X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=99aeefb4c235e733fb6884297b0fea4d37ffc0cf;hp=173be2465e855b10ab994d889498ac5244067097;hb=4b7a4ba29cafa432fc4266fe6e59e60bc1c96332;hpb=34628967f1e65dc8f34e000f0f5518e21afbfc7b

diff --git a/CHANGES b/CHANGES
index 173be2465e..99aeefb4c2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,42 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 1.0.1e and 1.0.1f [xx XXX xxxx]
+ Changes between 1.0.1f and 1.0.1g [xx XXX xxxx]
+
+  *) Fix for the attack described in the paper "Recovering OpenSSL
+     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
+     by Yuval Yarom and Naomi Benger. Details can be obtained from:
+     http://eprint.iacr.org/2014/140
+
+     Thanks to Yuval Yarom and Naomi Benger for discovering this
+     flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
+     [Yuval Yarom and Naomi Benger]
+
+  *) TLS pad extension: draft-agl-tls-padding-02
+
+     Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
+     TLS client Hello record length value would otherwise be > 255 and
+     less that 512 pad with a dummy extension containing zeroes so it
+     is at least 512 bytes long.
+
+     To enable it use an unused extension number (for example chrome uses
+     35655) using:
+
+     e.g. -DTLSEXT_TYPE_padding=35655
+
+     Since the extension is ignored the actual number doesn't matter as long
+     as it doesn't clash with any existing extension.
+
+     This will be updated when the extension gets an official number.
+
+     [Adam Langley, Steve Henson]
+
+ Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
+
+  *) Fix for TLS record tampering bug. A carefully crafted invalid 
+     handshake could crash OpenSSL with a NULL pointer exception.
+     Thanks to Anton Johansson for reporting this issues.
+     (CVE-2013-4353)
 
   *) Keep original DTLS digest and encryption contexts in retransmission
      structures so we can use the previous session parameters if they need