X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=f6fabf9380f42df03d1928877c8134a5084721cf;hp=cfaebba26ab67f8962aea1cc4517efb82d104e99;hb=a7304e4b980a322e65486c766d3c67a8857705c5;hpb=13bca90ac5546a5c5703b6c9a68af36bae695bca

diff --git a/CHANGES b/CHANGES
index cfaebba26a..f6fabf9380 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,21 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 1.0.1e and 1.0.1f [xx XXX xxxx]
+ Changes between 1.0.1f and 1.0.1g [xx XXX xxxx]
+
+  *)
+
+ Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
+
+  *) Fix for TLS record tampering bug. A carefully crafted invalid 
+     handshake could crash OpenSSL with a NULL pointer exception.
+     Thanks to Anton Johansson for reporting this issues.
+     (CVE-2013-4353)
+
+  *) Keep original DTLS digest and encryption contexts in retransmission
+     structures so we can use the previous session parameters if they need
+     to be resent. (CVE-2013-6450)
+     [Steve Henson]
 
   *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
      avoids preferring ECDHE-ECDSA ciphers when the client appears to be