Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)

author: Dr. Stephen Henson <steve@openssl.org> 2012-01-04 18:52:18 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-01-04 18:52:18 +0000
commit: 21c4b259598efe3ea8c834c1568e8b762be120c4 (patch)
tree: d3699bb0651684b955720bcf9f132c69e79bc6a2 /CHANGES
parent: 41cf2c3aefcfb892896c3b5be3a56474d46dde14 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index a6672ed6fe..5e6fcbd6b3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,9 @@
  _______________
 
  Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
+
+  *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
+     [Adam Langley (Google)]
  
   *) Prevent malformed RFC3779 data triggering an assertion failure.
      Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
author	Dr. Stephen Henson <steve@openssl.org>	2012-01-04 18:52:18 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-01-04 18:52:18 +0000
commit	21c4b259598efe3ea8c834c1568e8b762be120c4 (patch)
tree	d3699bb0651684b955720bcf9f132c69e79bc6a2 /CHANGES
parent	41cf2c3aefcfb892896c3b5be3a56474d46dde14 (diff)