projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add TLS v1.1 options to s_server
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 8f9c15050766ac65205ea7ab44428af02558fd35..bc985c517b710677d4c0f0dab4557226575a0bea 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1014,6 +1014,14 @@
   
  Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
 
+  *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
+     [Steve Henson]
+
+  *) Don't reencode certificate when calculating signature: cache and use
+     the original encoding instead. This makes signature verification of
+     some broken encodings work correctly.
+     [Steve Henson]
+
   *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
      is also one of the inputs.
      [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
Unnamed repository; edit this file 'description' to name the repository.