diff options
author | Bodo Moeller <bodo@openssl.org> | 2013-09-16 14:55:03 +0200 |
---|---|---|
committer | Bodo Moeller <bodo@openssl.org> | 2013-09-16 14:55:03 +0200 |
commit | 4dc836773e042806235bd724acc711f0cb9b049b (patch) | |
tree | 186fe2e91c78033a1371fdfcffbd4700eceff186 /NEWS | |
parent | ca567a03ad4595589b6062465a8404764da4e3fa (diff) |
Sync CHANGES and NEWS files.
(Various changes from the master branch are now in the 1.0.2 branch too.)
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 25 |
1 files changed, 25 insertions, 0 deletions
@@ -5,10 +5,17 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e: + + o Corrected fix for CVE-2013-0169 + Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d: o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. o Include the fips configuration module. + o Fix OCSP bad key DoS attack CVE-2013-0166 + o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 + o Fix for TLS AESNI record handling flaw CVE-2012-2686 Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c: @@ -40,6 +47,15 @@ o Preliminary FIPS capability for unvalidated 2.0 FIPS module. o SRP support. + Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k: + + o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 + o Fix OCSP bad key DoS attack CVE-2013-0166 + + Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j: + + o Fix DTLS record length checking bug CVE-2012-2333 + Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i: o Fix for ASN1 overflow bug CVE-2012-2110 @@ -116,6 +132,15 @@ o Opaque PRF Input TLS extension support. o Updated time routines to avoid OS limitations. + Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y: + + o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 + o Fix OCSP bad key DoS attack CVE-2013-0166 + + Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x: + + o Fix DTLS record length checking bug CVE-2012-2333 + Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w: o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110) |