diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -7,7 +7,11 @@ Major changes between OpenSSL 1.0.0r and OpenSSL 1.0.0s [under development] - o + o Malformed ECParameters causes infinite loop (CVE-2015-1788) + o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) + o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) + o CMS verify infinite loop with unknown hash function (CVE-2015-1792) + o Race condition handling NewSessionTicket (CVE-2015-1791) Major changes between OpenSSL 1.0.0q and OpenSSL 1.0.0r [19 Mar 2015] |