File Release Notes and Changelog
Notes:
Better XER and BER support, portability and security fixes.
Changes:
0.9.7: 2004-Oct-11
* Finished CANONICAL-XER implementation by adding SET and SET OF
canonical ordering support.
* Fixed unber(1) limits controlling logic.
* Removed C99'izm from the x509dump, now understood by older compilers.
* Enhanced UTF8String constraint validation, now it checks
for the minimal encoding length; API of UTF8String_length() changed.
* Fixed SEQUENCE dealing with premature termination of the
optionals-laden indefinite length structure. The code was previously
refusing to parse such structures.
* Fixed explicitly tagged ANY type encoding and decoding
(Severity: medium, Secruity impact: low).
* Fixed CHOICE code spin when indefinite length structures appear
in the extensions (Severity: medium, Security impact: medium).
Reported by <siden@ul-gsm.ru>.
* BIT STRING now stores the number of unused octets in a separate field.
0.9.6: 2004-Sep-29
* Added several security firewalls: decoder's stack usage control
and the stricter checking of the TLV length.
* Implemented BASIC-XER encoding support (X.693).
* Implemented unber(1) and enber(1) for BER<->XML translation.
* Implemented CGI for online ASN.1 compilation (asn1c/webcgi).
* Implemented the sample X.509 decoder (./samples/sample.source.PKIX1).
* NamedType is now supported for SET OF/SEQUENCE OF type.
* Added -fno-constraints option to asn1c, which disabled generation of
ASN.1 subtype constraints checking code.
* Added ASN1C_ENVIRONMENT_VERSION and get_asn1c_environment_version().
* Fixed ANY type decoding (Severity: high, Secruity impact: low).
* Fixed BER decoder restartability problem with certain primitive
types (BOOLEAN, INTEGER, and REAL). The problem occured when the
encoding of such type is split between several bytes.
(Severity: high, Security impact: low)
* Support for cross-referencing type definitions (updated ./tests/43-*). * Fixed pretty-printing of the REAL type. Added lots of test cases.
* Renamed asn1_* into asn_* in function and type names.
* Updated documentation.
0.9.5: 2004-Sep-17
* Fixed CER (common BER) decoder code. See check-25.c/VisibleString
case for details. X.690 specifies that inner structures in BER
encoding must be tagged by stripping off the outer tag for each
subsequent containment level. See also X.690: 8.21.5.4 and
the "Spouse" case in A.3.
(Severity: medium, Security impact: low)
* Added converters between any generic type and the ANY type.
* Parser fixed: Information Object Class fields may be taged.
* Parser fixed: tagged types inside SEQUENCE OF/SET OF support.
* Improved DEFAULT Value parsing and pretty-printing.
* Condition on distinct tags checker was incorrectly dealing with
tagged CHOICE types. Fixed. Modified tests/37-indirect-choice-OK.asn1
* Improved type name generation code ("struct foo" vs "foo_t").
* Fixed constraint checking code incorrectly dealing with imported
types with constraint values defined in other modules.
* Real REAL support! (Haven't tested denormals support yet!)
See skeletons/tests/check-REAL.c
0.9.4: 2004-Sep-10
* More support for recursive type definitions.
* Explicit support for ANY type decoding.
* Refactored tags processing code.
* Fixed constraints checking code: non-exploitable buffer overflow.
(Severity: medium, Security impact: low)
