use correct credit in CHANGES
authorDr. Stephen Henson <steve@openssl.org>
Tue, 6 Jan 2015 21:12:15 +0000 (21:12 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 6 Jan 2015 22:41:27 +0000 (22:41 +0000)
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 4138e3882556c762d77eb827b8be98507cde48df)

CHANGES

diff --git a/CHANGES b/CHANGES
index 0ccd74299936a953ca70d36f8f0c0c18640be7b0..0ca93f25831fd435de9c63d0da0f15c04318512e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
   *) Abort handshake if server key exchange message is omitted for ephemeral
      ECDH ciphersuites.
 
-     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+     reporting this issue.
      (CVE-2014-3572)
      [Steve Henson]
 
      violated the TLS standard by allowing the use of temporary RSA keys in
      non-export ciphersuites and could be used by a server to effectively
      downgrade the RSA key length used to a value smaller than the server
-     certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+     INRIA or reporting this issue.
      (CVE-2015-0204)
      [Steve Henson]