Update CHANGES and NEWS for the new release

Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-05-03 09:37:23 +0100
committer: Matt Caswell <matt@openssl.org> 2016-05-03 13:19:10 +0100
commit: b4d56b8ecb985ed8c8d3b757b5a728aa52143e41 (patch)
tree: e56e41d5d9be5d50d9a7524b75f55fe91176adab /NEWS
parent: d4b25980020821d4685752ecb9105c0902109ab5 (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 47376364d7..e8f1d06abb 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,16 @@
 
   Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [under development]
 
-      o
+      o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
+      o Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
+      o Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
+      o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
+      o EBCDIC overread (CVE-2016-2176)
+      o Modify behavior of ALPN to invoke callback after SNI/servername
+        callback, such that updates to the SSL_CTX affect ALPN.
+      o Remove LOW from the DEFAULT cipher list.  This removes singles DES from
+        the default.
+      o Only remove the SSLv2 methods with the no-ssl2-method option.
 
   Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]
author	Matt Caswell <matt@openssl.org>	2016-05-03 09:37:23 +0100
committer	Matt Caswell <matt@openssl.org>	2016-05-03 13:19:10 +0100
commit	b4d56b8ecb985ed8c8d3b757b5a728aa52143e41 (patch)
tree	e56e41d5d9be5d50d9a7524b75f55fe91176adab /NEWS
parent	d4b25980020821d4685752ecb9105c0902109ab5 (diff)