diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-11-16 14:18:51 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-11-16 14:18:51 +0000 |
commit | 732d31beeeb2e2e9f44d05da8387cfeca06b91b8 (patch) | |
tree | 32d0001d19dac7c63816b01a00adc512ccbcccec /CHANGES | |
parent | f7d2f17a0709abb641799e32a11a2408d733d8ed (diff) |
bring HEAD up to date, add CVE-2010-3864 fix, update NEWS files
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -161,6 +161,10 @@ Changes between 1.0.0a and 1.0.0b [xx XXX xxxx] + *) Fix extension code to avoid race conditions which can result in a buffer + overrun vulnerability: resumed sessions must not be modified as they can + be shared by multiple threads. CVE-2010-3864 + *) Fix WIN32 build system to correctly link an ENGINE directory into a DLL. [Steve Henson] @@ -1014,6 +1018,10 @@ Changes between 0.9.8o and 0.9.8p [xx XXX xxxx] + *) Fix extension code to avoid race conditions which can result in a buffer + overrun vulnerability: resumed sessions must not be modified as they can + be shared by multiple threads. CVE-2010-3864 + *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939 [Steve Henson] |