diff options
author | Emilia Kasper <emilia@openssl.org> | 2014-11-20 12:20:02 +0100 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2014-11-20 15:19:42 +0100 |
commit | 0b9e82763f1e00abb4217b714be976d978829976 (patch) | |
tree | a3f99129d51da40a2a82a9f9e560eb7b1d242581 /CHANGES | |
parent | e5f261df7369a8d1734045ed59e12b42142a9147 (diff) |
Clean up CHANGES
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 31832e8ff1a3e731ea9fab41aef071a12709cf33)
Conflicts:
CHANGES
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 18 |
1 files changed, 1 insertions, 17 deletions
@@ -2,7 +2,7 @@ OpenSSL CHANGES _______________ - Changes between 1.0.1j and 1.0.2 [xx XXX xxxx] + Changes between 1.0.1k and 1.0.2 [xx XXX xxxx] *) SRTP Memory Leak. @@ -43,22 +43,6 @@ (CVE-2014-3566) [Adam Langley, Bodo Moeller] - *) Tighten handling of the ChangeCipherSpec (CCS) message: reject - early CCS messages during renegotiation. (Note that because - renegotiation is encrypted, this early CCS was not exploitable.) - [Emilia Käsper] - - *) Tighten client-side session ticket handling during renegotiation: - ensure that the client only accepts a session ticket if the server sends - the extension anew in the ServerHello. Previously, a TLS client would - reuse the old extension state and thus accept a session ticket if one was - announced in the initial ServerHello. - - Similarly, ensure that the client requires a session ticket if one - was advertised in the ServerHello. Previously, a TLS client would - ignore a missing NewSessionTicket message. - [Emilia Käsper] - *) Accelerated NIST P-256 elliptic curve implementation for x86_64 (other platforms pending). [Shay Gueron & Vlad Krasnov (Intel Corp), Andy Polyakov] |