The branch OpenSSL-fips-2_0-dev has been updated via fe36a698477e7cb1a49de3f4cba5ad7f89f5ad4c (commit) from d674242a884368083bf1044cc4e6e30d8f452a50 (commit)
- Log ----------------------------------------------------------------- commit fe36a698477e7cb1a49de3f4cba5ad7f89f5ad4c Author: Steve Marquess <marqu...@openssl.com> Date: Mon Aug 21 15:57:25 2017 -0400 Add "wishlist" of desired but possibly unobtainable fixes/improvements Reviewed-by: Richard Levitte <levi...@openssl.org> Reviewed-by: Stephen Henson <st...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4208) ----------------------------------------------------------------------- Summary of changes: README.wishlist | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 README.wishlist diff --git a/README.wishlist b/README.wishlist new file mode 100644 index 0000000..111ee3c --- /dev/null +++ b/README.wishlist @@ -0,0 +1,31 @@ +A "wish list" of changes we'd like to make to the FIPS module if we could. +Note the CMVP requires retesting of all previously tested platforms +("Operational Environments") to implement any changes considered "cryptographically +significant". Since the OpenSSL FIPS module v2.0 has some 250 such formally +tested platforms (and counting), retesting just isn't logistically or economically +feasible. + +-------- +https://github.com/openssl/openssl/pull/4157 +From 2017-08-14, Fix GCM MAC computation for AES-GCM by srahul123 +cryptographically significant, not fixable + +-------- +Andy Polyakov: harmonize with __thumb__ clause in FIPS_ref_point() (#3354), +https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/3354.patch +https://github.com/openssl/openssl/pull/3354#pullrequestreview-36086406 +May be possible to introduce in future change letter + +-------- +CVE-2016-0701 +cryptographically significant, not fixable + +-------- +CVE-2014-0076 +cryptographically significant, not fixable + +-------- +"Lucky 13", CVE-2013-0169 +cryptographically significant, not fixable + +-------- _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits