Add missing changelog entry for http://cvs.openssl.org/chngview?cn=16587

author: Mark J. Cox <mark@openssl.org> 2008-02-28 13:35:58 +0000
committer: Mark J. Cox <mark@openssl.org> 2008-02-28 13:35:58 +0000
commit: 216ac24bd3cd7c600b0ed59b6573bbfcbba52b41 (patch)
tree: 29b63ea2ccb3ba99ccfbc91ad3f5784a63077979 /CHANGES
parent: 2035af20916fae95f802a3e18325a09d68cc9690 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 1adfa3608b..4211498e81 100644
--- a/CHANGES
+++ b/CHANGES
@@ -199,6 +199,10 @@
      authentication-only ciphersuites.
      [Bodo Moeller]
 
+  *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
+     not complete and could lead to a possible single byte overflow
+     (CVE-2007-5135) [Ben Laurie]
+
  Changes between 0.9.8d and 0.9.8e  [23 Feb 2007]
 
   *) Since AES128 and AES256 (and similarly Camellia128 and
author	Mark J. Cox <mark@openssl.org>	2008-02-28 13:35:58 +0000
committer	Mark J. Cox <mark@openssl.org>	2008-02-28 13:35:58 +0000
commit	216ac24bd3cd7c600b0ed59b6573bbfcbba52b41 (patch)
tree	29b63ea2ccb3ba99ccfbc91ad3f5784a63077979 /CHANGES
parent	2035af20916fae95f802a3e18325a09d68cc9690 (diff)