diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-01-06 21:55:15 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-01-06 21:55:15 +0000 |
commit | 9bd1e2b54abfe9c28cb84a37039a09cb41c59952 (patch) | |
tree | 1749f1da3a6162b59a4a807f5dc88f193a82100d /NEWS | |
parent | ad0d2579cf3a293a35a5b606afc5a97c71cf6ca7 (diff) |
Sync NEWS.
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 11 |
1 files changed, 11 insertions, 0 deletions
@@ -5,6 +5,13 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] + + o Don't include gmt_unix_time in TLS server and client random values + o Fix for TLS record tampering bug CVE-2013-4353 + o Fix for TLS version checking bug CVE-2013-6449 + o Fix for DTLS retransmission bug CVE-2013-6450 + Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]: o Corrected fix for CVE-2013-0169 @@ -47,6 +54,10 @@ o Preliminary FIPS capability for unvalidated 2.0 FIPS module. o SRP support. + Major changes between OpenSSL 1.0.0k and OpenSSL 1.0.0l [6 Jan 2014] + + o Fix for DTLS retransmission bug CVE-2013-6450 + Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]: o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 |