use correct credit in CHANGES

author Dr. Stephen Henson <steve@openssl.org>

Tue, 6 Jan 2015 21:12:15 +0000 (21:12 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Tue, 6 Jan 2015 22:41:45 +0000 (22:41 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Tue, 6 Jan 2015 21:12:15 +0000 (21:12 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Tue, 6 Jan 2015 22:41:45 +0000 (22:41 +0000)
diff --git a/CHANGES b/CHANGES

index 0fbac887697a8eb72ea389ad72673d4a19831145..bc92912d0d191d365aa5760f7c4ff4c76c64f2c5 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -7,7 +7,8 @@
    *) Abort handshake if server key exchange message is omitted for ephemeral
       ECDH ciphersuites.
  
-     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+     reporting this issue.
       (CVE-2014-3572)
       [Steve Henson]
  
@@ -15,7 +16,8 @@
       violated the TLS standard by allowing the use of temporary RSA keys in
       non-export ciphersuites and could be used by a server to effectively
       downgrade the RSA key length used to a value smaller than the server
-     certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+     INRIA or reporting this issue.
       (CVE-2015-0204)
       [Steve Henson]
author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 6 Jan 2015 21:12:15 +0000 (21:12 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 6 Jan 2015 22:41:45 +0000 (22:41 +0000)