use correct credit in CHANGES

Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 4138e3882556c762d77eb827b8be98507cde48df)
author: Dr. Stephen Henson <steve@openssl.org> 2015-01-06 21:12:15 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2015-01-06 22:41:27 +0000
commit: a936ba11480a33db5d65f54da23b6e815e2a4b93 (patch)
tree: a0a9ea7a2a7c57c15f9254ab5578c75eb689f425
parent: ed736ddd74549ef80f17d5675e8aaf54da572336 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/CHANGES b/CHANGES
index 0ccd742999..0ca93f2583 100644
--- a/CHANGES
+++ b/CHANGES
@@ -376,7 +376,8 @@
   *) Abort handshake if server key exchange message is omitted for ephemeral
      ECDH ciphersuites.
 
-     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+     reporting this issue.
      (CVE-2014-3572)
      [Steve Henson]
 
@@ -384,7 +385,8 @@
      violated the TLS standard by allowing the use of temporary RSA keys in
      non-export ciphersuites and could be used by a server to effectively
      downgrade the RSA key length used to a value smaller than the server
-     certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+     INRIA or reporting this issue.
      (CVE-2015-0204)
      [Steve Henson]
author	Dr. Stephen Henson <steve@openssl.org>	2015-01-06 21:12:15 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2015-01-06 22:41:27 +0000
commit	a936ba11480a33db5d65f54da23b6e815e2a4b93 (patch)
tree	a0a9ea7a2a7c57c15f9254ab5578c75eb689f425
parent	ed736ddd74549ef80f17d5675e8aaf54da572336 (diff)