From: Ben Laurie <ben@openssl.org>
Date: Thu, 5 Nov 2009 16:08:52 +0000 (+0000)
Subject: Add CVE number.
X-Git-Tag: OpenSSL_0_9_8l
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1917fb6dd84e0a572f258a2931802224eb92b5c1;p=oweals%2Fopenssl.git

Add CVE number.
---

diff --git a/CHANGES b/CHANGES
index cd445c9313..3c9f51c5b7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,10 +5,11 @@
  Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]
 
   *) Disable renegotiation completely - this fixes a severe security
-     problem at the cost of breaking all renegotiation. Renegotiation
-     can be re-enabled by setting
-     OPENSSL_ENABLE_UNSAFE_LEGACY_SESSION_RENEGOTATION at
-     compile-time. This is really not recommended.
+     problem (CVE-2009-3555) at the cost of breaking all
+     renegotiation. Renegotiation can be re-enabled by setting
+     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+     run-time. This is really not recommended unless you know what
+     you're doing.
      [Ben Laurie]
 
  Changes between 0.9.8j and 0.9.8k  [25 Mar 2009]