SRP memory leak fix

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index c2aba4bd19cf329864bb77a4f8df6362eae8da4d..178d010d316942fc9e8e1cd5fca310b5e870948d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,18 @@
 
  Changes between 1.0.1p and 1.0.1q [xx XXX xxxx]
 
-  *)
+  *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
+     This changes the decoding behaviour for some invalid messages,
+     though the change is mostly in the more lenient direction, and
+     legacy behaviour is preserved as much as possible.
+     [Emilia Käsper]
+
+  *) In DSA_generate_parameters_ex, if the provided seed is too short,
+     return an error
+     [Rich Salz and Ismo Puustinen <ismo.puustinen@intel.com>]
+
+  *) Rewrite PSK to support ECDHE_PSK, DHE_PSK and RSA_PSK. Add ciphersuites
+     from RFC4279, RFC4785, RFC5487, RFC5489.
 
  Changes between 1.0.1o and 1.0.1p [9 Jul 2015]
 
@@ -98,6 +109,9 @@
   *) Reject DH handshakes with parameters shorter than 768 bits.
      [Kurt Roeckx and Emilia Kasper]
 
+  *) dhparam: generate 2048-bit parameters by default.
+     [Kurt Roeckx and Emilia Kasper]
+
  Changes between 1.0.1l and 1.0.1m [19 Mar 2015]
 
   *) Segmentation fault in ASN1_TYPE_cmp fix