X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=CHANGES;h=2eeeb02303da44d011c7d68ea20b8fa902205ab7;hb=70fddbe32a7b3400a6ad0a9265f2c0ed72988d27;hp=400e065c5b9a464016c9dd09895c2da119d5e350;hpb=6411b83e52fdfd0d3563d50a4dc00838b142fb2c;p=oweals%2Fopenssl.git

diff --git a/CHANGES b/CHANGES
index 400e065c5b..2eeeb02303 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,30 +2,23 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 1.0.1f and 1.0.2 [xx XXX xxxx]
+ Changes between 1.0.1g and 1.0.2 [xx XXX xxxx]
 
-  *) Fix for the attack described in the paper "Recovering OpenSSL
-     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
-     by Yuval Yarom and Naomi Benger. Details can be obtained from:
-     http://eprint.iacr.org/2014/140
+  *) Harmonize version and its documentation. -f flag is used to display
+     compilation flags.
+     [mancha <mancha1@zoho.com>]
 
-     Thanks to Yuval Yarom and Naomi Benger for discovering this
-     flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
-     [Yuval Yarom and Naomi Benger]
+  *) Fix eckey_priv_encode so it immediately returns an error upon a failure
+     in i2d_ECPrivateKey.
+     [mancha <mancha1@zoho.com>]
+
+  *) Fix some double frees. These are not thought to be exploitable.
+     [mancha <mancha1@zoho.com>]
 
   *) Use algorithm specific chains in SSL_CTX_use_certificate_chain_file():
      this fixes a limiation in previous versions of OpenSSL.
      [Steve Henson]
 
-  *) TLS pad extension: draft-agl-tls-padding-03
-
-     Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
-     TLS client Hello record length value would otherwise be > 255 and
-     less that 512 pad with a dummy extension containing zeroes so it
-     is at least 512 bytes long.
-
-     [Adam Langley, Steve Henson]
-
   *) Extended RSA OAEP support via EVP_PKEY API. Options to specify digest,
      MGF1 digest and OAEP label.
      [Steve Henson]
@@ -298,6 +291,35 @@
      certificates.
      [Steve Henson]
 
+ Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
+
+  *) A missing bounds check in the handling of the TLS heartbeat extension
+     can be used to reveal up to 64k of memory to a connected client or
+     server.
+
+     Thanks for Neel Mehta of Google Security for discovering this bug and to
+     Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
+     preparing the fix (CVE-2014-0160)
+     [Adam Langley, Bodo Moeller]
+
+  *) Fix for the attack described in the paper "Recovering OpenSSL
+     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
+     by Yuval Yarom and Naomi Benger. Details can be obtained from:
+     http://eprint.iacr.org/2014/140
+
+     Thanks to Yuval Yarom and Naomi Benger for discovering this
+     flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
+     [Yuval Yarom and Naomi Benger]
+
+  *) TLS pad extension: draft-agl-tls-padding-03
+
+     Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
+     TLS client Hello record length value would otherwise be > 255 and
+     less that 512 pad with a dummy extension containing zeroes so it
+     is at least 512 bytes long.
+
+     [Adam Langley, Steve Henson]
+
  Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
 
   *) Fix for TLS record tampering bug. A carefully crafted invalid