Prevent small subgroup attacks on DH/DHE

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index efa9f6d40ae15f9b216633a628ff3dc97956fd51..e03c46f921edc35fed6425f1c89037ead88a9b3d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,12 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 1.0.2d and 1.0.2e [xx XXX xxxx]
+ Changes between 1.0.2e and 1.0.2f [xx XXX xxxx]
+
+  *) Reject DH handshakes with parameters shorter than 1024 bits.
+     [Kurt Roeckx]
+
+ Changes between 1.0.2d and 1.0.2e [3 Dec 2015]
 
   *) BN_mod_exp may produce incorrect results on x86_64