diff options
author | Bodo Möller <bodo@openssl.org> | 2011-02-03 10:43:00 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2011-02-03 10:43:00 +0000 |
commit | 88f2a4cf9ced521e2c2874a1c32af0eeaa027f40 (patch) | |
tree | c47e75369abcbb8f1630033e0cceadce3395c693 /CHANGES | |
parent | 9d0397e9779524745018d03a8f938905898dfffb (diff) |
CVE-2010-4180 fix (from OpenSSL_1_0_0-stable)
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -175,6 +175,11 @@ Changes between 1.0.0b and 1.0.0c [2 Dec 2010] + *) Disable code workaround for ancient and obsolete Netscape browsers + and servers: an attacker can use it in a ciphersuite downgrade attack. + Thanks to Martin Rex for discovering this bug. CVE-2010-4180 + [Steve Henson] + *) Fixed J-PAKE implementation error, originally discovered by Sebastien Martini, further info and confirmation from Stefan Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252 |