projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add a CHANGES entry for the unrecognised record type change
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 17d444f2889ae793dae68fe5b69c1d0c5e2ea356..ba661db6388cc839ad554cfebd941bf26e9d52c6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,8 +4,11 @@
 
  Changes between 1.1.0a and 1.1.1 [xx XXX xxxx]
 
-  *) MDC2 is now disabled by default.
-     [Rich Salz]
+  *) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
+     or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
+     prevent issues where no progress is being made and the peer continually
+     sends unrecognised record types, using up resources processing them.
+     [Matt Caswell]
 
   *) 'openssl passwd' can now produce SHA256 and SHA512 based output,
      using the algorithm defined in
Unnamed repository; edit this file 'description' to name the repository.