X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=0bc0d90e7de2abf5b6052e3a0dea8c871dba7787;hp=e8f1748ac7222d7fa752f2358dbfcea48309a210;hb=4531c1aa5e0ac2549add45487d7bfe50e976b76b;hpb=cc7399e79cbe45ad363d2a67dd04cb599f9481eb

diff --git a/CHANGES b/CHANGES
index e8f1748ac7..0bc0d90e7d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,24 @@
 
  Changes between 0.9.8k and 1.0  [xx XXX xxxx]
 
+  *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't
+     be used on C++.
+     [Steve Henson]
+
+  *) Add "missing" function EVP_MD_flags() (without this the only way to
+     retrieve a digest flags is by accessing the structure directly. Update
+     EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest
+     or cipher is registered as in the "from" argument. Print out all
+     registered digests in the dgst usage message instead of manually 
+     attempting to work them out.
+     [Steve Henson]
+
+  *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
+     this allows the use of compression and extensions. Change default cipher
+     string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
+     by default unless an application cipher string requests it.
+     [Steve Henson]
+
   *) Alter match criteria in PKCS12_parse(). It used to try to use local
      key ids to find matching certificates and keys but some PKCS#12 files
      don't follow the (somewhat unwritten) rules and this strategy fails.