diff options
author | Matt Caswell <matt@openssl.org> | 2016-03-01 11:12:47 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-03-01 13:34:22 +0000 |
commit | 09375d12fb684c6991c06b473664a0630b8b2edf (patch) | |
tree | 688efd49d450df3e23c786acc6477225c3996893 /NEWS | |
parent | 317be63875e59efa34be0075eaff3c033ef6969f (diff) |
Updates to CHANGES and NEWS for 1.0.2 and 1.0.1 release
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 15 |
1 files changed, 14 insertions, 1 deletions
@@ -5,7 +5,7 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Major changes between OpenSSL 1.0.2f and OpenSSL 1.1.0 [in pre-release] + Major changes between OpenSSL 1.0.2g and OpenSSL 1.1.0 [in pre-release] o Support for ChaCha20 and Poly1305 added to libcrypto and libssl o Support for extended master secret @@ -35,6 +35,19 @@ o Reworked BIO networking library, with full support for IPv6. o New "unified" build system + Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016] + + o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. + o Disable SSLv2 default build, default negotiation and weak ciphers + (CVE-2016-0800) + o Fix a double-free in DSA code (CVE-2016-0705) + o Disable SRP fake user seed to address a server memory leak + (CVE-2016-0798) + o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption + (CVE-2016-0797) + o Fix memory issues in BIO_*printf functions (CVE-2016-0799) + o Fix side channel attack on modular exponentiation (CVE-2016-0702) + Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016] o DH small subgroups (CVE-2016-0701) |