projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
get rid of OpenSSLDie
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index e3aac3ada29cac3150ea0a90513b3d6ef12849fd..5aff39d71fc641594b834ae04c6a5bb64e8d01ed 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,14 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.6d and 0.9.6e  [XX xxx XXXX]
+ Changes between 0.9.6e and 0.9.6f  [XX xxx XXXX]
+
+  *) Use proper error handling instead of 'assertions' in buffer
+     overflow checks added in 0.9.6e.  This prevents DoS (the
+     assertions could call abort()).
+     [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
+
+ Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]
 
   *) Fix cipher selection routines: ciphers without encryption had no flags
      for the cipher strength set and where therefore not handled correctly
Unnamed repository; edit this file 'description' to name the repository.