Typos.

[oweals/openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 09e6bc9e1915e424475ffe09bdeef24a1a29a74d..7ec74c5f849b9c8c23063636cee1cc7c86360c57 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,17 @@
 
  Changes between 0.9.6h and 0.9.7  [XX xxx 2002]
 
+  *) Change from security patch (see 0.9.6e below) that did not affect
+     the 0.9.6 release series:
+
+     Remote buffer overflow in SSL3 protocol - an attacker could
+     supply an oversized master key in Kerberos-enabled versions.
+     (CAN-2002-0657)
+     [Ben Laurie (CHATS)]
+
+  *) Change the SSL kerb5 codes to match RFC 2712.
+     [Richard Levitte]
+
   *) Make -nameopt work fully for req and add -reqopt switch.
      [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson]
 
@@ -1680,10 +1691,10 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      [Bodo Moeller]
 
   *) Fix initialization code race conditions in
-        SSLv23_client_method(),   SSLv23_server_method(),
-        SSLv2_client_method(),    SSLv2_server_method(),
-        SSLv3_client_method(),    SSLv3_server_method(),
-        TLSv1_client_method(),    TLSv1_server_method(),
+        SSLv23_method(),  SSLv23_client_method(),   SSLv23_server_method(),
+        SSLv2_method(),   SSLv2_client_method(),    SSLv2_server_method(),
+        SSLv3_method(),   SSLv3_client_method(),    SSLv3_server_method(),
+        TLSv1_method(),   TLSv1_client_method(),    TLSv1_server_method(),
         ssl2_get_cipher_by_char(),
         ssl3_get_cipher_by_char().
      [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]
@@ -1716,7 +1727,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      overflow checks added in 0.9.6e.  This prevents DoS (the
      assertions could call abort()).
      [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
-  
+
  Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]
 
   *) Add various sanity checks to asn1_get_length() to reject
@@ -1767,11 +1778,6 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      too small for 64 bit platforms. (CAN-2002-0655)
      [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
 
-  *) Remote buffer overflow in SSL3 protocol - an attacker could
-     supply an oversized master key in Kerberos-enabled versions.
-     (CAN-2002-0657)
-     [Ben Laurie (CHATS)]
-
   *) Remote buffer overflow in SSL3 protocol - an attacker could
      supply an oversized session ID to a client. (CAN-2002-0656)
      [Ben Laurie (CHATS)]
@@ -1780,7 +1786,6 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      supply an oversized client master key. (CAN-2002-0656)
      [Ben Laurie (CHATS)]
 
-
  Changes between 0.9.6c and 0.9.6d  [9 May 2002]
 
   *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
@@ -1867,13 +1872,13 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      value is 0.
      [Richard Levitte]
 
-  *) Add the configuration target linux-s390x.
-     [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
-
   *) [In 0.9.6d-engine release:]
      Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
      [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
 
+  *) Add the configuration target linux-s390x.
+     [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
+
   *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
      ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
      variable as an indication that a ClientHello message has been