update NEWS

author: Dr. Stephen Henson <steve@openssl.org> 2011-09-06 12:56:21 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-09-06 12:56:21 +0000
commit: b493a057206aedefeb1156e0fe4de9bd4184ee28 (patch)
tree: a16824d261cba3c9d6265717a27516673975fe89
parent: c2a8133d1c292cdabc44b211994678cc43d498b6 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 5cb75f2513..672810dcc7 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@
 
   Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e:
 
+      o Fix for CRL vulnerability issue CVE-2011-3207
+      o Fix for ECDH crashes CVE-2011-3210
       o Protection against EC timing attacks.
       o Support ECDH ciphersuites for certificates using SHA2 algorithms.
       o Various DTLS fixes.
author	Dr. Stephen Henson <steve@openssl.org>	2011-09-06 12:56:21 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-09-06 12:56:21 +0000
commit	b493a057206aedefeb1156e0fe4de9bd4184ee28 (patch)
tree	a16824d261cba3c9d6265717a27516673975fe89
parent	c2a8133d1c292cdabc44b211994678cc43d498b6 (diff)