diff options
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -11,6 +11,14 @@ (CVE-2014-3572) [Steve Henson] + *) Remove non-export ephemeral RSA code on client and server. This code + violated the TLS standard by allowing the use of temporary RSA keys in + non-export ciphersuites and could be used by a server to effectively + downgrade the RSA key length used to a value smaller than the server + certificate. Thanks for Karthikeyan Bhargavan for reporting this issue. + (CVE-2015-0204) + [Steve Henson] + *) Fix various certificate fingerprint issues. By using non-DER or invalid encodings outside the signed portion of a |