From HEAD:

Fix flaw if 'Server Key exchange message' is omitted from a TLS handshake which could lead to a cilent crash as found using the Codenomicon TLS test suite (CVE-2008-1672) Reviewed by: openssl-security@openssl.org Obtained from: mark@awe.com
author: Bodo Möller <bodo@openssl.org> 2008-05-28 22:17:34 +0000
committer: Bodo Möller <bodo@openssl.org> 2008-05-28 22:17:34 +0000
commit: e194fe8f47a5bdc7a9eab19b4d387d00c410e633 (patch)
tree: a56ac06e08b50d862dbe66cbd9389183ada44740 /CHANGES
parent: 40a706286febe0279336c96374c607daaa1b1d49 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 5d6c7a8d0a..f8b112ff12 100644
--- a/CHANGES
+++ b/CHANGES
@@ -690,6 +690,11 @@
 
  Changes between 0.9.8g and 0.9.8h  [xx XXX xxxx]
 
+  *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
+     handshake which could lead to a cilent crash as found using the
+     Codenomicon TLS test suite (CVE-2008-1672) 
+     [Steve Henson, Mark Cox]
+
   *) Fix double free in TLS server name extensions which could lead to
      a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) 
      [Joe Orton]
author	Bodo Möller <bodo@openssl.org>	2008-05-28 22:17:34 +0000
committer	Bodo Möller <bodo@openssl.org>	2008-05-28 22:17:34 +0000
commit	e194fe8f47a5bdc7a9eab19b4d387d00c410e633 (patch)
tree	a56ac06e08b50d862dbe66cbd9389183ada44740 /CHANGES
parent	40a706286febe0279336c96374c607daaa1b1d49 (diff)