From: Dr. Stephen Henson Date: Wed, 4 Jan 2012 23:11:43 +0000 (+0000) Subject: fix CHANGES X-Git-Tag: OpenSSL_1_0_1-beta2~24 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0cffb0cd3e1ba8c016b92941eff172e17dbf6d4a;p=oweals%2Fopenssl.git fix CHANGES --- diff --git a/CHANGES b/CHANGES index c6df38ac9a..d492b2e95e 100644 --- a/CHANGES +++ b/CHANGES @@ -10,20 +10,6 @@ *) Add support for SCTP. [Robin Seggelmann ] - *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) - [Adam Langley (Google)] - - *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) - [Adam Langley (Google)] - - *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) - [Andrey Kulikov ] - - *) Prevent malformed RFC3779 data triggering an assertion failure. - Thanks to Andrew Chi, BBN Technologies, for discovering the flaw - and Rob Austein for fixing it. (CVE-2011-4577) - [Rob Austein ] - *) Improved PRNG seeding for VOS. [Paul Green ] @@ -283,6 +269,17 @@ Changes between 1.0.0e and 1.0.0f [xx XXX xxxx] + *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) + [Adam Langley (Google)] + + *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) + [Andrey Kulikov ] + + *) Prevent malformed RFC3779 data triggering an assertion failure. + Thanks to Andrew Chi, BBN Technologies, for discovering the flaw + and Rob Austein for fixing it. (CVE-2011-4577) + [Rob Austein ] + *) Fix ssl_ciph.c set-up race. [Adam Langley (Google)]