prepare for next version

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 575bd77ca07f04d5c2cbfa475a9d828f5af5bc92..b3424e898e267dc6eb092f623afd0234e32c8abf 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,28 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 0.9.8u and 0.9.8v [xx XXX xxxx]
+
+  *)
+
+ Changes between 0.9.8t and 0.9.8u [12 Mar 2012]
+
+  *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
+     in CMS and PKCS7 code. When RSA decryption fails use a random key for
+     content decryption and always return the same error. Note: this attack
+     needs on average 2^20 messages so it only affects automated senders. The
+     old behaviour can be reenabled in the CMS code by setting the
+     CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
+     an MMA defence is not necessary.
+     Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
+     this issue. (CVE-2012-0884)
+     [Steve Henson]
+
+  *) Fix CVE-2011-4619: make sure we really are receiving a 
+     client hello before rejecting multiple SGC restarts. Thanks to
+     Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
+     [Steve Henson]
+
  Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
 
   *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.