update NEWS

author Dr. Stephen Henson <steve@openssl.org>

Tue, 6 Sep 2011 12:56:21 +0000 (12:56 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Tue, 6 Sep 2011 12:56:21 +0000 (12:56 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Tue, 6 Sep 2011 12:56:21 +0000 (12:56 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Tue, 6 Sep 2011 12:56:21 +0000 (12:56 +0000)
diff --git a/NEWS b/NEWS

index 5cb75f2513366d00e029d7575dcbc9bddf15e0ab..672810dcc714def82eeba66d17697c7047effe8b 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@
  
    Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e:
  
+      o Fix for CRL vulnerability issue CVE-2011-3207
+      o Fix for ECDH crashes CVE-2011-3210
        o Protection against EC timing attacks.
        o Support ECDH ciphersuites for certificates using SHA2 algorithms.
        o Various DTLS fixes.
author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 6 Sep 2011 12:56:21 +0000 (12:56 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 6 Sep 2011 12:56:21 +0000 (12:56 +0000)