X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=d82e05f15844dfcdbc369bfc7350e94382c5ad80;hp=3af69f1d225562c8d335e20df47e2950dc3a0bc3;hb=2064e2db08eb90da711999445680d45c44483e82;hpb=ed6c278f60120f768a847fca7441b20ca3e1e827

diff --git a/CHANGES b/CHANGES
index 3af69f1d22..d82e05f158 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,7 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 1.0.1g and 1.0.2 [xx XXX xxxx]
+ Changes between 1.0.1h and 1.0.2 [xx XXX xxxx]
 
   *) Harmonize version and its documentation. -f flag is used to display
      compilation flags.
@@ -23,10 +23,6 @@
      MGF1 digest and OAEP label.
      [Steve Henson]
 
-  *) Add callbacks supporting generation and retrieval of supplemental
-     data entries.
-     [Scott Deboy <sdeboy@apache.org>, Trevor Perrin and Ben Laurie]
-
   *) Add EVP support for key wrapping algorithms, to avoid problems with
      existing code the flag EVP_CIPHER_CTX_WRAP_ALLOW has to be set in
      the EVP_CIPHER_CTX or an error is returned. Add AES and DES3 wrap
@@ -233,9 +229,6 @@
   *) Support for linux-x32, ILP32 environment in x86_64 framework.
      [Andy Polyakov]
 
-  *) RFC 5878 (TLS Authorization Extensions) support.
-     [Emilia Kasper, Adam Langley, Ben Laurie (Google)]
-
   *) Experimental multi-implementation support for FIPS capable OpenSSL.
      When in FIPS mode the approved implementations are used as normal,
      when not in FIPS mode the internal unapproved versions are used instead.
@@ -291,6 +284,50 @@
      certificates.
      [Steve Henson]
 
+ Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
+
+  *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
+     handshake can force the use of weak keying material in OpenSSL
+     SSL/TLS clients and servers.
+
+     Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
+     researching this issue. (CVE-2014-0224)
+     [KIKUCHI Masashi, Steve Henson]
+
+  *) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
+     OpenSSL DTLS client the code can be made to recurse eventually crashing
+     in a DoS attack.
+
+     Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
+     (CVE-2014-0221)
+     [Imre Rad, Steve Henson]
+
+  *) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
+     be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
+     client or server. This is potentially exploitable to run arbitrary
+     code on a vulnerable client or server.
+
+     Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
+     [Jüri Aedla, Steve Henson]
+
+  *) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
+     are subject to a denial of service attack.
+
+     Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
+     this issue. (CVE-2014-3470)
+     [Felix Gröbert, Ivan Fratric, Steve Henson]
+
+  *) Harmonize version and its documentation. -f flag is used to display
+     compilation flags.
+     [mancha <mancha1@zoho.com>]
+
+  *) Fix eckey_priv_encode so it immediately returns an error upon a failure
+     in i2d_ECPrivateKey.
+     [mancha <mancha1@zoho.com>]
+
+  *) Fix some double frees. These are not thought to be exploitable.
+     [mancha <mancha1@zoho.com>]
+
  Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
 
   *) A missing bounds check in the handling of the TLS heartbeat extension