X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=5cf2a6e373c648b8f8243ef0d4f45b971cdd7bb4;hp=cfaa9770b8559602a0672d9b966700db65733ed9;hb=1340db6569c1e0328fd5fb01b2549c41a9b9bcef;hpb=72b60351f17f26568e3af698fab4abd043b3fa29

diff --git a/CHANGES b/CHANGES
index cfaa9770b8..5cf2a6e373 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,30 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 2000]
 
+  *) Allow for the possibility of temp RSA key generation failure:
+     the code used to assume it always worked and crashed on failure.
+     [Steve Henson]
+
+  *) Fix potential buffer overrun problem in BIO_printf().
+     [Ulf Möller, using public domain code by Patrick Powell; problem
+      pointed out by David Sacerdote <das33@cornell.edu>]
+
+  *) Support EGD <http://www.lothar.com/tech/crypto/>.  New functions
+     RAND_egd() and RAND_status().  In the command line application,
+     the EGD socket can be specified like a seed file using RANDFILE
+     or -rand.
+     [Ulf Möller]
+
+  *) Allow the string CERTIFICATE to be tolerated in PKCS#7 structures.
+     Some CAs (e.g. Verisign) distribute certificates in this form.
+     [Steve Henson]
+
+  *) Remove the SSL_ALLOW_ADH compile option and set the default cipher
+     list to exclude them. This means that no special compilation option
+     is needed to use anonymous DH: it just needs to be included in the
+     cipher list.
+     [Steve Henson]
+
   *) Change the EVP_MD_CTX_type macro so its meaning consistent with
      EVP_MD_type. The old functionality is available in a new macro called
      EVP_MD_md(). Change code that uses it and update docs.
@@ -15,6 +39,7 @@
      many platforms, but is not correct.  As these functions are usually
      called by macros defined in OpenSSL header files, most source code
      should work without changes.
+     [Richard Levitte]
 
   *) <openssl/opensslconf.h> (which is created by Configure) now contains
      sections with information on -D... compiler switches used for
@@ -24,6 +49,7 @@
         #define OPENSSL_ALGORITHM_DEFINES
         #include <openssl/opensslconf.h>
      defines all pertinent NO_<algo> symbols, such as NO_IDEA, NO_RSA, etc.
+     [Richard Levitte, Ulf and Bodo Möller]
 
   *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS
      record layer.