Correct indentation and labelling in ChangeLog

2024-11-23 04:15:43 +01:00 · 2017-07-27 15:18:28 +01:00 · 2017-07-27 15:18:28 +01:00 · 2625f4aa93
commit 2625f4aa93
parent 5308f47038
1 changed files with 15 additions and 16 deletions
--- a/31
+++ b/31
@ -27,13 +27,13 @@ Bugfix

 Security
   * Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
-   ssl_get_verify_result() would incorrectly return 0 when the peer's
-   X.509 certificate chain had more than POLARSSL_X509_MAX_INTERMEDIATE_CA
-   (default: 8) intermediates, even when it was not trusted. Could be
-   triggered remotely on both sides. (With auth_mode set to required
-   (default), the handshake was correctly aborted.)
+     ssl_get_verify_result() would incorrectly return 0 when the peer's
+     X.509 certificate chain had more than POLARSSL_X509_MAX_INTERMEDIATE_CA
+     (default: 8) intermediates, even when it was not trusted. Could be
+     triggered remotely on both sides. (With auth_mode set to required
+     (default), the handshake was correctly aborted.)

-Changes
+API Changes
   * Certificate verification functions now set flags to -1 in case the full
     chain was not verified due to an internal error (including in the verify
     callback) or chain length limitations.
@ -190,9 +190,9 @@ Changes
 = mbed TLS 1.3.17 branch 2016-06-28

 Security
-   * Fix missing padding length check in mbedtls_rsa_rsaes_pkcs1_v15_decrypt 
+   * Fix missing padding length check in mbedtls_rsa_rsaes_pkcs1_v15_decrypt
     required by PKCS1 v2.2
-   * Fix a potential integer underflow to buffer overread in 
+   * Fix a potential integer underflow to buffer overread in
     mbedtls_rsa_rsaes_oaep_decrypt. It is not triggerable remotely in
     SSL/TLS.
   * Fix potential integer overflow to buffer overflow in
@ -1223,7 +1223,7 @@ Security
 Changes
   * Allow enabling of dummy error_strerror() to support some use-cases
   * Debug messages about padding errors during SSL message decryption are
-     disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL 
+     disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
   * Sending of security-relevant alert messages that do not break
     interoperability can be switched on/off with the flag
     POLARSSL_SSL_ALL_ALERT_MESSAGES
@ -1252,7 +1252,7 @@ Bugfix
 Changes
   * Added p_hw_data to ssl_context for context specific hardware acceleration
     data
-   * During verify trust-CA is only checked for expiration and CRL presence  
+   * During verify trust-CA is only checked for expiration and CRL presence

 Bugfixes
   * Fixed client authentication compatibility
@ -1550,9 +1550,9 @@ Features
     with random data (Fixed ticket #10)

 Changes
-   * Debug print of MPI now removes leading zero octets and 
+   * Debug print of MPI now removes leading zero octets and
     displays actual bit size of the value.
-   * x509parse_key() (and as a consequence x509parse_keyfile()) 
+   * x509parse_key() (and as a consequence x509parse_keyfile())
     does not zeroize memory in advance anymore. Use rsa_init()
     before parsing a key or keyfile!

@ -1574,7 +1574,7 @@ Features
     printing of X509 CRLs from file

 Changes
-   * Parsing of PEM files moved to separate module (Fixes 
+   * Parsing of PEM files moved to separate module (Fixes
     ticket #13). Also possible to remove PEM support for
     systems only using DER encoding

@ -1717,7 +1717,7 @@ Bug fixes
   * Fixed HMAC-MD2 by modifying md2_starts(), so that the
     required HMAC ipad and opad variables are not cleared.
     (found by code coverage tests)
-   * Prevented use of long long in bignum if 
+   * Prevented use of long long in bignum if
     POLARSSL_HAVE_LONGLONG not defined (found by Giles
     Bathgate).
   * Fixed incorrect handling of negative strings in
@ -1758,7 +1758,7 @@ Bug fixes
   * Made definition of net_htons() endian-clean for big endian
     systems (Found by Gernot).
   * Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
-     padlock and timing code. 
+     padlock and timing code.
   * Fixed an off-by-one buffer allocation in ssl_set_hostname()
     responsible for crashes and unwanted behaviour.
   * Added support for Certificate Revocation List (CRL) parsing.
@ -1932,4 +1932,3 @@ XySSL ChangeLog
    who maintains the Debian package :-)

 = Version 0.1 released on 2006-11-01
-