SWEET32 (CVE-2016-2183): Move DES from HIGH to MEDIUM

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 9442f3d9e48c064b792ae69b19656c21930771f9..f89b50be639e2f02ba86c8feae7f7cfdd948b327 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,9 @@
 
  Changes between 1.0.1t and 1.0.1u [xx XXX xxxx]
 
-  *)
+  *) In order to mitigate the SWEET32 attack (CVE-2016-2183),
+     the DES ciphers were moved from HIGH to MEDIUM.
+     [Rich Salz]
 
  Changes between 1.0.1s and 1.0.1t [3 May 2016]