Current OpenSSL-Bugs Milestones and Bugs

17 items todo for release: 0.9.7e  
196 Misc. fixes for OpenSSL 0.9.7 beta3  
229 [PATCH] Supply missing prototypes for OpenSSL 0.9.6g Nice to have 
243 OpenSSL 0.9.6g fail on IBM OS/390 Normal 
298 Documentation suggestions Wishlist 
312 gcc warning in bss_bio.c  
328 DH_compute_key incompatable with PKCS #3 Normal 
356 Bug in CRLF translation in PKCS7_sign  
378 building without md5  
424 options undocumented in manpages for openssl command line (0.9.7-stable)  
447 [Fwd: Bug#176058: openssl: Should ask password only after basic input validation] Nice to have 
451 SX6 port  
465 [patch] X509_LOOKUP_hash_dir with multiple directories problem  
468 When server session cache fills up...  
481 (0.9.7 on Win32) openssl ca crashes when exiting... Normal 
502 TXT_DB error number 2  
609 OpenSSL does not work with /dev/[u]random on HPUX 11i Normal 
678 Crash in lhash code in openssl 0.9.7a  
30 items todo for release: 0.9.8  
9 Re: [patch] Sign certs that aren't self signed for x509 -CA Nice to have 
11 Fw: trustway pkcs11 engine for openssl Nice to have 
22 [PATCH] to dev build 20020428 for Win64 on Itanium Normal 
44 OpenSSL_add_all_algorithms problems in Win32 Normal 
61 OPENSSL_SYS_MSDOS is confusing Normal 
92 Prototypes SSL_write() & SSL_read() problem in openssl/ssl.h for 64-bit applications  
136 [Fwd: Bug#151197: openssl: verify should fail when verification fails] Normal 
139 [Fwd: Bug#150260: openssl: unnecessarily chatty on stderr] Nice to have 
141 Error while writing zero-length string Nice to have 
153 Public API for sending SSL/TLS alerts wanted Nice to have 
175 openssl-0.9.6e bug under Irix 6.5? Critical 
181 Makefile enhancement requests Normal 
266 [PATCH] Proposed proxy client functionality in s_client Nice to have 
270 API: certificate chain handling incomplete  
306 EVP_xxx_{cfb,ofb} problems in openssl 0.9.7-beta3 Normal 
319 "excessive message size" problem with large RSA key lengths  
327 compilation errors for openssl 0.9.8  
388 Building beta 5 on solaris 8 sparcv9 Wishlist 
438 SCEP Nice to have 
448 [Fwd: Bug#176062: openssl: Expired certificates and recertification] Normal 
478 make uninstall Wishlist 
480 Support for local ip address binding for connect BIO's. Nice to have 
487 bug in BN_generate_prime for small n. Nice to have 
601 extend opensslconf.h to have a flag for every available feature  
773 No OAEP support for S/MIME Wishlist 
989 DJGPP patches for 0.9.8 and 0.9.7 Normal 
1155 openssl-0.9.8 causes MS Windows fatal error when executing 'openssl exngine xxx' Critical 
1336 OpenSSL support for Kerberos Critical 
1349 Error passing password with stdin Normal 
1415 Binary Segmentation fault - Suse Linux - SSL_CTX_new Critical 
2 items todo for release: 1.0  
479 support version independent upgrade Critical 
767 Openssl time bugs Normal 
1472 items not filed  
536 Bug in kssl ?  
543 Valid trick to reduce session object's size?  
547 SSL_CTX_free messes with external session cache  
549 Enhancemant Request  
568 [PATCH] some ISIS-MTT OIDs  
569 OpenSSL reduced size - suppress PKCS #12 code generation  
571 Re: 0.9.7a and no-engine problem  
572 0.9.6i and OS X (10.2)  
573 Possible bug in conf parser  
575 0.9.7a with patches and >  
576 wtls certificate  
577 Re: Compilation failed [OpenBSD-3.2-current]  
579 Fw: Problem compiling tests for openssl-0.9.7b  
582 Contribution: Support for VisualStudio 6  
583 [PATCH] support for the ISIS-MTT 'restriction' extension  
588 Engine-0.9.6* build broken if any of [no-rsa][no-dsa][no-dh] specified in the config.  
589 Re :"Possible stack overflow in openssl-0.9.7b" (fwd)  
590 BUG REPORT: X509_get_signature_type() returning NID_undef  
591 0.9.7b bug - Link error on Win32  
594 enhancement request  
596 openssl wtls  
597 SSL_set_session() problem (?)  
598 OpenSSL: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry  
599 0.9.7b Mingw build broken?  
605 Re: Some Patches for OpenServer 5.0.X  
611 Fw: Bug in SSL_Shutdown?  
614 libs not built with -B symbolic on Solaris  
635 Manual pages.  
636 Example in man page for BIO_new_bio_pair incorrect?  
637 bug or error in openssl  
639 subscribtion to openssl-users or openssl-dev from virtual domain  
642 WinCE IE 3.02 client problem  
646 Fix for Linux problems using TERMIOS  
648 Spurious SSL handshake interrupt [Hint: Usually just one of those OpenSSL confusions!?]  
651 submission: GOST objects  
655 Kerberos: solaris 9 openssl-0.9.7b compile problem  
656 error in documentation about BIO_read  
666 Optimization only with maximal -01  
671 [patch, 0.9.7b] export (i2s|s2i|i2v|v2i)_ASN1_(IA5|BIT)STRING  
677 bug report - Memory leak in DSA_free() call.  
681 OpenSSL 0.9.7b Bug report  
682 Windows compilation failure  
684 Memory Leaks in RSA_eay_private_decrypt  
686 How to upgrade  
687 expired cert on www.openssl.org  
689 ENGINE fallback to software  
690 compilation bug report  
691 Bug Report - Sparc/NetBSD  
694 [PATCH] shared archive support for AIX  
696 SSLv2: server requires client certificate despite SSL_VERIFY_PEER  
701 [Patch] openssl support for iSeries (os/400)  
705 PATCH FreeBSD osver.h  
706 PATCH suuport FreeBSD amd64  
718 wrong optimization on irix  
719 BUG: Incorrect child exit status handling in Configure 0.9.7c  
720 BUG: Inconsistent MinGW identification in Configure 0.9.7c  
721 BUG: Short passwords not allowed 0.9.7c  
722 FIX: DLL relocation in ms/mingw32.bat 0.9.7c  
723 0.9.7c IMAPD+TLS Interaction Bug  
724 RQ: Library name unification for Win32 possible?  
734 SCO5 LIBs  
736 0.9.6k another misuse of RSA_size()  
737 /dev/random  
738 enhancement request  
742 shared library for OpenSSL  
746 problems with installation of openssl  
747 -pre and -post cmd line params for openssl cmds  
753 0.9.6l does not compile on Windows  
754 Downgrade to Lower Version  
782 IBM patches to OpenSSL-0.9.7c  
783 ASN1_INTEGER_get/ASN1_INTEGER_set patch  
784 Library cleanup functionality  
786 0.9.7: OPENSSL_NO_SHA flag  
787 New target platform  
790 [patch] support shared library on oler version of AIX4  
791 CBC padding patch for FIPS-81  
792 Openssl (crypto) 9.7c md4test fails on Fujitsu-Siemens BS2000  
795 Uninitialized Variables, Prototype Mismatches, Portability  
796 bug & fix: "compatibility_version" incorrect in 0.9.7c on OSX 10.3.1  
798 Adding fieldName_required to req command (TSU NOTIFICATION)  
799 extending openssl config to add X509v3 extension support  
802 Re: OS/2 Build of SSL on 0.9.7c  
803 Probs with win32 builds of openssl-0.9.7c  
805 base64 BIO too picky about whitespace  
806 0.9.8 snapshot patches for compilation on Windows  
807 0.9.7 snapshot patches for compilation on Windows  
808 OpenSSL 0.9.7c fails to link on AIX 4.2.1  
809 enc(1) exits with 0 even after write errors  
814 Compiling with mingw  
815 0.9.7c wont build -mcpu=k6 is a bad value  
818 Error while running make in Windows NT  
819 openssl for windows CE.NET  
824 Patch for bug in 0.9.7c - Win32 build problems  
828 [PATCH] "openssl smime -verify" on binary files  
829 PATCH: Checking issuer cert w/ self-signed certs  
830 Bug Report (Building without HMAC)  
838 REQ: Creating a BIO from a FILE* should retain (TEXT) access modes  
839 Patch pk7_lib.c:PKCS7_get_recip_info()  
843 EBCDIC patches for 0.9.7c  
844 [Fwd: Bug#235600: openssl: CA.pl and -signcert: some minor issues]  
852 Errors running OpenSSL under Windows 2000  
865 ttls use in openssl  
871 Bug & Patch: PEM_write_SSL_SESSION and other macros cause GCC warnings  
880 Client error  
882 Documentation patch  
885 [PATCH] Add initial support for BeOS to OpenSSL  
891 Openssl Seg Fault  
898 CRYPTO_dbg_malloc multithread bug  
911 Passing in an OAEP padding parameter  
913 [PATCH] pkcs11 engine  
914 Bug Report  
916 Bug Report  
919 /bin/sh: line 1: cd: crypto: No such file or directory----make: *** [sub_all] Error 1  
932 Patch for 0.9.8 (DJGPP)  
934 Patch for 0.9.8 (mingw)  
936 Bug in smime-command mime format  
937 uid  
939 PATCH: documentation clarifications for RSA_sign, rsautl  
947 Patch, I suppose  
951 FW: New port to the AS/400 (iSeries)  
953 PKCS7: sign data without keeping it in the memory  
954 CloseClient: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry  
955 Implementation of SSL_SESSION_get_session_id  
967 FW: New port to the AS/400 (iSeries)  
975 OpenSSL 0.9.7e Pocket PC 2003 Compile Error  
976 OpenSSL 0.9.7e Pocket PC 2003 Compile Error  
979 openssl-0.9.7e  
980 "-starttls smtp" not standard compliant and leads to misleading "unknown protocol" error  
981 openssl-0.9.7e fail in X509_OBJECT_idx_by_subject/sk_find/sk_sort  
984 X509_NAME modified bit doesn't cover entry data changes.  
992 RSA_check_key() should have a callback argument  
997 FW: Tarring failure  
1000 OpenSSL 0.9.7e fails RIPEMD160 on Sparc64  
1002 Problem with mingw build of 0.9.8  
1003 Request: entropy gathering  
1004 dgst: unknown option "-md5" ...  
1006 build failure openssl-0.9.7e with MIT Kerberos 1.4 [PATCH]  
1007 bug report: EVP_SealInit  
1008 [PATCH] Default CRYPTO_thread_id for AS/400 causes SSL3_AD_BAD_RECORD_MAC  
1009 ERROR while excuting ./config  
1013 test idea exits with error but tests are OK  
1015 don't use O_NOFOLLOW on Solaris...  
1016 patches for Configure and config for Cray X1 systems  
1018 unbuffered stdin problem?  
1019 renegotiation failure - bug report.  
1022 BUG over make  
1023 openssl build fail under linux-x86_64 (RHEL 3.0)  
1026 XOPEN_SOURCE_EXTENDED definition causes problems on AIX 5.2 with gcc 3.4.3 and openssl 0.9.7e  
1027 bug report  
1028 Problem compiling openssl-0.9.7e on AIX 5.3  
1029 Linking Error  
1030 Broken symlink in openssl-0.9.7f.tar.gz  
1033 BUG REPORT : Unreachable code in OpenSSL 0.9.7f  
1038 BUG: openssl-0.9.7f cannot be compiled for Windows CE  
1048 OpenSSL 0.9.7g failing make test  
1051 SSL_CTX_set_default_paths  
1052 openssl ca: generate subjectAltName from config  
1055 [Fwd: Bug#272281: include musclecard engine support in openssl]  
1056 make test fails on YellowDog Linux version 0.9.7g  
1057 openssl-0.9.7g tests  
1058 Problem compiling openssl 0.9.7g  
1062 [Fwd: Bug#295449: openssl: x509 -CAserial no longer works]  
1065 [Fwd: Bug#247435: openssl: pkcs12: MAC verify should be quieter]  
1067 OpenSSL symmetric crypto padding check incompatible with XMLENC  
1068 X509_NAME_add_entry: inserting with loc == 0 and set == 0 creates wrong set  
1075 compile error  
1076 Bug report  
1077 Bug report on slowness  
1093 dhparam file test  
1099 Problem with keysize operations  
1104 [Bug Reoprt] -days parameter overflow  
1132 Re: submission of OpenSSL changes  
1148 0.9.8 PEM_F_DEF_CALLBACK incompatible API change  
1153 Mingw patch for OpenSSL 0.9.8  
1154 Bug report - broken links on www.openssl.org  
1162 add a "discover-server-ciphers" to s_client  
1163 add a "list-client-ciphers" option to s_server  
1164 BUG: namespace pollution in openssl 0.9.8  
1165 Bug Report  
1166 Search for Signature File  
1169 Crash in OpenSSL - write_pending  
1174 ectest and libefence  
1178 [PATCH] OpenSSL LynxOS port  
1180 NetWare patch to add gcc support to 0.9.8  
1181 [PATCH] adds RFC 3280 compatible mail attribute  
1187 Openssl - unable to load from /usr/local/ssl/openssl.cnf on win nt  
1189 Bug Report and Patch : -subj option of the req command does not refer openssl.cnf to check the minimum and maximum limits of each field  
1193 gcc depracated "-mcpu=" option  
1197 [patch] fix three typos in MD5 sources  
1199 OpenSSL  
1202 Problem on OpenSSL 0.9.8 with Apache2  
1206 FTP USER Authentication  
1208 Any plans to support SMIME v3 (i.e. RFCs 3850/3851 or 2632/2633)?  
1210 Bug: CRL and Certificates  
1211 anyExtendedKeyUsage support  
1215 Bug Report for OpenSSL  
1216 Solaris 10, SunStudio 10 how-to  
1222 Please introduce versioned symbols  
1224 constness change between 0.9.7f anf 0.9.7h  
1227 Runnning openssl test  
1229 kssl.c typo  
1232 [PATCH] Flush s_server stdout after state change completed  
1234 Failing to load zlib.so results in other errors later.  
1237 Compilation error with Apache 1 and 2  
1240 make test failure [0.9.8a]  
1241 apps/s_client.c: 2 changes in initial handshake  
1243 Compiling OpenSSL V0.9.8a with MS VC/C++ V8.0 (Visual Studio 2005) fails  
1244 changing TMP_D causes build to fail  
1255 about S/MIME sign code.  
1275 HPUX 11.x linker error  
1276 [PATCH] TLS Extensions - RFC 3546 (Try 2)  
1278 Bug Report: gmake test fails for OpenSSL 0.9.7j-fips-dev  
1290 [PATCH] Convert destest.c to use DES_* functions.  
1291 [PATCH] Remove old libdes support?  
1292 SSL_add_dir_cert_subjects_to_stack does not check for read access of file, breaking TLS enabled LDAP clients  
1295 Crash in ssl3_write_pending  
1297 PATCH x509_vpm in 0.9.8a  
1298 OpenSSL bug in libcrypto.so:RAND_poll() crashes apache2 @ startup  
1301 OpenSSL 0.9.7i shared build fails  
1303 OpenSSL 0.9.8a build fails  
1315 [PATCH] OpenSSL FIPS 1.0 - AIX 4.3.3 & AIX 5.x w/GCC  
1317 thers is a bug in openssl0.9.8a  
1324 openssl 0.9.7i - bug in ms\mw.bat file  
1325 patch for c_rehash to accept more filename extensions  
1327 Bug in openssl/util/mkdef.pl (HEAD)  
1328 FW: (Repost) SSL_shutdown and SSL_free issues  
1335 no-engine on Windows (MS VS 2003) fails  
1337 Bug: Crash in openssl0.9.8b in obj_name_cmp  
1339 mkdef.pl loops  
1341 util/mkfiles.pl  
1350 Tru64 V5.1 SSL connect error  
1351 Bug Report - error generating a cert request  
1352 [BUG, 0.9.8b] Failed to read RSA key using BIO created from file descriptor  
1353 memory leak in EVP sign and verification functions  
1356 a make test problme of openssl  
1357 Self signed CA issue in version 0.9.8a-16  
1358 Problem using fips_premain.c with C++ compiler  
1360 critical extension id-pe-qcStatements as per RFC 3039 not supported  
1362 BF_encrypt crash  
1366 patch to use docbook instead of pods  
1368 Re: Proxy Certs and security  
1369 BUG Openssl executable 0.9.8a (Unix) fails when setuid/setgid  
1372 default config should diable idea  
1378 Contribution: twopipe patch for speed test  
1379 Build failure on cygwin: #error MDC2 is disabled  
1386 Bug Report OpenSSL  
1392 OpenSSL 0.9.7k build fails missing poll.h  
1393 Problems building version 0.9.8c on Windows 32  
1396 patch: use S_ISDIR macro instead of S_IFDIR flags  
1400 spurious CRs in S/MIME clearsigned mails  
1401 Proxy module  
1404 make test in 0.9.7i fails on Mac OS X Intel Normal 
1405 make failed on openssl-0.9.8d  
1409 Openssl Bug report Password protected private key file causes crash in MSVCR80  
1412 [BUG] race/leak in X509_PUBKEY_get  
1413 v0.9.7l: some comments  
1416 [PATCH] display UPN if in subjectAltName  
1423 New releases on announce mailing list  
1424 Re: CRL update revision for X509_add_crl  
1425 Request: make X509_NAME_oneline() use same formatter as X509_NAME_print_ex()  
1444 Insufficient error reporting in openssl ca  
1448 [BUG] Incorrect dependencies in SNAP-20061227  
1449 [PATCH] Suspend and reinstate certificates in CA application  
1450 Please include this config in furture configuration files  
1454 RSA key exponents different from 3 and F4  
1466 X.509 name's printing  
1470 [PATCH] fix some memory leaks in asn1 crypto  
1481 Cipher selection patch (AES/CAMELLIA-128 vs. AES/CAMELLIA-256)  
1482 [PATCH] add "ciphertext stealing" support to the EVP library  
1487 ssl v3 session resume failure -NO INTERNAL LOOKUP- version 0.9.8d  
1491 [BUG][PATCH] malloc and friends returns not checked  
1505 [patch] ssl/s3_pkt.c  
1509 bug report: www.openssl.org http server sending wrong Content-Encoding header  
1518 [PATCH] Securing private RSA keys  
1519 Possible bug in Windows Vista  
1520 request for checking if -in and -out files are same  
1522 [PATCH] fail to assert "pkeyp" and "x509p" variables in demos/x509/mkcert.c  
1523 Re: how to extract signature from public key using openssl?  
1528 bug/typo: TLS_DEBUG section prints "pre-master" instead of "master"  
1530 bug/typo: incorrent comment in s3_srvr.c  
1534 [Bug report] Verification fails caused by too many CA certs  
1535 Show RFC3779 status in version app  
1536 bug report  
1540 apps.c:app_get_pass -- bug with -pass{in,out} on same file:filename  
1541 quick patch in ssl/t1_enc.c  
1542 others quick patches for memory leaks in pk7_smime.c and pk7_mime.c  
1543 memory leak in crypto/asn1/x_x509a.c  
1544 bug report: openssl applications crashing due to uninitialized variables  
1550 [bug report] openssl-0.9.7a segfault in lh_insert  
1553 mscrypto engine for 0.9.8  
1554 Bug Report 0.9.8e: OpenVMS apps/makeApps.com  
1556 CRYPTO_set_id_callback/CRYPTO_set_idptr_callback issues  
1561 Typos in the OpenSSL license  
1562 typo/bug in s3_srvr.c  
1567 idea.h installation in 0.9.7m branch  
1570 Bug Report: makevms OpenSSL 9.8.e  
1571 Bug Report: OpenSSL 9.8.e  
1579 [PATCH] Check fgets return value  
1584 INSTALL.W32 Configure prefix must be unix format directory delimeters  
1597 OpenSSL 0.9.8g on gentoo Alpha Linux  
1598 Bug report (OpenSSL 0.9.8g, Windows DLL)  
1600 Man page bugs  
1601 Open SSL Error on dshxsun9  
1605 ECDSA memory leak bug report  
1606 [PATCH] AES GCM table code and test for previous submission of ibm.patch  
1608 [BUG] SSL_get_error returns SSL_ERROR_SSL if read() returns -1 / EINTR  
1610 OS400 patches  
1614 Updated AES_GCM,AES_CCM,CMAC patch  
1615 [PATCH] Using uninitialized value "(c).q"  
1617 Bug report: RAND_poll problem on Solaris - select call failing  
1620 [PATCH] - OS390-Unix (EBCDIC) 0.9.8e  
1621 [PATCH] - OS390-Unix (EBCDIC) 0.9.7m  
1623 Bug report: default CA certs file path ignored  
1630 [enhancement request] Documentation improvements?!  
1631 OpenSSL loading engines multiple times in interactive mode  
1633 Bug - MayBe  
1634 [PATCH] FIPS186 PRNG for OpenSSL  
1636 OpenSSL AES test issue  
1638 OpenSSL doc on EVP_*Final() inaccurate; should mention EVP_CIPHER_CTX_cleanup()  
1639 BUG in BN_mod_inverse  
1642 patch purify errors  
1643 Less random source on windows due to wrong error handling of CryptoGenRandom  
1651 Math website suggestion  
1654 OpenSSL Build errors in Windows XP Professional  
1655 OpenSSL Build errors in Windows XP Professional  
1656 Clients compiled with tls extention can't talk to some servers.  
1657 FW: Port to AIX  
1658 Request for help: rc2test error  
1665 Contribution of aes.pod  
1666 0.9.8g req for existing RSA may need entropy  
1670 SSL_CTX_load_verify_locations() fails without error with invalid files  
1671 Configure options are not passed to mkdef.pl in mingw build  
1673 ssl handshake failure when protocol specified (0.9.8g)  
1674 bug report - fipsld not working with Solaris 9 sparc (64 bit architecture) for 32 bit shared library creation.  
1675 RSA_set_method(3) inconsistency  
1678 PATCH: Timeout bugs on windows in RAND_poll()  
1680 Possible Bug: x509_name_ex_d2i segmentation fault under IA-64  
1682 BIO_snprintf can NOT work properly on HPUX 11.23 IA for 32bits mode  
1683 OPENSSL_NO_{RSA,DSA,DH} defines not honored  
1685 [BUG] OpenSSL 0.9.8h cannot be compiled by GCC 4.3.0 on MinGW  
1688 Re: [PATCH] Fix parallel build  
1690 BN_GF2m_mod_arr() infinite loop  
1697 openssl 2.2.8g: failure to check the return value of sk_new_null() in /apps/pkcs12.c, ocsp.c, engine.c and cr12p7.c  
1698 potential bugs discovered by interprocedural code analysis for version 0.9.8g of Openssl  
1704 bug report, Windows VC-32 debug build  
1705 Infinite loop in BN_GF2m_mod_arr  
1710 Error when trying to install openssl in Solaris environment  
1711 DTLS: Handshake does not detect missing/incomplete records in flight.  
1714 DTLS: Memory leak when server receives close alert from unknown peer  
1715 DTLS: Finished message is not buffered for retransmition  
1716 Bug report for DTLS  
1718 OpenSSL 0.9.8h Possible Bug with SSL_read timeout  
1719 Bug Report  
1721 compilation error on ubuntu hardy x86_64  
1723 enhancement request  
1729 Bug in add_cert_dir - crypto/x905/by_dir.c  
1730 Nice to have, Enhancement, Patch: Add support for xmpp in s_client starttls  
1733 Facing problem with ssleay.dll  
1734 Enhancement Request: for dsaparam to have 2 number inputs for "p" and "q". Tested version of openssl 0.9.8g  
1737 [PATCH openssl 0.9.8g] s_client: add sieve starttls protocol support  
1739 [PATCH] [openssl 0.9.8c] Using a private key in an engine to timestamp.  
1740 enhancement contribution to the req command  
1744 SSL_CTX_set_tmp_dh(3ssl) man page feedback  
1745 bug report: openssl-0.9.8i breaks build of wine-0.9.60  
1746 bug report: minor output bug in x509 rsa public keys? (with possible patch)  
1747 capi engine and mingw  
1749 OpenSSL 0.9.8i and WinCrypt.h  
1754 config with shared no-dso no-hw fails to install  
1755 config silently ignores standard compiler search path on AIX and reverts from gcc to cc  
1756 PATCH: v3_addr_canonize() needs to set comparision function  
1762 Feature request  
1766 [PATCH] s_client -reconnect and -starttls don't work together  
1767 bug of EVP_Cipher when use openssl engine  
1769 bug report: Array overruns  
1770 'make test' failure for OpenSSL 9.8g  
1771 CVS Head crypto/jpake/Makefile - missing install rule?  
1772 Bug: Failure in 'make test' for OpenSSL 9.8g :Configured for 386 on linux-x86_64  
1775 0.9.9-today: bug: size_tification missed a few spots --> compile issues on native Win32/64 + SuSE64: patch/diff included  
1781 [Resend to bugs] More fixes for 0.9.8i  
1788 BUG REPORT: OpenSSL 0.9.7, patch included  
1790 [Patch] Windows CE 5 and following support  
1796 Bug in openssl 0.9.8?  
1797 re: unable to verify timestamps sgined with a certificate that is now expired  
1798 patch requested for safestack  
1804 bug report: minor fixes to EVP_EncryptInit.pod  
1807 [patch] docs on SPKAC in 'ca' manpage - document default DER rather than PEM output emitted in special circumstances  
1808 enc(1) Salt option: -S  
1811 bug report: unused variable in X509_print_ex() function?  
1815 [PATCH] Constness improvements  
1816 bug in DES_xcbc_encrypt() for decrypting 8 bytes of input (?)  
1817 smime does not add CRs  
1818 RSA_verify man page not accurate  
1819 Calls to OBJ_txt2nid for a non-registered objects adds bogus "first num too large" errors from a2d_ASN1_OBJECT  
1820 mem leak BN_mpi2bn  
1824 Error openssl 0.9.8h  
1825 Segmentation Fault  
1830 [PATCH] TLS Key Material Extractor  
1832 PATCH: force IPv4/IPv6 for s_client  
1836 a problem  
1839 Patch to correct two build issues  
1842 OpenSSL Memory Leak  
1848 Bug found in BN_is_prime_fasttest_ex( )  
1850 Bug Report--openssl crashes at SSL_write()  
1852 [BUG] Invalid Proxy Certificates Pass Validation  
1855 bug report: make test fail on x86-64 and intel c compiler  
1865 BIO printf() - floating point BIO_printf() et al support bug fix + extras (patch included)  
1867 Fw:About OpenSSL crashed in 0.9.8g  
1869 make fails  
1871 Openssl 0.9.8j patch: no failure for fips tests on mingw32  
1872 [PATCH] Change 'Q' and 'R' behavior in s_client  
1873 SMIME_write_PKCS7 and CRLF in base64 signature  
1875 Fwd: [PATCH] Small bug fixes and coding style corrections  
1876 cross compilation patch from TANDBERG  
1877 Static code analysis  
1878 [PATCH] Fix RSA blinding locking hole  
1884 OpenSSL 1.0.0 beta 1 failure on RH7  
1885 [PATCH] PSK support for 0.9.8j  
1886 [PATCH] Null chiper support PSK/PKI for 0.9.8j  
1893 Fwd: X509_STORE_add_crl does not replace CRLs  
1906 Bug Report - openssl-0.9.8k unable to build on Win XP  
1908 openssl 0.9.8k patch for interix  
1909 bug report: OpenSSL can generate invalid version 1 certificates  
1911 Please add 'rsa3072' to openssl speed  
1912 BIO_printf/BIO_vprintf error in 0.9.8k  
1913 openssl 0.9.8k can't be build when using ccache  
1915 Bug Report : Abort when race condition occurs in ERR_get_state  
1916 [PATCH] Fix for memleaks, use after free and optimizations  
1918 Can‘t extract 0.9.6x correctly on windows  
1919 Bug in buffer_ctrl in BIO_f_buffer?  
1920 Openssl 0.9.8k  
1926 Bug report for openssl 0.9.8k  
1927 [PATCH] openssl ocsp app to autodetect ocsp_uri and issuer  
1928 interface bug on Windows 64  
1932 "make test" failed (OpenSSL 0.9.8g)  
1934 Enhancement request: openssl-0.9.8k Solaris CC flags  
1935 AES-GCM, AES-CCM, CMAC updated for OpenSSL 1.0 beta 2  
1940 AES-GCM, AES-CCM, CMAC updated for OpenSSL 1.0 beta 2 - revised  
1941 Missing man page: c_rehash(3ssl)  
1948 [PROPOSAL] change ecdsatest,enginetest to fit into 8.3 naming scheme  
1956 [enhancement request] load_key in ts.c  
1964 [PATCH 02/14] Only use gcc if CC has not been provided.  
1971 [PATCH 09/14] Only test speeds up to 4K packets.  
1975 [PATCH 13/14] Add support for CPU usage reporting.  
1977 Make openssl 0.9.8k for Mingw  
1979 Add uClibc support  
1982 Bug report - crash in SSL_write  
1983 "make -n install" fails (version 1.0.0 beta snapshot)  
1986 OpenSSL 0.9.8k make test failure  
1988 OpenSSL 1.0.0 Beta 3 minor bug report  
2008 RFE: disable default verify paths in s_client  
2011 block cipher pad is wrong  
2014 Feature request: RFC 5126  
2016 feature request: SHA2 and ECC ciphersuites.  
2017 Error in installing open-ssl software  
2018 BUG: rsautl reports "RSA operation error" when decryption output is empty  
2021 sni bug  
2024 [doc bug] missing .pods  
2030 bug report: bn_rand function  
2065 [PATCH] Add Intel AES-NI support for 1.0.0 branch.  
2067 [PATCH] Add Intel AES-NI support for 0.9.8 branch.  
2076 Patch to build OpenSSL on WinCE 5/6 missing in v1.0.0  
2077 openssl 1.0.0 stable does not print all digests with help  
2092 Updated AES-GCM/AES-CCM/CMAC patch  
2093 Updated AES-GCM/AES-CCM/CMAC patch  
2108 [PATCH] Message digest functions  
2116 [OpenSSL 0.9.8k] client auth : Exit: error in SSLv3 read client hello A  
2119 Patch for dgst Man Page  
2123 Buggy openssl header causes compilation errors  
2139 BUF_MEM_free should use OPENSSL_cleanse rather than memset  
2142 [BUG] missing ssize_t definition in VCWIN-32  
2143 Bug Report openssl-0.9.8l  
2145 [PATCH] New parameter "signing_digest" for TS module  
2146 [Fwd: Re: unexpected message during renegotiate attempt]  
2150 make -n install DOES ACTUALLY INSTALL everything  
2151 MGF1 not exported in 1.0.0  
2153 OpenSSL 1.0.0 on UnixWare  
2154 OpenSSL 0.9.8 on UnixWare  
2158 X509_STORE_set_default_paths also use lookup by_capi  
2163 OpenSSL 1.0.0-beta5: header clean ups  
2166 Incompatibility with IBM Rational Purify  
2168 0.9.8m-beta1 tests.  
2172 [BUG] Incorrect input checking in openssl enc  
2176 OPENSSL_ia32cap_loc() inconsistent  
2182 Compiling openssl-0.9.8m on mingw  
2184 patch for openssl-0.9.8m on haiku  
2185 security vulnerability fixed  
2187 winsock.h inclusion in dtls1.h (bug?)  
2189 Bug Report  
2193 bug report openssl-0.9.8m crypto/bio/bss_dgram.c  
2196 openssl1.0.0beta5 problems on FreeBSD  
2198 Version 0.9.8m: Bugfix for the build process under Win32  
2201 1.0 beta5, Solaris cc compile options  
2203 [PATCH] fix fallback to default verify paths  
2204 Contribution [OS: all] [Version openssl-0.9.8m]  
2205 bug report: ECDSA in TLS handshake  
2206 [PATCH] Implicitly support non-delegated OCSP response signing  
2210 man EVP_DigestInit(3) example little omission  
2213 Unable to read Class 3 type CA certificates properly using EVP_EncodeUpdate & EVP_EncodeFinal functions.  
2216 OBJ_NAME_* and EVP_PBE_*interfaces are not MT-safe  
2217 OpenSSL_add_all_algorithms() (and similar) aren't very suitable for library use  
2222 RFC5081 support  
2227 [PATCH] Define OPENSSL_SYS_BSD  
2232 OpenSSL 1.0.0 - Mac OS X Univesal Binary Build Link errors  
2234 PATCH to fix broken c_rehash's $openssl derivation  
2236 Snow Leopard (non macports) fails to link with default options  
2237 Building Openssl on OpenVMS using "extended parse-style"  
2238 RE: Memory leak in \crypto\objects\o_names.c in method 'OBJ_NAME_add'.  
2242 Win64 build enhancements  
2243 [patch] s_client.c: segmentation fault  
2248 CVS HEAD: bug in evp_locl.h - wrong number of bytes/bits passed to encrypt routine in loop  
2249 [PATCH] OpenSSL 1.0.0: various fixes for Win64 and Windows CE 5  
2253 CVS HEAD: err_prn.c: bug: check callback return value so you don't keep hammering BIO_printf() on a failing error BIO.  
2256 CVS HEAD: question: must this be hardcoded '8' or is it 'md_len' in disguise? :-S  
2257 CVS HEAD: [quite probable] bug in ssl3_write: does not indirect through callback like it sibling ssl3_read  
2263 Stale reference to CRYPTO_set_id_callback in doc files; openssl 1.0.0  
2267 Thread-safety issue: build_SYS_str_reasons() calls strerror()  
2270 CVS HEAD: bugfix for BIO printf() code: floating point does not print + other wrongs in that code path  
2272 PATCH: add -compat_old option to c_rehash (vs. OpenSSL-1_0_0-stable)  
2274 SSL demo programs in openssl-1.0.0  
2277 CVS HEAD: evp/pvkfmt.c: caller-specified tiny key will b0rk do_PVK_body(); add sanity check a la i2b_PVK()  
2280 Bug in 1.0.0: X509_VERIFY_PARAM_new does not check malloc return value  
2281 Bug in 1.0.0: SSL_new() leaks s->param if s->method->ssl_new() fails  
2282 [PATCH] Add PVK to usage of rsa and dsa commands  
2285 [patch] use winsock2.h  
2286 ElGamel over ECC  
2287 A bug of PKCS8?  
2288 [PATCH] Support optional caching of the certificate chain when using external session caching  
2289 [PATCH 1/3] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it properly  
2290 [PATCH 2/3] apps/speed: fix digest speed measurement and add hmac-sha1 test  
2291 [PATCH 3/3] engine/padlock: implement sha1/sha224/sha256 acceleration  
2294 OpenSSL report: bug: doc.: openssl page doesn't list pkcs8 command  
2298 Build failure on WinCE platform openssl-1.0.0 & 1.0.0a  
2299 [PATCH] Null cipher support PSK/PKI for 1.0.0  
2300 BUG REPORT: md2(3)/md5(3) man page HISTORY section inconsistency  
2301 Re: Slow crypto initialization.  
2303 BUG: rc5_skey.c:122: error: unsupported inline asm while trying to compile with llvm-2.7  
2304 BUG: RSA_generate_key_ex not documented  
2308 safestack.h not declared extern "C"  
2310 OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability  
2311 [PATCH] Fix spelling of preceding/preceded in doc/ssleay.txt, doc/apps/x509v3_config.pod & doc/crypto/ASN1_generate_nconf.pod  
2317 Whitespace bug in ./config for Openssl 1.0.0a (OS X 10.6.4)  
2318 [PATCH] Fix hurd-x86 target  
2320 enhancement request  
2324 convert c_rehash from perl to POSIX shell  
2325 memory corruption after libssl is unloaded from memory  
2330 [BUG] lack of debug-mingw build target. just mingw and ming64.  
2331 Compilation failure on MSYS for MinGW  
2336 SKM_ASN1_SET_OF_d2i macro is broken  
2337 [PATCH] Openssl asm BN/AES/SHA1 acceleration for SH4 and MIPS32  
2339 NULL pointer deference in 0.9.8o fips_rsa_sign() error handling code  
2342 CHM version of openssl doc  
2348 OpenSSL doesn't work with Linksys WRT54G  
2349 build problems with 1.0.0a windows 64 bit AMD  
2352 PATCH: Add new extended key usage ipsecIKE  
2354 [PATCH] Increase Default RSA Key Size to 2048-bits  
2355 Support for SHA2 ciphersuite in TLS  
2357 openssl-1.0.0a -- PATCH for 'make -n install'  
2362 Bug report  
2363 bug: memory allocated by DH_new() may never be free()ed  
2364 [patch] add proper dependencies to fix parallel build  
2369 mail/rfc822Mailbox should be encoded as IA5String, not DirectoryString  
2378 Bug report: interoperability problem  
2379 Bug: bio_set_accept_port does not accept * as a port  
2383 OpenSSL line break bugs  
2384 [PATCH] no-hw Install Fail  
2386 Bug Report and Patch: Incompatible types in SKM_ASN1_SET_OF_d2i  
2387 [PATCH] wrong handling of CAfile/CApath in s_client  
2388 out-of-date comment for renegotiation handling  
2389 [PATCH] Supporting the -md and -sigopt options in OCSP utility  
2391 [PATCH] Clarify usage text for "x509" and "req" commands regarding supported signing digests  
2392 Haiku patch for openssl-1.0.0c  
2396 TLS_DEBUG output points to wrong struct  
2398 [PATCH] gost code cleanup  
2400 [Bug Report and Patch] Missing initialization in ASN1_STRING_to_UTF8  
2401 PATCH: Spelling corrections in FAQ  
2402 PATCH: config and Configure for Xcode Awareness  
2403 Possible Documentation Issue (FIPS User's Guide)  
2405 AIX 5.3 ./config hangs forever  
2406 Argument type warning on i2d_ASN1_SET  
2414 [critical bug]openssl1.0.0c coredump, if compile option "shared" is enabled  
2415 [possible bugs]insignificant bugs in md_rand.c?  
2419 1.0.0c build on Intel Core i3 ignores my "--prefix=" option, installs in /usr. How to fix?  
2420 patch enabling OpenSSL to be built with LSB compilers  
2421 [PATCH] Fix function signature of SSL_set_tmp_dh_callback in man page  
2422 Re: What is the REALLY proper way to use an ENGINE?  
2424 [BUG] documentation inconsistency (no_type vs. ignore_type)  
2426 [PATCH] fix Borland C++ 5.5 compilation  
2427 [PATCH] fix Borland C++ 5.5 redefine  
2428 [PATCH] fix Borland C++ 5.5 compilation /2  
2429 [PATCH] fix Borland C++ 5.5 compilation /3  
2430 PATCH - ca.pod typo fixes  
2431 Member of Te4 in aes_core.c needs to be cast to u32 before being shifted  
2433 Const char * parameter of ASN1_STRING_set_default_mask_asc  
2436 pkcs12 enhancement and a correction to the doc of x509  
2437 [PATCH] config on aix assumes cc is not gcc, can cause build to fail  
2439 bug report: memory leak  
2441 Memory leak on OpenSSL 0.9.7f 22 Mar 2005  
2445 openssl-1.0.0c loses base64 data if newline missing  
2447 possible weakness, encryption password truncation (FreeBSD 8.0; OpenSSL 0.9.8n)  
2448 [1.0.0d] Typo in source files  
2450 bug report: open ssl configuration problem with "no-idea"  
2451 [PATCH] Enhancement: Telnet START_TLS in s_client  
2452 error at make test  
2454 enable engine key for dsa command  
2455 print dsa pubin/pubout options  
2460 OCSP server uses only IP6  
2461 Windows: Crypto DllMain() invokes getenv() CRT function  
2465 [PATCH] Silence compiler warnings in RFC 3779 code  
2467 undefined reference to `main'  
2472 req command silently ignores digest specifier when using EC signatures (0.9.8 only)  
2473 openssl-0.9.8i : How generate Import libraries for the export symbols in shared libraray  
2474 PATCH to provide cmd.exe (native) MinGW complication support against openssl-1.0.0d  
2475 PATCH to provide cmd.exe (native) MinGW64 complication support against openssl-1.0.0d  
2476 [PATCH] Underinitialized array ssl_cipher_methods: 1.0.0d-1.0.1-stable-SNAP-20110321: All platforms.  
2477 openssl-1.0.0d build ... make test fail  
2478 ./config shared no-rc2 no-rc4 no-des no-ssl2 ... make test fail  
2479 Fix for runtime exception when linking against win64a static libraries  
2481 Full-duplex SSL/TLS renegotiation failure (reproducible 100% of the time)  
2483 X509 conversions  
2485 Heap walking in RAND_poll causes deadlock in process on Windows Server 2008 R2 (x64) that uses libCurl, OpenSSL and ADO  
2486 OpenSSL script error  
2487 Possible bug  
2488 Fwd: [PATCHv2] Crypto: Eliminate the unneccesary sk_PKCS7_RECIP_INFO_value call  
2489 [PATCH] Crypto: Eliminate the unneccesary "sig" variable usage  
2490 [PATCH] Crypto: Eliminate the unneccesary "tmp_bn" variable usage  
2491 [PATCH] Crypto: Eliminate the unneccesary "vv" variable usage  
2492 [PATCH] Crypto: Eliminate the unneccesary null check  
2493 [PATCH] Engines: Eliminate the unneccesary null check  
2494 [SEC FIX]: Add premaster cleaning for GOST ciphersuites: All platforms, 1.0.0d  
2496 [PATCH] Fix compile problems when various ciphers are disabled  
2498 [PATCH] iOS Support  
2500 [bug-report] Configure with shared option on BSD systems  
2501 Inquiry re possible Itanium issue in 0.9.7m  
2503 openssl-1.0.0d build bug ? i686 build does not define AES_unwrap_key and other symbols on x86_64  
2507 [patch] fix typo in alpha mont asm code  
2508 rt website hits cookie error for me  
2509 BUG/ENHANCEMENT: ciphers(1ssl) doesn't list some algos (or their selection is not possible at all)  
2510 [PATCH] Bad time value when issuing openssl x509 -text -in  
2511 OpenSSL.org HTTPS version is broken  
2512 [PATCH] Fix for BIO_new_accept()  
2513 [PATCH] fix spelling error s/paramter/parameter/  
2514 Patch to tsget command in openssl-1.0.0d  
2515 patch - add new aes xts modes to lookup table  
2516 [PATCH] Infinite loop in apps/req.c if batch mode  
2517 [PATCHES] - Misc misspellings, source and docs  
2518 [PATCHES] - pod2man Errors  
2520 Bug Report  
2521 Enhancement Request  
2523 Patch to use standard RFC 5054 constants and behavior for TLS-SRP (OpenSSL 1.0.1)  
2525 [PATCH] Enhancement: Output Format for req Keys  
2528 setup_engine curious return value  
2530 crypto/dsa/dsa_gen.c::dsa_builtin_paramgen has potential uninitialized seed  
2531 small memory leak in t1_lib  
2532 [PATCH] Fix insufficient privilege checking  
2534 Hardcoded MIN_LEN prevents using VALID passphrase from stdin  
2536 Memory leak in d2i_RSA_PUBKEY() (concise test code included)  
2537 potential use of uninitialized variable in x509_lu.c  
2538 Code error - bad condition in s3_srvr.c  
2539 bug: OpenSSL 1.0.0d - unexpected DTLS handshake retransmits  
2544 Issues with EVP_VerifyFinal  
2545 Openssl-1.0.0d fails to install on MacBook Air  
2546 [bug report] openssl-1.0.0d, "ecparam" command got error when after first run.  
2547 [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl genrsa creates world readable private key files  
2552 PATCH: add ability to print root certificate 'issuer' field when using openssl verify  
2554 Patch: AF_ALG dynamic engine for linux >= 2.6.38  
2558 [patch] make windres controllable via build env var settings  
2560 missing NULL pointer check in ocsp_req_find_signer  
2561 Memory leak with SSL built-in compressions  
2563 PATCH: Improve PRNG seed algorithm for VOS  
2564 PKCS7_cert_from_signer_info Enhancement Request  
2565 More tolerant detection of XMPP starttls sequence  
2567 Typo in pkeyutl  
2569 [PATCH] EC_POINT_invert checks wrong function pointer  
2570 Timing related bug in openssl pkcs  
2572 Correct help output in openssl cms  
2574 [PATCH] ECC point coordinate blinding  
2575 [PATCH] remove redundant check in tls code  
2578 s_client bind ip  
2579 Segfault for CMAC  
2580 RE: Missing MD commands in app/openssl help  
2583 confusing output on windows build in openssl1.0.0d  
2584 ssltest -test_cipherlist bug incorrectly skipping ciphers  
2585 Diffie  
2590 change commonName entry for default openssl config file  
2591 bug report : cryptlib.c : within CRYPTO_thread_id() use pthread_self() instead of getpid()  
2593 [PATCH] 1.0.1-STABLE build fails on VMS  
2595 Capitalize X509 subject key STREET according to rfc1779  
2596 report possible bug in 1.0.0e install.  
2597 bug report (pkcs12.c)  
2598 GOST engine memory problems  
2599 Support for SHA256 and other MDs in X509 SubjectKeyIdentifier - PATCH  
2600 Inconsistent end of lines  
2601 Support for use of sha256 for certificate comparisons - PATCH  
2604 bug report : openssl 0.9.8r  
2605 Directly Create Public Key File from Cert - PATCH  
2607 openssl compilation with clang crashes  
2608 bug report: segfault from base64 decoding  
2609 Bug report: req man page example mistake  
2610 Bug(?): both the "!SSLv3" and the "!TLSv1" cipher strings seem to mutually delete the ciphersuites from the other set as well  
2611 [PATCH] Support of TLSv1 in s_time  
2612 Segfault protection in X509v3 extension API - PATCH  
2615 BIO_flush segmentation fault with SSL BIO  
2616 Missing initialization in the CHIL engine  
2617 pkeyutl fails depending on order of options - PATCH  
2618 PATCH - Wrong exit code for pkeyutl -verify  
2621 (bug report) Core in OpenSSL library while doing LDAP SSL Bind and UnBind  
2622 Buffer overflow using UI_add_input_string  
2623 documentation update  
2626 ENHANCEMENT: please update default_bits to 2048 in default openssl.cnf  
2629 finalize MD2 removal  
2630 Segmentation-fault in ssleay_rand_bytes() after generating a large (INT_MAX) random buffer  
2631 Incompatibility with iOS 5 ?  
2634 Fail to verify server with a trusted CA root in the middle of the chain  
2637 Missing documentation for -no_ign_eof option  
2638 s_client -servername BLAH not honoured with -starttls xmpp  
2640 [PATCH] support xmpp servers in starttls  
2641 Move the libraries needed for static linking to Libs.private  
2642 Bug Report: s_client uses forged/blacklisted EHLO hostname in smtp  
2643 Possible bug in 1.0.0e - make fails when using "no-ecdh" config option  
2644 bug report  
2645 [patch] fix up lib handling in pkg-config files  
2649 'make' or 'make install' failed when in another Makefile  
2650 major ssl read/ write performance improvement - updated  
2651 [PATCH] s_client, proxy support  
2654 [PATCH] support LDFLAGS in Makefiles  
2659 Problem with DH Exchange with the Oakley Groups (RFC 2412)  
2660 Makefile error when list of links is empty  
2662 NPN patch breaks DTLS Finished exchange  
2664 config does not allow disabling npn  
2665 s_client support for starttls ldap  
2666 Enhancement request/Bug request (bit of both)  
2667 Add -starttls irc support to s_client  
2668 Compilation failure with IPV6 : patch  
2670 [BUG] OpenSSL 1.0.1 beta 1 released (on VMS FAILED)  
2674 [PATCH] Fix compilation on GNU/Hurd and GNU/kFreeBSD  
2676 1.0.1-beta1 issue: RSA exponent 1 is NOT ok  
2678 1.0.1-beta1 issue: Misleading text in documentation of ecdsa  
2679 1.0.1-beta1 issue: Wrong Error Message for short RSA-key  
2680 1.0.1-beta1 issue: Public EC key is shown as private with -text option  
2684 [PATCH] pod2html build fix  
2686 Manpage for verify(lssl) does not contain key -CRLfile  
2688 OpenSSL 1.0.1 beta 2 report on Cygwin 1.5.25  
2689 Sparc Assembler warning: backport cn=22016 to 1.0.1.  
2690 Use of uninitialized value $output in asm/md5-x86_64.pl line 115.  
2691 [Bug] gost89_get_asn1_parameters fails  
2692 [OpenSSL 1.0.1 beta 2] SHLIB_VERSION_NUMBER  
2693 [OpenSSL 1.0.1 beta 2] crypto/ec/ec_key.c - double header inclusion  
2694 [OpenSSL 1.0.1 beta 2] crypto/ts/ts.h - double header inclusion  
2695 [OpenSSL 1.0.1 beta 2] engines/e_aep.c - double header inclusion  
2697 documentation for SSL_CTX_set_tlsext_ticket_key_cb  
2699 openssl dgst -sha1 -verify ... sais verification failure whet it is ok in a concrete set of data  
2706 [PATCH] Added support for SHA2 functions in e_capi.c  
2708 1.0.1beta2 fipsdir is changed incorrectly in util/mk1mf.pl  
2712 Be more liberal when trying to recognize the XMPP starttls headers  
2721 openssl freebsd 8.2 install, compile error  
2722 ssleay_rand_add and ssleay_rand_bytes donot work stably in low resource environment  
2723 [Patch] Fix NULL pointer dereference in EVP_DigestInit_ex with NULL type  
2724 [Patch] Openssl 1.0.1 beta2 - srtp.h defines SSL_get_selected_srtp_profile() twice  
2725 [Patch] Openssl 1.0.1 beta2 - ec_key.c - EC_KEY_generate_key() overwrites user-defined private key  
2726 the linker complain about undefined symbols  
2729 Openssl exe is taking the CR as part of input (password) when we run the exe from a java/C++/command line and press "enter" key from command line  
2731 Bug in OpenSSL 1.0.0g  
2740 infinite loop in nonblocking SSL_shutdown() upon permanent error  
2741 [PATCH] 1.0.1-beta3 fails to build on Windows if --with-fipsdir is used  
2752 objects.txt - update of extended key usage  
2753 Patch: let application explicitly seed RNG on Unix  
2754 Ugly interaction of (openssl x509)'s option -x509toreq with -outform/-text/-noout  
2758 Bug in use of CRYPTO_ex_data  
2759 SSL_read / SSL_ERROR_WANT_READ / ENOTCONN infinite loop  
2766 TLS 1.2 Compliance - IDEA cipher not disabled  
2767 test/testssl script does not exercise TLS 1.2  
2770 openssl cryptodev fixes  
2772 Bug w/ patch: OpenSSL 1.0.1 rejects empty NewSessionTicket  
2773 Openssl Query  
2774 OpenSSL 1.0.1 doesn't compile when configured with "no-tls1"  
2777 OpenSSL 1.0.1 TLS Version Handling Errors  
2779 OpenSSL 1.0.1 doesn't compile with NO_STDIO/NO_FP_API  
2785 Bug RSA x509 key doesn't get generated  
2787 [PATCH] enc: compress before compress/base64 is applied  
2788 Problems with OpenSSL "no-tlsext" option  
2799 [PATCH] Elliptic Curve Library documentation  
2800 [PATCH] Add Camellia SHA256 ciphersuites from RFC5932  
2801 Lost alert if client receives bad hello in dtls1_read_bytes  
2808 [PATCH] DTLS/SCTP Finished Auth Bug  
2809 [PATCH] DTLS/SCTP struct authchunks Bug  
2812 BUG: infinite loop when using s_client's xmpp starttls operation  
2814 Bug Report: Cannot compile OpenSSL 1.0.1c with EC  
2815 Windows build with Cygwin perl redirecting output incorrectly  
2818 [patch] Cipher list TLSv1.2 as token; ciphers(1) update  
2819 [patch] Cipher list TLSv1.2 as token; ciphers(1) update  
2820 man pages case (in)sensitivity  
2823 Bug: FTBFS compiling openssl 1.01c with musl libc  
2824 Bug ? - Not Thread-safety for SSL Key usage im requests ?  
2829 OpenSSL port in FreeBSD: DTLS networking problem  
2831 patches for openssl 1.0.1c digest stuff  
2832 Code Cleanup: FULL_UNROLL is unused?  
2833 BIO_CTRL_DGRAM_QUERY_MTU handling is wrong due to bad getsockopt() use  
2839 [PATCH] Support DTLS compatibility with DTLS1_BAD_VER client  
2840 [PATCH] Restore alg_section to 1.0.1c  
2842 [PATCH] trivial: drop spurious end-of-comment token  
2843 [PATCH] trivial: drop another spurious end-of-comment  
2845 Impact on OpenSSL 0.9.8h from upcoming Microsoft patch  
2846 [PATCH 1/4] Remove unfinished/unused code with memory leaks (to silence static analyzer)  
2847 [PATCH 2/4] Don't "check" uninitialized memory  
2848 [PATCH 3/4] Drop auth null check since we've already dereferenced it earlier  
2849 [PATCH 4/4] Drop redundant (since we deref'd it 12 lines earlier) null check  
2851 cms command - Request to handle S/MIME v3.2 mail  
2852 Bug Report, open-ssl-1.0.1c, Ubuntu 11.04, 64-bit, gcc 4.4.5  
2853 Documentation is not sufficient  
2855 [PATCH] Fix forward loops in Squid 3.2  
2856 cryptlib.c: dynlock destroy call during (un)locking  
2857 ssleay32's buffer check bug ?  
2860 [PATCH 0/4] Improve XMPP protocol support for starttls on s_client  
2861 [patch] Improve ability to specity req subjectAltName from the command-line  
2864 ASN1_STRING_to_UTF8: fix uninitialized memory read  
2865 Shared build broken in 1.0.1c  
2867 des_ede3_cfb1_cipher(): output cropping  
2868 [patch] CA - change order of gencrl and revoke  
2869 [PATCH] DTLS Mobility support  
2870 OpenSSL 0.9.8o 01 Jun 2010 configuration file dir bug  
2871 bug report  
2872 Bug Report  
2873 [Bug] -noemailDN only affects Subject DN  
2876 SSL reports Too many open files  
2877 openssl rand does not check write(2) return code  
2878 [PATCH] s_client -fd  
2880 Modification of the capi engine to support loading key from CERT_SYSTEM_STORE_LOCAL_MACHINE  
2881 [BUG][PATCH] TLS 1 & 1.1 client ciphersuites incorrectly truncated  
2882 [Urgent] OpenSSL"ASN1 Bio vulnerability" - Information Request  
2883 bugs in crypto/asn1/tasn_new.c and crypto/srp/srp_vfy.c  
2885 SSL_accept segfault  
2886 openssl cms cmsout serial number output format  
2887 [PATCH] decode more message/content types in apps  
2889 safestack macros fail for C++ compilers that care about extern "C" function types  
2890 ERR_string_error passes wrong buffer size  
2891 deadlock in X509_PUBKEY_get without recursive mutexes  
2892 [BUG]Cannot make openssl-1.0.2-stable-SNAP-20121003  
2893 [BUG]Cannot make openssl-1.0.2-stable-SNAP-20121003  
2894 [Bug] openssl crl -nameopt has no effect  
2895 Sendmail v8.14.4 is not working with OpenSSL 0.9.8m onwards on AIX  
2898 ERROR: Undefined symbol in setting openssl  
2899 bug in openssl tool: User Notice Explicit Text is not shown  
2901 no-rsa build bug in 1.0.1c  
2902 [PATCH] add strings for SSL state related to Next Protocol Negotiation  
2903 [PATCH] add strings for SSL state related to Next Protocol Negotiation  
2905 Double locking bug added in openssl-1.0.0h crypto/asn1/x_pubkey.c  
2906 enhancement: test suite won't work when parent directories have spaces  
2911 enhancement request: Windows RT support  
2912 Error in SSLv23 connection to some servers  
2913 Incorrect salt length indication for RSA-PSS signatures  
2914 Crash in x_name.c on out of memory  
2916 EAP-TLS error: RSA_padding_check_PKCS1_type_1:block type is not 01  
2917 [PATCH] dsa: fix return code when -noout is used  
2918 [PATCH] Testcase for GOST R 34.11-94 (openssl/engines/ccgost/gosthash.c)  
2919 [Bug] Incorrect return code and printing of modulus in dsa module  
2920 Problems building openssl-1.0.1c on 64bit PA-RISC HPUX  
2921 documentation: SSL_CTX_set_verify_options() does not exist  
2922 documentation: SSL_CTX_set_verify() default depth is 100 not 9  
2923 X509_cmp() introduces unnecessary dependency on SHA1  
2924 X509_verify_cert() fails unsafe if check_issued() fails  
2925 RSASSA-PSS trailer field and salt length representation  
2926 Patch for DJGPP (head)  
2927 Domain names that exceed 61 characters  
2928 openSSL 1.0.1c serious bug in Win32 makefiles, easy to fix: linker binary variable name LINK collides with buildsystem variable LINK . please rename  
2931 Bad output of -purpose with the x509 command  
2932 smime cmdline utility ignores errors  
2933 [Bug] Days wrong if -enddate is passed to openssl ca  
2934 A set of fixes for non-working hardware RNG set as default  
2936 Properly set default trusted CA paths if -CAfile and -CApath not used  
2938 [PATCH] Severe resource leak in tls_P_hash() (v1.0.1 and up)  
2939 Re: [FIX] 1.0.0d: All platforms: GOST server MUST check correctness of shared UKM  
2940 [Patch] Extend/correct documentation for SSL_CIPHER_get_description(), SSL_CIPHER_get_version(), SSL_get_version()  
2941 Memory leaks in ca.c  
2942 threads(3) gives wrong signature for CRYPTO_set_dynlock_create_callback()  
2943 Bug Report: openssl enc -bf silently ignores key data after the first 128 bits  
2944 PVS-Studio and OpenSSL  
2945 bug: linking static OpenSSL 1.0.1c on EL6 seems to cause breakage  
2946 Enhancement request: inquiry about the date of releasing of 1.0.1d  
2947 leap year date handling  
2949 OpenSSL bug  
2950 [PATCH] Fix speed.c to show human readable output  
2951 [PATCH] Fix speed.c to fork N threads  
2953 s_server to show connection duration and transfer speed  
2956 incomplete archive  
2957 genpkey for DH key generation does not honor recommended private length  
2959 Trivial Bug - Typo in apps/apps.h  
2960 protocol bug in s2_pkt.c  
2961 [PATCH] Enhance DH Paramgen to allow setting of "recommended private key size"  
2962 [patch] openssl s_{client,server} improvements for Kerberos  
2964 OBJ_nid2obj() result value should be const  
2965 [PATCH] dgst: Prepend digest type when reading from stdin, too  
2966 OpenSsl Library crashed,  
2967 Minor Bug - Options Missing from Application Usage  
2968 Possible bug report  
2969 bug/enchancement request  
2970 Re: pkg/47521: security/openssl mastersites completion and communication with upstream -- contribution  
2973 patch for c_rehash to accept more filename extensions  
2976 openssl x509 is hardcoded to require CSR in PEM format  
2977 CVS still mentioned on openssl.org pages  
2980 bug report: s_time slow with -www and -reuse  
2982 Security Advisory as of 2013-02-05  
2983 type errors in different configurations of openssl??  
2985 Infinite loop in openssl.cfg configuration file parser  
2986 aix building of openssl-1.0.1e  
2987 "openssl speed" bug with the -multi option on multi-core/processor environments  
2990 Bug Report:openssl timezone issue  
2995 [PATCH] - Added ability to set the iteration count for the enc function of the openssl commandline tool.  
2997 Problems with build because of compiler warnings, etc.  
2998 Linking libgost.so  
2999 Incomplete fix to remove SSL3_RECORD->orig_len  
3006 [PATCH] Remove duplicated code in speed.c  
3007 BUG: OpenSSL 1.0.1e VC-WIN64A build fails when configured with 'no-ec'  
3008 Possible bug when using DTLS with a BIO pair  
3009 test failure, x64 openssl 1.0.1.e on OS X  
3010 [BUG] Dynamic engine error handling crash  
3011 [DOC] Correct bug report address  
3012 bug report - excess free  
3013 Sending SCSV when TLS extensions are disabled  
3015 Bug with encoding / decoding Implicitly tagged, Optional GENERAL_NAMEs??  
3016 openssl ts fix  
3017 [PATCH] Added missing documentation and usage help on -CRLfile  
3018 Superfluous and crash prone code in apps/x509.c  
3019 [PATCH] avoid null pointer dereference in ubsec_dh_generate_key()  
3023 [Patch] Remove redundant logical expressions  
3024 Segfault with 'openssl enc' when using aes-cbc-hmac-sha1  
3027 man page -starttls incomplete  
3028 PEM_X509_INFO_read_bio() fails to process RSA private key if in initial position (regression in OpenSSL 1.0.0 and later)  
3031 [PATCH] Undef X509_NAME also in x509v3.h like x509.h  
3032 Possible openssl bug - EVP_CIPHER_CTX_iv_length dont report correct value after EVP_CTRL_GCM_SET_IVLEN  
3033 Bug Report: Make Error: can't encode register '%ch' in an instruction requiring REX prefix.  
3034 BUG REPORT: core dump when ssl renegociation  
3035 Patch to properly detect and default to 64bit on OSX  
3037 [PATCH] so 1.0.1e will build with "no-tlsext" option specified  
3039 Can't Compile openssl-fips-1.1.2: collect2: ld returned 1 exit status  
3040 [openssl-1.0.1e] MinGW compilation - Perl invocation failure - Perlbin/perl.exe: No such file or directory  
3044 Receiving Error "Invalid Server SSL Protocol (error:140A90F1:SSL routines:SSL_CTX_new:unable to load ssl2 md5 routines)"  
3045 bug report: AES XTS fails for data unit size > 4KB  
3046 bug report, openssl 1.0.1e sha1 hash generation  
3047 What bugs are fixed in OpenSSL-1.0.1e  
3048 [Bug] openssl-1.0.1e-fips-2.0.3 Illegal instruction  
3049 c_rehash skips PEM files with windows line feeds  
3050 x509 PEM certificate input parsing bug  
3053 [PATCH] Check for null pointer in cms envelopedData  
3055 '-md' not documented for enc(1)  
3056 Add secure DSA nonce flag.  
3057 [PATCH] Fix POD errors with pod2man from Perl 5.18.  
3058 support for intel compiler on Windows  
3060 [PATCH] empty_record_limit  
3061 [PATCH] dsa_crash  
3062 [PATCH] asm_volatile  
3063 [PATCH] exp_zero_mod_one  
3064 [PATCH] small_prime_generation  
3066 [PATCH] constant_time_rsa_padding  
3067 [PATCH] premaster_constant_time  
3068 [PATCH] Safari broken ECDHE-ECDSA workaround  
3069 An enhancement to EC key generation to enable compact point representation  
3070 Bug Report  
3071 [PATCH] Documentation updates from the wiki  
3072 Strange behaviour when talking to microsoft exchange  
3076 openssl 1.0.1e outdated manuals  
3077 rbuf_freelist and wbuf_freelist corrupted.  
3078 Makefile: install rule builds components  
3079 FIPS Capable 1.0.1e with no-shared and -no-comp fails to compile  
3081 openssl-fips-2.0.N  
3082 [PATCH] Filter listed protocols from help options based on compile settings  
3083 [PATCH] Adds sanity checking to malloc()/calloc()/alloca() calls in OpenSSL 1.0.1c  
3084 openssl-1.0.1e: Configure lacks disable of SSLV2 and Compression by default  
3085 config on *nix does not reject incorrect arguments  
3086 Re: OpenSSL  
3088 openssl crl - verify a CRL signature  
3091 ms\ntdll.mak bug  
3092 BUG: Verify return code: 20 (unable to get local issuer certificate) with openssl 1.0.1  
3096 OpenSSL 1.0.1e: valgrind errors with -DPURIFY set  
3098 Enhancement - Validation of country code  
3099 bug report  
3100 [patch] remove some useless code in BN_uadd  
3105 [PATCH] config matches OUT with full os/compiler line  
3107 Bug Report with Patch 1.0.1c/e (Typo in apps/ocsp.c line 1412)  
3108 bss_dgram.c does not honor OPENSSL_NO_SOCK  
3109 [openssl.org #3041[PATCH] DTLS message_sequence number wrong in rehandshake ServerHello  
3111 bug report: ERR garbage data  
3112 OpenSSL Documentation Bugs  
3114 Bug report: Spelling error in apps/ocsp.c  
3115 s3_srvr.c out-of-bound dereference (minor bug)  
3118 [webpage] wrong documentation  
3119 bug (minor) & suggestion for a fix  
3121 Request concerning revoke system for openSSL  
3123 [openssl.org ##2823] Bug: FTBFS compiling openssl 1.01c with musl libc  
3124 potential bug in ssl/s3_cbc.c  
3127 Bug Report: deadlock in openssl 1.0.1e when using FIPS 2.0.1  
3131 [PATCH] Added -signerhash flag to sign files with cades extensions.  
3132 Query related to d2i_X509 and X509_free  
3133 minor make install improvement for Windows/Visual Studio in ms\nt.mak  
3134 [PATCH] A cipher string permanently disabling the last non-disabled cipher fails  
3135 Not all items displayed by list-cipher-commands are in OBJ_sn2nid()  
3136 [PATCH] get rid of extra space when printing -subject and -issuer in x509  
3137 The behavior of CRYPTO_set_mem_functions() in FIPS mode  
3138 80-bit Elliptic Curves with !MEDIUM !LOW !EXP cipher list  
3140  
3141 [PATCH]  
3142 Remove extraneous initialization from state_machine.c  
3143 ENGINE_load_rdrand sane failure code  
3144 Please, I need a command "isrevoked" in the Latest openssl 1.0 version  
3145 openssl auto install to /usr/local/lib64  
3146 [PATCH 1/2] POD: Fix item numbering  
3147 [PATCH 2/2] POD: Fix list termination  
3153 [bug report] native issetugid function not used under Solaris  
3154 [PATCH] Document argument-handling of SSL_CTX_add_extra_chain_cert  
3155 Bug report: S/MIME base64 decoding fails on files that have 76 base64 characters per line  
3156 [PATCH] fix documentation for SSL_CTX_set_tmp_dh_callback and friends  
3157 PATCH Win32/64 openssl 1.0.1e fixes  
3158 [bug] bad output for 'openssl ciphers -ssl2' built with 'no-ssl2'  
3159 [Bug with PATCH] Null pointer dereference in ssleay_rand_bytes() and etc.  
3161 [PATCH 2/2] Avoid deprecated defined(@array) in mkerr.pl  
3163 [PATCH] DSTU-4145-2002 engine implementation  
3164 [PATCH] require DH group of 1024 bits  
3166 RE: Possible bug/leak in OpenSSL ssl/bio_ssl.c:ssl_ctrl(BIO_CTRL_POP)  
3167 openssl pkcs8 does not convert from PKCS8 to "traditional format private key"  
3168 PKCS12 bug when using same file for export password and key passphrase  
3169 [PATCH] Additional "chain_cert" functions for 1.0.2-dev  
3170 Patch: FAQ refers to a nonexistent web page  
3171 integer undefined behaviors  
3172 Duplicated entry in ssl_option_single  
3173 Typo in doc/crypto/BIO_push.pod  
3174 Redundant check for non-zero type parameter in ssl3_read_bytes  
3175 [PATCH]  
3176 Locking problem in fips_drgb_rand.c  
3177 [patch] Error in documentation of SSL_set_msg_callback  
3178 TLS status_request possibly not honored when SSL_set_SSL_CTX is called later on  
3180 Brainpool Elliptic Curves in OpenSSL version 1.0.2 - Re: #2239: [PATCH] RFC 5639 support  
3181 [PATCH] OCB  
3183 SSL_set_SSL_CTX() should apply more settings from the SSL_CTX being switched to  
3184 Update documentation of SSLv23_method()  
3185 Patch to add -tls switch to s_client  
3186 Problem in configuring SSL in OPENLDAP  
3187 openssl rand -hex 4294967297 generates only 1 byte (2 hex digits)  
3190 Patch to add -tls switch to s_server  
3191 [BUG] OpenSSL-1.0.2 segfaulting on sha1_block_data_order asm  
3192 [PATCH] Fix spurious error in DSA verification failure  
3193 [typo] SSL_CTX_set_info_callback  
3194 [PATCH] Provide asn1parse with capability to show raw OIDs  
3196 Default CRYPTO_THREADID for Mac OS X with Posix Threads  
3197 Patch for config and darwin64 on Mac OS X  
3198 [PATCH] Fix missing NULL pointer checks and memory leaks in crypto/asn1 files  
3204 J-PAKE test fails  
3205 [PATCH] Bring TLS Extension Support Up To Date w/RFCs (ALPN, RFC6961, RFC6962)  
3206 Bug: EVP_PBE_alg_add() registers PBEs with incorrect cipher NIDs  
3208 Planned removal of SSL_OP_MSIE_SSLV2_RSA_PADDING breaks dependent software  
3209 Web man page for OPENSSL_VERSION_NUMBER claims it has 9 hex digits.  
3210 typo in SSL_CTX_use_serverinfo.pod  
3211 typo in SSL_CONF_cmd.pod  
3212 smime verification failure  
3215 [bug report] SSLv23 connection fails but SSLv3 works  
3216 Invalid shell syntax "==" in test/testssl (only 0.9.8 and 1.0.0)  
3218 Typo in .../demos/cms_dec.c  
3219 OpenSSL - AES in SSLv3.  
3222 [PATCH] asn1,evp: Add delete functions for app methods  
3223 Cipher DHE-DSS-DES-CBC3-SHA does not exists  
3225 make 'failure'  
3226 [PATCH] crypto/srp/srp_lib.c: add/correct some error handling  
3227 Deadlock in OpenSSL 1.0.1e.  
3228 Bug report: openssl 1.0.1f build fails with "make: invalid option"  
3230 Deficiency in the Perl script openssl/crypto/objects/objects.pl  
3232 [PATCH] Makefile.org: Fix usage of CC=gcc -m32  
3233 'make depend' emits warnings on OSX wth 1.0.1f  
3236 support for DNSSEC in openssl  
3239 PATCH: formatting errors in NAME lines of two manual pages  
3240 [PATCH] Efficient 1024-bit and 2048-bit modular exponentiation for AVX512 capable x86_64 processors  
3243 BUG: 1.0.1f Cannot Build Non-FIPS Shared Libraries  
3244 ssl/s3_srvr.c: 2 * reading wrong memory  
3245 [PATCH] Correct a typo in man page  
3246 CSR version is not printed properly  
3249 Bug report: cms_sd_set_version  
3254 PATCH adding option for pbkdf2 and iteration count to the enc command - 1.0.1f  
3255 PATCH adding option for pbkdf2 and iteration count to the enc command - 1.0.0.l  
3256 [PATCH] RSA512+SHA512 incompatibility results in errors  
3257 [RFE] automatically choose signature hash strength according to key size when generating certificates  
3258 [RFE] Enable large Discrete Logarithm Diffie-Hellman groups  
3259 [RFE] Rework cipher suite sorting  
3260 Several issues with hash algorithm selection in cipher suites  
3263 BUG: loading a config file from a drive with no media results in exit(1)  
3267 bug report - Possible to get "SRP-RSA-AES-256-CBC-SHA" as output from SSL_get_ciphers even once filtered using SSL_CTX_set_cipher_list  
3268 some CHANGES spelling fixes  
3272 [PATCH] Correct copy for AES gcm cipher  
3274 Quoting problem in v1.0.1f  
3276 Possible Bug/Opportunity for Improvement when loading ECDSA Key/Cert (Feature Request?)  
3277 OpenSSL s_client doc missing option  
3278 Patch: Memory leak in p12_kiss.c in int parse_bag(PKCS12_SAFEBAG *bag  
3280 [PATCH] avoid perl deprecation warnings when updating error codes  
3283 [PATCH] Fix mistake in ERR_get_error(3) referencing non-existent ERR_get_last_error_line_data  
3284 Patch submission: typo fix  
3285 [PATCH] "openssl ts -reply" can specify message digest algorithm for signing  
3286 DTLS client crash while clearing (freeing) the dtls1_buffer_record queue (buffered_app_data)  
3288 openssl 1.1 - X509_check_host is wrong and insufficient  
3289 base64 BIO decoding bug - patch supplied + examples  
3291 Patch/enhancement to CA.pl script  
3293 Documentation for PKCS5_PBKDF2_HMAC  
3294 [PATCH] Documentation for PKCS5_PBKDF2_HMAC  
3295 UNKWN can be returned for SSL_state_string when in some SSL23 states  
3296 make report  
3297 XXX_process_heartbeat() not checking return value of OPENSSL_malloc()  
3298 URGENT: "Heartbleed" bug  
3299 Allow setting custom cipher strings in the openssl config file.  
3300 Added the .include directive in openssl configuration file.  
3301 [PATCH] Silently discard too long heartbeat messages per RFC 6520  
3302 [PATCH] dtls1_reassemble_fragment: goto err fail  
3304 [PATCH] typo in SSL_get_peer_cert_chain docs  
3305 Cppcheck report  
3307 Return missed NULL-check in CMS_add0_cert back  
3310 Can't execute make command  
3311 [PATCH] Introduce GOST R 34.11-2012 hash function  
3312 OpenSSL :: crypto/mem.c without "memset()" calls?  
3313 [PATCH] Uninitialized pointer dereference in pkey_ctrl_gost()  
3315 Why does the linker complain about undefined symbols?  
3317 Patch: Avoid out-of-bounds write in SSL_get_shared_ciphers  
3318 memcmp vulnerable to remote timing attack  
3319 [Bug report & Patch] Fix TLS export keying material generation for TLS 1.2 version  
3320 Invalid large memory access in openssl due to a bug on the client side  
3321 NULL pointer dereference with SSL_MODE_RELEASE_BUFFERS flag  
3322 [PATCH] ccgost to use configured params for 28147-89 in CNT and IMIT mode  
3323 Fwd: Cert chain inconsistency between client and server  
3324 [PATCH] Remedy the coding style after heartbleed  
3325 Problem with client certification authorization  
3326 [PATCH] expose -elapsed option of speed and include missing man pages references.  
3327 [PATCH] dgram_sctp_ctrl: authkey memory leak  
3328 [PATCH] Support for GOST R 34.10-2012 digital signature algorithm  
474 [PATCH] Crypto Engine Support for Chrysalis-ITS  
519 Migrating from 0.9.6h  
527 openssl-0.9.7a under Solaris needs -lxnet -lnsl  
533 small OpenSSL  
551 [Fwd: Bug#186487: openssl: 'openssl ca' allows serial 00 which breaks the signed certificate]  
554 Fw: FreeBSD Problem  
561 bug report  
565 include error  
603 OpenSSL 0.9.7b dependency order problem with obj_mac.h ?  
607 make error  
640 bug: Makefile.ssl for do_srv3-shared and do_svr5-shared buggy  
641 Problem with include file !!!  
645 openssl make error  
657 v3_prn.c cosmetical bug/patch  
661 bug in x509_vfy.c  
668 [PATCH] Fall back to software if nCipher hardware fails  
670 -fPIC flag missing for asm/des_enc-sparc.  
673 PATCH: new --exec-prefix feature 0.9.7b ATTACHED  
675 Error 140890B2:SSL  
688 openssl+QNX6.2.1 - HELP PLEASE  
695 [PATCH] DSO: dlfcn support for MacOS X  
769 Demo updates  
776 Feature Request: static OpenSSL library project for CodeWarrior  
781 [PATCH] NetWare Support for OpenSSL 0.9.7  
832 ocsp and dsa key+socket option SO_REUSEADDR for responder  
835 Openssl 0.9.7c bug  
850 The INSTALL file says 'shared libs are experimental'. Is this still the case?  
857 Pocket PC (MIPS) missing IO fns  
859 openssl-0.9.7d compilation bug solaris9 kerberos  
861 [PATCH] add Interix configuration  
879 reverse buffer overflow in conf parser / ref. request 573  
881 i2d_RSAPrivateKey_fp() blows up  
883 Bug(fix): wrong MANDIR in Makefile.org  
892 openssl 0.9.4 make fails for me  
895 AEP engine breaks on Linux with pthreads  
961 typo in openssl.cnf  
977 openssl s_client not follow default CApath  
1021 about Window ce 5.0  
1063 [Fwd: Bug#150259: openssl: should return error on invalid command]  
1086 openssl-0.9.8-beta3 on ULTRIX 4.5 (cc)  
1133 compile error  
1191 [PATCH] Pre-Shared Key Ciphersuites for OpenSSL  
1207 [PATCH] SSL compression methods free function  
1212 chil engine no longer works with static locks in 0.9.8  
1233 Invalid makefile created on Win32 using mk1mf.pl  
1261 [PATCH] Binary S/MIME handling in openssl smime (0.9.8a)  
1272 Problem with config 64 bits AIX 5.2  
1334 [PATCH] Cross-compile for Windows from Linux  
1364 index.txt corruptions  
1365 PATCH: Adding IPv6 support to s_client and s_server  
1434 Bug report - link error when openssl-0.9.7l compiled with no-ssl2 flag  
1439 Bug Report - possibly mishandled system call?  
1455 inconsistant behaviour when using s_client with and without -pause option  
1461 Bug: EXPORT56 ciphers no longer exist  
1478 BUG: Compile error on AIX 4.3 with zlib and IBM C-Compiler  
1497 Issue: PKCS#12 export with empty password produces incorrect encoding of MacData in PFX object  
1500 0.9.8 bug report  
1502 openssl 0.9.8a crashes when we try to use SSL URL - embedded montavista linux  
1521 bug report  
1524 Bug with RSA cerficates/keys longer than 1024 bits  
1527 bug report - interop between TLS 1.1 and TLS 1.0 is not working  
1531 typo: 'rouines' should read 'routines' in all Copyright sections  
1533 0.9.8e memory alignment issue  
1559 bugreport to openssl 0.9.8d: engine padlock static-shared problem  
1565 [PATCH] New port for the iSeries (AS/400) for version 0.9.8e  
1572 Info required: OpenSSL 9.8.e  
1574 Session Ticket in OpenSSL 0.9.9 and EAP-FAST  
1580 [PATCH] add read through fp support for certificate loading  
1596 Re: wrong AKI in cert  
1611 [PATCH] NetWare platform OpenSSL 0.9.8g  
1635 openssl configure tries to force 64-bit mode in 32-bit chroot. (x86) fails to compile  
1668 [PATCH] Fix for engine cache logic reversal  
1672 QA bug - unreachable code ./apps/s_server.c with -crl_check  
1709 DTLS BUG: retransmition of handshake messages does not work  
1724 s_server does not escape HTML  
1736 Enhancement Request: do away with error in chil engine in absence of dynamic locks  
1743 crasher due to lack of threadsafety on names_lh  
1751 [PATCH] Support DTLS compatibility with Cisco AnyConnect VPN  
1764 openssl-0.9.8i random generator bug  
1789 BUG: openssl verify command does not report signature error if there are other errors  
1792 0.9.8h failing to build with VS2006  
1794 [PATCH] SRP in OpenSSL 1.0.1  
1802 Bug report: Persistent memory leak that cannot be freed  
1812 the openssl build environment is broken  
1821 Extensive use of @commands in Makefile makes troubleshooting challenging  
1822 Issues w/ fips Makefile  
1823 Linux configuration options for OCF/HAVE_CRYPTODEV needed  
1833 [PATCH] Abbreviated Renegotiations  
1834 PKCS7_verify return value -1?  
1851 [PATCH] "openssl verify -CAfile mutil_ca.pem site.cert" fails even if mutil_ca.pem contains the chain for site.cert  
1853 Bugs in ./crpto/x509/x509_vfy.c and ./crpto/x509/x509_cmp.c  
1866 openssl verify needs better error reporting  
1879 1.0.0-beta1 failure on Solaris 10 (-lsocket)  
1881 Compile Failure: openssl-1.0.0-beta1 (IRIX)  
1903 Re: OpenSSL 1.0.0 beta 2 released - OS/2 problems - openssl-1.0.0-beta2.diff [1/1]  
1933 OpenSSL 1.0.0 betas break C++ support  
1936 enhancement request - X509V3_EXT_get_nid  
1947 OpenSSL 1.0.0 betas break SSL_SESSION_cmp  
1973 [PATCH 11/14] Ensure 'make links' gets all headers correctly.  
1994 [BUG REPORT] extra "$" caracter in test/Makefile -> make error on AIX  
1995 Man pages for the "rsa" utility should clearly state what output formats are used  
2019 [PATCH] Optimize handling of TLS SNI extension when resuming a session (server side)  
2036 bug report: TLS session resumption not checking for existence of client finished message  
2037 GENERAL_NAME IPv6 parsing bug....  
2047 [PATCH][Beta3] Fix IPv6 handling in BIO_get_accept_socket()  
2049 [patch] x509 -text incorrectly shows serial# as negative numbers  
2051 [PATCH] IPv6 support for s_client, s_server and DTLS  
2053 [PATCH] Add new -ext_print option to x509 app to print certificate extensions  
2069 [PATCH] IPv6 support for DTLS  
2071 Few more manual page (was: What does cache field in X509_STORE struct do?)  
2079 Mismatch in makefiles -> compilation error on cygwin  
2087 base64 decoder returns nothing  
2099 [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS)  
2100 RAND_poll can be incredibly slow on Windows7 due to Heap32Next  
2102 1.0.0 incompatible with openfire servers  
2105 Please reconsider the client side of the CVE-2009-3555 fix in 1.0.0  
2106 s_client man page doesn't mention STARTTLS support for XMPP  
2134 Problem with both rsa and dsa certificates in certificate file  
2147 Re: OpenSSL 0.9.8m-beta1 release  
2148 OpenSSL self-test report:  
2152 FIPS Support  
2195 [PATCH] Set default field separator in do_name_ex() ("nameopt" switch)  
2202 OpenSSL 0.9.8n v. VMS  
2208 Bug Report: SSL_Accept() not MT-safe  
2212 Override DH bits restriction  
2214 crash in openssl 0.9.9 and probably 1.0.0  
2215 crash in openssl-1.0.0 glibc detected httpd: free(): invalid pointer in libcrypto.so.1.0.0(CRYPTO_free)  
2226 OSSL 1.0.0 and NetWare + nasm  
2233 [BUG] Checkin #19560 causes an DTLS bug  
2245 [PATCH] Add /Zi to VC++ CFLAG in debug configuration (1.0.0 and 0.9.8)  
2246 dtls1.h includes winsock.h, overriding the #undefs from ossl_typ.h on Windows  
2264 Backwards-compatibility problem in 1.0.0 evp.h  
2265 bug in openssl-1.0.0/test/cms-test.pl system() return value problem  
2268 openssl-0.9.8n: Organization Name value may not contain comma  
2269 ENGINE_register_complete() seems to ignore OPENSSL_NO_RAND  
2271 bug report / enhancement request  
2275 CVS HEAD: BIO b_sock: ioctl(FIONBIO) is not available everywhere; completed BIO_socket_nbio() so the #ifdef clutter in apps/* and other spots can be discarded after this  
2283 ECDSA and checking signature validity  
2292 bug report for SSL_get_secure_renegotiation_support()  
2293 OpenSSL dependence on external threading functions is a critical design flaw  
2302 Bug with GOST in TLS connection  
2305 openSSL initialization segmentation fault  
2312 Function protos in 1.0.0a: unsigned long changed to size_t not so good for amd/x64, Itanium  
2316 Build issue on Tru64 (Dl_info must specify a type)  
2322 openssl question  
2327 bug report  
2332 Issue while generating SSL certificate using Apache 2.216 + openssl 0.9.8o  
2333 [BUG?] RSA_public_decrypt() failed  
2350 [PATCH] to fix compilation issues of openssl v100a for WCE 420/WM5/WM6 target platform  
2351 PATCH: Remove obsolete ipsec extended key usages  
2353 PATCH: add missing OSCPSigning bits  
2361 win32: non-blocking BIO_do_connect() returns wrong value  
2365 Limitations of ENGINE interface hamper performance on modern hardware  
2371 Openssl mingw build error.  
2381 MinGW builds are being "optimized for MS-DOS"  
2382 Win98 mingw problem with openssl head  
2395 openssl-1.0.0c bug: Decoding cert causes segv in ASN1 code  
2397 openssl x509 stops outputting just before printing Issuer when using nameopt dn_rev  
2399 Request: Allow "-no-xxx" options in ./config for FIPS build  
2408 [OpenSSL >= 1.0.0 Enhancement] Additions to timestamp support  
2409 CCM support not available in openssl-1.0.0c  
2417 [Enhancement] X509 verification with OCSP support  
2418 BUG: 0.9.8m Can't decrypt a PKCS7 using ECB Cipher generated from 0.9.7g.  
2438 [PATCH] ecrypto/ecdsa: fix a zero change in the test suite  
2442 OCSP digest methods bug  
2444 Failure in build of the test programs (1.0.0c on MinGW)  
2446 Need clarification on licensing requirements of certain files  
2449 [BUG] openssl 1.0.0d warnings during build and ACCVIO on OpenVMS  
2453 Issue on SMIME_write_PKCS7() with memory buffer if data is not NULL  
2459 ecdsa_method declaration prevents use in implementing a dynamic engine  
2463 [PATCH]: OpenSSL 1.0.0d: Add abbility to load server certificate by ENGINE.  
2464 [PATCH] Experimental TLS-RSA-PSK support for OpenSSL  
2468 bind 9.8.0 and OpenSSL 1.0.0d  
2480 ./config shared no-rc2 no-rc4 no-des no-ssl2 ... make test fail  
2484 [PATCH] DTLS: wrong fragment reassembly  
2495 enable PEM_write_DSAPublicKey  
2497 [PATCH] Improve RSAOaep Error Handling  
2504 Cross Compile MinGW DLLs on Linux  
2519 crash when using newly-defined ASN1_SEQUENCE macros in Windows with elements that are also newly-defined SEQUENCEs...  
2524 openssl 1.0.0d bug report/ query  
2535 [PATCH] Add SCTP support for DTLS (RFC 6083)  
2548 [Enhancement Request / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client and SNI  
2549 [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name  
2551 [PATCH] All platforms: Option to disable sending renegotiation_info extension.  
2556 3 bugs for OID encoding/decoding  
2562 Adding cfi/fpo records to asm (fix backtrace when debugging)  
2568 enhancement request: remove ECC engine support's limitation  
2571 OCSP send request fails if OCSP server with vhost or reverse proxy  
2581 bug: Why do these 12 lines of Win32 code work on XP but hang forever in Vista and Windows 7?  
2582 [PATCH] Efficient and side channel analysis resistant 512-bit and 1024-bit modular exponentiation for optimizing RSA1024 and RSA2048 on x86_64 platforms")  
2594 Problem with X509 path loop detection - PATCH  
2635 1/n-1 record splitting technique for CVE-2011-3389  
2652 [PATCH] OpenSSL 1.0.1 OpenVMS issues  
2653 [BUG] OpenSSL 1.0.1 OpenVMS issues on VAX  
2658 [PATCH] Add TLS/DTLS Heartbeats  
2669 make test failure  
2672 BUG REPORT: GENERAL_NAMES Template encoding issue  
2673 Bug report: OpenSSL Memory leak in B64 encode  
2675 1.0.1-beta1 issue: X509 certificate serial numbers are displayed as negative  
2677 1.0.1-beta1 issue: Misspelled PKCS  
2687 OpenSSL 1.0.1-beta1 sends certificate_verify in ServerHello and breaks Java 1.6.x clients, Firefox, and Chrome  
2698 [PATCH] Allow the use of startdate and enddate for ca -gencrl command  
2701 BN_generate_prime_ex can generate too large primes  
2707 Build failure  
2718 openssl-fips-1.2.3: testsuite failures (SIGILL / Illegal instruction)  
2720 openssl 1.0.1 beta2 problem  
2732 Bug: verification fails if muliple certification path (EV/Verisign)  
2742 Problems with cms -resign  
2745 Fwd: GOST engine memory problems  
2746 Bugfix for ASN.1 parser in OpenSSL 0.9.8 and 1.0  
2747 valgrind suppressions file to suppress warnings from Python/openssl  
2749 SSL_shutdown() doesn't need to ever return 0  
2750 [BUG] spec file doesn't properly build for lib64  
2751 [ENHANCEMENT] Request moving static get_issuer_sk before X509_verify_cert  
2760 possible bug report: DSA_verify() doesn't correctly account for len  
2763 Possible bug - TLS 1.2 compliance  
2765 openssl negotiates ECC ciphersuites in SSL 3.0  
2768 Bug: internal_verify() hides errors from callbacks after X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE  
2769 problem with openssl 1.0.1 and 512bits rsa key  
2771 [BUG] Openssl 1.0.1 times out when connecting to Outlook Exchange 2007  
2782 BUG report: RSA private key serializer  
2783 OCSP_parse_url() does not parse URLs containing IPv6 addresses correctly  
2784 [PATCH] Eefficient implementations of SHA256 and SHA512, using the Simultaneous Message Scheduling method  
2803 bug report: OCSP_basic_verify may return incorrect value  
2805 uplink-x86_64-pl-script error when running "ms\do_win64a" on windows 7-64bit command line  
2806 [PATCH] key exchange cipherlist labels for 8 ciphersuites (3e, 68, a4, a5, c029, c02a, c031, c032)  
2807 Can't connect to Evernote server  
2816 bug report on openssl version 1.0.0d , windows server 2008 64 bit  
2825 Bug: Unable to connect to WPA enterprise wireless  
2826 OpenSSL Buffer Overflow Vulnerability Notification  
2827 Bug ? with cms option with large files  
2828 TLS 1.1 and 1.2 client - invalid Client Hello during renegotiation  
2834 bug report: i2d(sign(10)) results in 2573 encoded  
2835 question/proposal for openssl 1.0.1c to make do_ms.bat and do_win64a.bat somewhat more consisent + solve build errors for WIN64a.  
2836 [PATCH] Staple the correct OCSP Response when multiple certs are configured  
2841 Unreachable return in OpenSSL 1.0.1c, x509_vfy::check_issued()  
2850 [PATCH] Efficient and side channel analysis resistant 1024-bit modular exponentiation, for optimizing RSA2048 on AVX2 capable x86_64 platforms  
2862 bug report - strange memory access  
2875 Limited rsa keysize  
2884 bug in eng_cryptodev?  
2904 genpkey ignores "-outform DER"  
2907 Unresolved external referenced in function _EC_GF2m_simple_method when linking 1.0.1c w/ fips-ecp-2.0.2  
2909 Wildcard support for certificate matching (plus fixes)  
2910 OPENSSL_cleanse called with wrong size  
2915 [PATCH] Add an option to Configure to set the include directory for FIPS enabled builds  
2935 OpenSSL 0.9.8x crashes\OpenSSL 1.0.1c get stuck in SSL_load_error_strings() function on Solaris OS  
2937 Handshake performance degradation in 1.0.1 and up.  
2948 thousands of getpid called inside libcrypto.sl.0.9.8  
2958 Bug report: dtls handshake loops after 'certificate verify' packet loss  
2972 GnuTLS: A TLS fatal alert has been received.  
2974 OpenSSL 0.9.8y compilation error on Windows  
2978 CVS repositories serving stale data  
2984 OpenSSL 1.0.0k, 1.0.1.d, 1.0.1e fail handshake with DTLS1_BAD_VER  
2988 Makefiles should (usually) remove target before re-generating  
2991 Certifacte verification with a RSA-SHA512 hash algorithm fails  
2993 Openssl manual pages  
2994 OpenSSL upgrade issue  
2996 PATCH: cygwin (and probably others) support broken by long time  
3001 [PATCH] Reduce unnecessary verifying iteration in rsa_test.c  
3002 Communication problems with 1.0.1e  
3003 Enhancement Request - RFC6698 (DANE) TLSA Support  
3014 bug report: 1.0.1e - Linux/OSX/Windows/All? - CRL validation fails with unknown CRL critical extension  
3020 openssl hang  
3022 Binary curves broken in FIPS mode  
3029 Misspellings in the openssl license document  
3030 openssl 1.0.1 doesn't get response when negotiating connection to server needing TLSv1  
3036 openssl-0.9.8y config removes symbolic link /dev/null on Solaris  
3041 [Bug] DTLS message_sequence number wrong in rehandshake ServerHello  
3042 [PATCH] Fast implementation of AES-XTS mode for AVX capable x86-64 processors  
3043 Bug Report d2i_PKCS8PrivateKey_bio() doesn't work for DH keys  
3052 [PATCH] OpenSSL 1.0.1e bug fix for x86_64-gf2m.pl use of STDOUT  
3054 [PATCH] Efficient and side channel analysis resistant 1024-bit and 2048-bit modular exponentiation, optimizing RSA, DSA and DH of compatible sizes, for AVX2 capable x86_64 platforms  
3059 TLS 1.2 CertificateRequests allows MD5  
3065 [PATCH] ec_private_key_dont_crash  
3073 [Patch] ALPN Implementation for OpenSSL  
3074 On PA-RISC, OPENSSL_cleanse() causes crash when called from outside libcrypto, patch included  
3075 [PATCH] Fix ASM support for FreeBSD 10  
3080 Android NEON and CFLAGS options  
3087 OpenSSL 1.0.2: seg fault with AES_CBC  
3089 Building OpenSSL 1.0.1e with FIPS on Win64A  
3090 Infinite loop in openssl s_client when verify error Different CRL scope occurs  
3093 OpenSSL 1.0.1e masm failure with Visual Studio 11 VC-WIN64A.  
3094 bug report: osx 10.8.4 won't build with enable-ec_nistp_64_gcc_128  
3095 Incorrect result in HMAC functions when key is null  
3097 Incorrect revocation status with indirect CRL  
3101 [PATCH] Add CMP (RFC 4210) implementation  
3102 s_server does not reject invalid client certificates in "OpenSSL 1.0.1 14 Mar 2012" with -verify or -Verify options  
3103 [PATCH] Set TLS EC curve_id from EC group alone.  
3104 [BUG] Build broken on OSX (RSAZ assembly)  
3106 [PATCH] Fix build with OPENSSL_NO_NEXTPROTONEG.  
3110 Adding support for x86_64 Cygwin  
3113 OpenSSL’s DH implementation uses an unnecessarily long exponent, leading to significant performance loss  
3116 Incostistency using GOST engine with openssl 1.0.1e  
3117 [PATCH] A fast vectorized implementation of binary elliptic curves on x86-64 processors  
3120 Minimum size of DH  
3122 bug: openssl-1.0.1.e: STARTTLS: "SSL3 alert write:fatal:illegal parameter"  
3125 [PATCH 1.0.1e] openssl/crypto/armcap.c: fix a typo in OPENSSL_rdtsc  
3126 [PATCH 1.0.1e] armcap.c: use getauxv on glibc to find caps  
3128 bug report: segfault after error 1408F10B  
3129 Openssl not clearing session ticket upon handshake failure  
3130 Bug report: Compilation of 1.0.2 fails on Solaris 10  
3139 Bug in AES XTS implementation for Windows x64 (truncating pointer to IV)  
3148 Can't compile OpenSSL 1.0.1e on OpenIndiana x86_64 GCC 4.4.4  
3149 [patch] Fast and side channel protected implementation of the NIST P-256 Elliptic Curve, for x86-64 platforms  
3150 Bug Report (with trivial fix): fips module segfault  
3151 Bug report: openssl-1.0.1e-28.fc19.i686 on Fedora 19: OPENSSL_ia32_cpuid() misdetects RDRAND instruction on old Cyrix M II i686 CPU  
3165 tru64-alpha-cc compatibility fixes  
3179 Feature Request: Set Preference List for EC Curves in Client  
3182 Bug in OpenSSL 1.0.1e 586 assembly optimized AES_cbc_encrypt  
3188 Bug Report Null bytes in SubjectAltName mishandled in GENERAL_NAME_print()  
3189 Bugreport & patch: error restoring xmm6 and xmm7 registers in bn_scatter5 on win64 compilation  
3195 [bug] aes-cbc encryption on x86 is not working  
3201 EVP_DigestUpdate crashes because of a NULL pointer  
3202 Request to remove _sparcv9_random  
3203 Normalize PFS key exchange labels  
3213 [PATCH] Fix failure to read default CA file & CA path in s_{client,server,time} (bug #977)  
3217 [PATCH] changes in 1.0.0l and 1.0.1f required for OpenVMS  
3229 Fwd: Issue with key length  
3231 default ciphers include insecure export cipher suites  
3234 [bug] openssl defaults to using tls compression  
3235 Re: AES256-SHA256 test failed on OpenSSL-1.0.1f ARM64( compiled with -O3 optimization)  
3241 Patch: Constify openssl tables.  
3242 Patch Request for OpenSSL 0.9.8  
3248 Bug - OpenSSL 0.9.8 crashes randomly at the call to BIO_test_flags()  
3250 openssl 1.0.1e : compil on win64a creates a NUL file  
3251 Small updates to be able to compile OpenSSL 0.9.8y and 1.0.1f on Borland Builder 4/5 successors  
3252 OpenSSL v1.0.1f issue: decryption failed or bad record mac:s3_pkt.c:484  
3253 Compile issues - Solaris 10  
3261 ID1729  
3266 [PATCH] Add the SYSTEM cipher keyword  
3269 1.0.2 beta1 on UnixWare  
3270 1.0.2 Beta 1 on Solaris 10 Sparc: Assembler warnings  
3271 OpenSSL 1.0.2 Beta 1 Solaris 10 Sparc Shell error during make install  
3273 Bug in 1.0.2 beta 1  
3275 Bug: GOST HMAC not checking input length  
3279 debug-VC-WIN32 build broken in 1.0.1f  
3281 [BUG] Openssl 1.1.0 (master) CMS Validation RSASSA-PSS  
3282 [PATCH] Fix PKCS8/PKCS12 EncryptedPrivateKeyInfo decryption when password is empty  
3287 [bug] compilation with gcc 4.8.2 of openssl 1.0.1 generate strict-aliasing warnings  
3290 1.0.1e compile issue  
3303 [PATCH] doc: fix "forgot a '=back' before '=head1'" error  
3306 OpenSSL Enhancement: the binary library should contain the version strings found in the header opensslv.h  
3308 Re: Return missed NULL-check in CMS_add0_cert back  
3309 Bug: Missing critical flag for extended key usage not detected in time-stamp verification  
3314 BUG - CMS Decrypt returns wrong error message on mismatching private key after Bleichenbachers FIX  
3316 Wrong trust chain with new version of openssl  

To report a new issue not mentioned here, please send email to rt@openssl.org.