[openssl-commits] [openssl] OpenSSL-fips-2_0-dev update

Tue, 22 Aug 2017 03:39:51 -0700 

The branch OpenSSL-fips-2_0-dev has been updated
       via  fe36a698477e7cb1a49de3f4cba5ad7f89f5ad4c (commit)
      from  d674242a884368083bf1044cc4e6e30d8f452a50 (commit)


- Log -----------------------------------------------------------------
commit fe36a698477e7cb1a49de3f4cba5ad7f89f5ad4c
Author: Steve Marquess <marqu...@openssl.com>
Date:   Mon Aug 21 15:57:25 2017 -0400

    Add "wishlist" of desired but possibly unobtainable fixes/improvements
    
    Reviewed-by: Richard Levitte <levi...@openssl.org>
    Reviewed-by: Stephen Henson <st...@openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4208)

-----------------------------------------------------------------------

Summary of changes:
 README.wishlist | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 README.wishlist

diff --git a/README.wishlist b/README.wishlist
new file mode 100644
index 0000000..111ee3c
--- /dev/null
+++ b/README.wishlist
@@ -0,0 +1,31 @@
+A "wish list" of changes we'd like to make to the FIPS module if we could.
+Note the CMVP requires retesting of all previously tested platforms
+("Operational Environments") to implement any changes considered 
"cryptographically
+significant". Since the OpenSSL FIPS module v2.0 has some 250 such formally
+tested platforms (and counting), retesting just isn't logistically or 
economically
+feasible.
+
+--------
+https://github.com/openssl/openssl/pull/4157
+From 2017-08-14, Fix GCM MAC computation for AES-GCM by        srahul123
+cryptographically significant, not fixable
+
+--------
+Andy Polyakov: harmonize with __thumb__ clause in FIPS_ref_point() (#3354),
+https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/3354.patch
+https://github.com/openssl/openssl/pull/3354#pullrequestreview-36086406
+May be possible to introduce in future change letter
+
+--------
+CVE-2016-0701
+cryptographically significant, not fixable
+
+--------
+CVE-2014-0076
+cryptographically significant, not fixable
+
+--------
+"Lucky 13", CVE-2013-0169
+cryptographically significant, not fixable
+
+--------
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

Reply via email to