
3470 [BUG] DTLS abort  
3472 PATCH: Update info on PKCS8 command and -iter option  
474 [PATCH] Crypto Engine Support for Chrysalis-ITS  
603 OpenSSL 0.9.7b dependency order problem with obj_mac.h ?  
657 v3_prn.c cosmetical bug/patch  
661 bug in x509_vfy.c  
689 ENGINE fallback to software  
769 Demo updates  
781 [PATCH] NetWare Support for OpenSSL 0.9.7  
832 ocsp and dsa key+socket option SO_REUSEADDR for responder  
859 openssl-0.9.7d compilation bug solaris9 kerberos  
883 Bug(fix): wrong MANDIR in Makefile.org  
895 AEP engine breaks on Linux with pthreads  
977 openssl s_client not follow default CApath  
1063 [Fwd: Bug#150259: openssl: should return error on invalid command]  
1207 [PATCH] SSL compression methods free function  
1210 Bug: CRL and Certificates  
1212 chil engine no longer works with static locks in 0.9.8  
1261 [PATCH] Binary S/MIME handling in openssl smime (0.9.8a)  
1364 index.txt corruptions  
1365 PATCH: Adding IPv6 support to s_client and s_server  
1439 Bug Report - possibly mishandled system call?  
1455 inconsistant behaviour when using s_client with and without -pause option  
1497 Issue: PKCS#12 export with empty password produces incorrect encoding of MacData in PFX object  
1500 0.9.8 bug report  
1521 bug report  
1533 0.9.8e memory alignment issue  
1559 bugreport to openssl 0.9.8d: engine padlock static-shared problem  
1580 [PATCH] add read through fp support for certificate loading  
1596 Re: wrong AKI in cert  
1635 openssl configure tries to force 64-bit mode in 32-bit chroot. (x86) fails to compile  
1709 DTLS BUG: retransmition of handshake messages does not work  
1724 s_server does not escape HTML  
1736 Enhancement Request: do away with error in chil engine in absence of dynamic locks  
1743 crasher due to lack of threadsafety on names_lh  
1751 [PATCH] Support DTLS compatibility with Cisco AnyConnect VPN  
1764 openssl-0.9.8i random generator bug  
1789 BUG: openssl verify command does not report signature error if there are other errors  
1794 [PATCH] SRP in OpenSSL 1.0.1  
1802 Bug report: Persistent memory leak that cannot be freed  
1823 Linux configuration options for OCF/HAVE_CRYPTODEV needed  
1833 [PATCH] Abbreviated Renegotiations  
1834 PKCS7_verify return value -1?  
1851 [PATCH] "openssl verify -CAfile mutil_ca.pem site.cert" fails even if mutil_ca.pem contains the chain for site.cert  
1853 Bugs in ./crpto/x509/x509_vfy.c and ./crpto/x509/x509_cmp.c  
1866 openssl verify needs better error reporting  
1933 OpenSSL 1.0.0 betas break C++ support  
1936 enhancement request - X509V3_EXT_get_nid  
1947 OpenSSL 1.0.0 betas break SSL_SESSION_cmp  
1973 [PATCH 11/14] Ensure 'make links' gets all headers correctly.  
1979 Add uClibc support  
1994 [BUG REPORT] extra "$" caracter in test/Makefile -> make error on AIX  
1995 Man pages for the "rsa" utility should clearly state what output formats are used  
2019 [PATCH] Optimize handling of TLS SNI extension when resuming a session (server side)  
2036 bug report: TLS session resumption not checking for existence of client finished message  
2037 GENERAL_NAME IPv6 parsing bug....  
2047 [PATCH][Beta3] Fix IPv6 handling in BIO_get_accept_socket()  
2051 [PATCH] IPv6 support for s_client, s_server and DTLS  
2071 Few more manual page (was: What does cache field in X509_STORE struct do?)  
2087 base64 decoder returns nothing  
2100 RAND_poll can be incredibly slow on Windows7 due to Heap32Next  
2105 Please reconsider the client side of the CVE-2009-3555 fix in 1.0.0  
2106 s_client man page doesn't mention STARTTLS support for XMPP  
2134 Problem with both rsa and dsa certificates in certificate file  
2145 [PATCH] New parameter "signing_digest" for TS module  
2147 Re: OpenSSL 0.9.8m-beta1 release  
2148 OpenSSL self-test report:  
2151 MGF1 not exported in 1.0.0  
2152 FIPS Support  
2184 patch for openssl-0.9.8m on haiku  
2195 [PATCH] Set default field separator in do_name_ex() ("nameopt" switch)  
2202 OpenSSL 0.9.8n v. VMS  
2208 Bug Report: SSL_Accept() not MT-safe  
2212 Override DH bits restriction  
2214 crash in openssl 0.9.9 and probably 1.0.0  
2215 crash in openssl-1.0.0 glibc detected httpd: free(): invalid pointer in libcrypto.so.1.0.0(CRYPTO_free)  
2226 OSSL 1.0.0 and NetWare + nasm  
2245 [PATCH] Add /Zi to VC++ CFLAG in debug configuration (1.0.0 and 0.9.8)  
2246 dtls1.h includes winsock.h, overriding the #undefs from ossl_typ.h on Windows  
2268 openssl-0.9.8n: Organization Name value may not contain comma  
2271 bug report / enhancement request  
2275 CVS HEAD: BIO b_sock: ioctl(FIONBIO) is not available everywhere; completed BIO_socket_nbio() so the #ifdef clutter in apps/* and other spots can be discarded after this  
2283 ECDSA and checking signature validity  
2292 bug report for SSL_get_secure_renegotiation_support()  
2293 OpenSSL dependence on external threading functions is a critical design flaw  
2302 Bug with GOST in TLS connection  
2305 openSSL initialization segmentation fault  
2312 Function protos in 1.0.0a: unsigned long changed to size_t not so good for amd/x64, Itanium  
2316 Build issue on Tru64 (Dl_info must specify a type)  
2322 openssl question  
2327 bug report  
2332 Issue while generating SSL certificate using Apache 2.216 + openssl 0.9.8o  
2333 [BUG?] RSA_public_decrypt() failed  
2342 CHM version of openssl doc  
2351 PATCH: Remove obsolete ipsec extended key usages  
2353 PATCH: add missing OSCPSigning bits  
2361 win32: non-blocking BIO_do_connect() returns wrong value  
2365 Limitations of ENGINE interface hamper performance on modern hardware  
2395 openssl-1.0.0c bug: Decoding cert causes segv in ASN1 code  
2397 openssl x509 stops outputting just before printing Issuer when using nameopt dn_rev  
2399 Request: Allow "-no-xxx" options in ./config for FIPS build  
2408 [OpenSSL >= 1.0.0 Enhancement] Additions to timestamp support  
2409 CCM support not available in openssl-1.0.0c  
2417 [Enhancement] X509 verification with OCSP support  
2442 OCSP digest methods bug  
2446 Need clarification on licensing requirements of certain files  
2449 [BUG] openssl 1.0.0d warnings during build and ACCVIO on OpenVMS  
2453 Issue on SMIME_write_PKCS7() with memory buffer if data is not NULL  
2459 ecdsa_method declaration prevents use in implementing a dynamic engine  
2463 [PATCH]: OpenSSL 1.0.0d: Add abbility to load server certificate by ENGINE.  
2464 [PATCH] Experimental TLS-RSA-PSK support for OpenSSL  
2468 bind 9.8.0 and OpenSSL 1.0.0d  
2480 ./config shared no-rc2 no-rc4 no-des no-ssl2 ... make test fail  
2484 [PATCH] DTLS: wrong fragment reassembly  
2495 enable PEM_write_DSAPublicKey  
2497 [PATCH] Improve RSAOaep Error Handling  
2519 crash when using newly-defined ASN1_SEQUENCE macros in Windows with elements that are also newly-defined SEQUENCEs...  
2524 openssl 1.0.0d bug report/ query  
2535 [PATCH] Add SCTP support for DTLS (RFC 6083)  
2548 [Enhancement Request / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client and SNI  
2549 [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name  
2551 [PATCH] All platforms: Option to disable sending renegotiation_info extension.  
2562 Adding cfi/fpo records to asm (fix backtrace when debugging)  
2568 enhancement request: remove ECC engine support's limitation  
2571 OCSP send request fails if OCSP server with vhost or reverse proxy  
2578 s_client bind ip  
2581 bug: Why do these 12 lines of Win32 code work on XP but hang forever in Vista and Windows 7?  
2582 [PATCH] Efficient and side channel analysis resistant 512-bit and 1024-bit modular exponentiation for optimizing RSA1024 and RSA2048 on x86_64 platforms")  
2635 1/n-1 record splitting technique for CVE-2011-3389  
2644 bug report  
2652 [PATCH] OpenSSL 1.0.1 OpenVMS issues  
2653 [BUG] OpenSSL 1.0.1 OpenVMS issues on VAX  
2658 [PATCH] Add TLS/DTLS Heartbeats  
2669 make test failure  
2672 BUG REPORT: GENERAL_NAMES Template encoding issue  
2673 Bug report: OpenSSL Memory leak in B64 encode  
2687 OpenSSL 1.0.1-beta1 sends certificate_verify in ServerHello and breaks Java 1.6.x clients, Firefox, and Chrome  
2698 [PATCH] Allow the use of startdate and enddate for ca -gencrl command  
2701 BN_generate_prime_ex can generate too large primes  
2707 Build failure  
2718 openssl-fips-1.2.3: testsuite failures (SIGILL / Illegal instruction)  
2720 openssl 1.0.1 beta2 problem  
2732 Bug: verification fails if muliple certification path (EV/Verisign)  
2747 valgrind suppressions file to suppress warnings from Python/openssl  
2749 SSL_shutdown() doesn't need to ever return 0  
2750 [BUG] spec file doesn't properly build for lib64  
2751 [ENHANCEMENT] Request moving static get_issuer_sk before X509_verify_cert  
2760 possible bug report: DSA_verify() doesn't correctly account for len  
2763 Possible bug - TLS 1.2 compliance  
2768 Bug: internal_verify() hides errors from callbacks after X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE  
2769 problem with openssl 1.0.1 and 512bits rsa key  
2782 BUG report: RSA private key serializer  
2784 [PATCH] Eefficient implementations of SHA256 and SHA512, using the Simultaneous Message Scheduling method  
2805 uplink-x86_64-pl-script error when running "ms\do_win64a" on windows 7-64bit command line  
2807 Can't connect to Evernote server  
2816 bug report on openssl version 1.0.0d , windows server 2008 64 bit  
2825 Bug: Unable to connect to WPA enterprise wireless  
2826 OpenSSL Buffer Overflow Vulnerability Notification  
2834 bug report: i2d(sign(10)) results in 2573 encoded  
2835 question/proposal for openssl 1.0.1c to make do_ms.bat and do_win64a.bat somewhat more consisent + solve build errors for WIN64a.  
2841 Unreachable return in OpenSSL 1.0.1c, x509_vfy::check_issued()  
2850 [PATCH] Efficient and side channel analysis resistant 1024-bit modular exponentiation, for optimizing RSA2048 on AVX2 capable x86_64 platforms  
2862 bug report - strange memory access  
2884 bug in eng_cryptodev?  
2904 genpkey ignores "-outform DER"  
2907 Unresolved external referenced in function _EC_GF2m_simple_method when linking 1.0.1c w/ fips-ecp-2.0.2  
2910 OPENSSL_cleanse called with wrong size  
2915 [PATCH] Add an option to Configure to set the include directory for FIPS enabled builds  
2935 OpenSSL 0.9.8x crashes\OpenSSL 1.0.1c get stuck in SSL_load_error_strings() function on Solaris OS  
2937 Handshake performance degradation in 1.0.1 and up.  
2948 thousands of getpid called inside libcrypto.sl.0.9.8  
2958 Bug report: dtls handshake loops after 'certificate verify' packet loss  
2972 GnuTLS: A TLS fatal alert has been received.  
2974 OpenSSL 0.9.8y compilation error on Windows  
2978 CVS repositories serving stale data  
2988 Makefiles should (usually) remove target before re-generating  
2991 Certifacte verification with a RSA-SHA512 hash algorithm fails  
2993 Openssl manual pages  
2994 OpenSSL upgrade issue  
2996 PATCH: cygwin (and probably others) support broken by long time  
3001 [PATCH] Reduce unnecessary verifying iteration in rsa_test.c  
3003 Enhancement Request - RFC6698 (DANE) TLSA Support  
3020 openssl hang  
3036 openssl-0.9.8y config removes symbolic link /dev/null on Solaris  
3041 [Bug] DTLS message_sequence number wrong in rehandshake ServerHello  
3043 Bug Report d2i_PKCS8PrivateKey_bio() doesn't work for DH keys  
3054 [PATCH] Efficient and side channel analysis resistant 1024-bit and 2048-bit modular exponentiation, optimizing RSA, DSA and DH of compatible sizes, for AVX2 capable x86_64 platforms  
3065 [PATCH] ec_private_key_dont_crash  
3073 [Patch] ALPN Implementation for OpenSSL  
3080 Android NEON and CFLAGS options  
3089 Building OpenSSL 1.0.1e with FIPS on Win64A  
3095 Incorrect result in HMAC functions when key is null  
3097 Incorrect revocation status with indirect CRL  
3101 [PATCH] Add CMP (RFC 4210) implementation  
3102 s_server does not reject invalid client certificates in "OpenSSL 1.0.1 14 Mar 2012" with -verify or -Verify options  
3110 Adding support for x86_64 Cygwin  
3113 OpenSSL’s DH implementation uses an unnecessarily long exponent, leading to significant performance loss  
3116 Incostistency using GOST engine with openssl 1.0.1e  
3117 [PATCH] A fast vectorized implementation of binary elliptic curves on x86-64 processors  
3120 Minimum size of DH  
3122 bug: openssl-1.0.1.e: STARTTLS: "SSL3 alert write:fatal:illegal parameter"  
3129 Openssl not clearing session ticket upon handshake failure  
3149 [patch] Fast and side channel protected implementation of the NIST P-256 Elliptic Curve, for x86-64 platforms  
3150 Bug Report (with trivial fix): fips module segfault  
3165 tru64-alpha-cc compatibility fixes  
3182 Bug in OpenSSL 1.0.1e 586 assembly optimized AES_cbc_encrypt  
3183 SSL_set_SSL_CTX() should apply more settings from the SSL_CTX being switched to  
3188 Bug Report Null bytes in SubjectAltName mishandled in GENERAL_NAME_print()  
3195 [bug] aes-cbc encryption on x86 is not working  
3198 [PATCH] Fix missing NULL pointer checks and memory leaks in crypto/asn1 files  
3203 Normalize PFS key exchange labels  
3213 [PATCH] Fix failure to read default CA file & CA path in s_{client,server,time} (bug #977)  
3217 [PATCH] changes in 1.0.0l and 1.0.1f required for OpenVMS  
3231 default ciphers include insecure export cipher suites  
3234 [bug] openssl defaults to using tls compression  
3241 Patch: Constify openssl tables.  
3248 Bug - OpenSSL 0.9.8 crashes randomly at the call to BIO_test_flags()  
3252 OpenSSL v1.0.1f issue: decryption failed or bad record mac:s3_pkt.c:484  
3266 [PATCH] Add the SYSTEM cipher keyword  
3282 [PATCH] Fix PKCS8/PKCS12 EncryptedPrivateKeyInfo decryption when password is empty  
3290 1.0.1e compile issue  
3297 XXX_process_heartbeat() not checking return value of OPENSSL_malloc() Normal 
3299 Allow setting custom cipher strings in the openssl config file. Wishlist 
3300 Added the .include directive in openssl configuration file. Wishlist 
3305 Cppcheck report  
3310 Can't execute make command  
3311 [PATCH] Introduce GOST R 34.11-2012 hash function Wishlist 
3315 Why does the linker complain about undefined symbols?  
3322 [PATCH] ccgost to use configured params for 28147-89 in CNT and IMIT mode  
3324 [PATCH] Remedy the coding style after heartbleed  
3328 [PATCH] Support for GOST R 34.10-2012 digital signature algorithm Wishlist 
3331 [PATCH] respect LDFLAGS during build  
3333 [PATCH] Revert "Make Makefiles OSF-make-friendly." Normal 
3334 Win32, SSL_add_dir_cert_subjects_to_stack() does not work. Normal 
3349 Bug report: X509_check_akid() identifies non-self-signed certificate as its own issuer  
3383 ASM support questions for openssl 1.0.1g. in MIPS64 CPU.  
3397 Fwd: [PATCH] x86_64 asm: fix bn_mul_mont on odd-len BNs  
3404 Bug report  
3421 PATCH: return appropriate error if RDRAND not available  
3424 Misaligned pointers for buffers cast to a size_t*  
3425 Potential padding oracle in evp_enc.c  
3427 crypto/bio/b_print.c: 2 useless if conditions ?  
3429 PATCH: Update to X509_check_host documentation  
3435 I updated George Shaw's 0.9.8e port to OS/400 from 2007  
3443 [patch] Implement Camellia-CBC suites from RFC6367  
3450 Out-of-bounds read in ssl3_get_key_exchange (ssl/s3_clnt.c)  
3451 patch for x509.c  
3465 EC command fails to parse ECPrivateKey without optional params  
3469 problem with commit 3009244da47b989c4cc59ba02cf81a4e9d8f8431 - global_mask needs to be more liberal  
3471 [PATCH] md5-asm-aarch64-29regs  

To report a new issue not mentioned here, please send email to rt@openssl.org.