diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 23:10:44 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 23:10:44 +0000 |
commit | 2ec0497f080bc53c99ab895fc0caa7af20b9a02e (patch) | |
tree | fc47f900510212acac04ce4391e18d415738197b /CHANGES | |
parent | 6bf896d9b1693916d9e8d303f9e3cc04959632b2 (diff) |
fix CHANGES
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 19 |
1 files changed, 11 insertions, 8 deletions
@@ -261,14 +261,6 @@ *) Add support for SCTP. [Robin Seggelmann <seggelmann@fh-muenster.de>] - *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) - [Andrey Kulikov <amdeich@gmail.com>] - - *) Prevent malformed RFC3779 data triggering an assertion failure. - Thanks to Andrew Chi, BBN Technologies, for discovering the flaw - and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577) - [Rob Austein <sra@hactrn.net>] - *) Improved PRNG seeding for VOS. [Paul Green <Paul.Green@stratus.com>] @@ -531,6 +523,17 @@ Changes between 1.0.0e and 1.0.0f [xx XXX xxxx] + *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) + [Adam Langley (Google)] + + *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) + [Andrey Kulikov <amdeich@gmail.com>] + + *) Prevent malformed RFC3779 data triggering an assertion failure. + Thanks to Andrew Chi, BBN Technologies, for discovering the flaw + and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577) + [Rob Austein <sra@hactrn.net>] + *) Fix ssl_ciph.c set-up race. [Adam Langley (Google)] |