X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=ef87df354d252ab8747408f4a9a9cf85f3ba9430;hp=f8dfbd427c3ba06ccfee8266c89a92d366e232fe;hb=4138e3882556c762d77eb827b8be98507cde48df;hpb=ac8e9cbe14b59dacfe4ac52bc5ff06f8003e9b01

diff --git a/CHANGES b/CHANGES
index f8dfbd427c..ef87df354d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -670,7 +670,8 @@
   *) Abort handshake if server key exchange message is omitted for ephemeral
      ECDH ciphersuites.
 
-     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+     reporting this issue.
      (CVE-2014-3572)
      [Steve Henson]
 
@@ -678,7 +679,8 @@
      violated the TLS standard by allowing the use of temporary RSA keys in
      non-export ciphersuites and could be used by a server to effectively
      downgrade the RSA key length used to a value smaller than the server
-     certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+     INRIA or reporting this issue.
      (CVE-2015-0204)
      [Steve Henson]