X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=NEWS;h=94fd3bde1d6ac20fd3e0de48c6e667272381e313;hp=1102176ad7b920a2466d60725ee748e546bed814;hb=4e64f671c97650b060f20b6d930a88f1a2a306f7;hpb=86f6e8669c02e9077fa0dd1883f64b61328599a1

diff --git a/NEWS b/NEWS
index 1102176ad7..94fd3bde1d 100644
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,7 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
-  Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.2 [in beta]:
+  Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.2 [in beta]:
 
       o Suite B support for TLS 1.2 and DTLS 1.2
       o Support for DTLS 1.2
@@ -16,6 +16,14 @@
       o ALPN support.
       o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
 
+  Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
+
+      o Fix for CVE-2014-0224
+      o Fix for CVE-2014-0221
+      o Fix for CVE-2014-0195
+      o Fix for CVE-2014-3470
+      o Fix for CVE-2010-5298
+
   Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
 
       o Fix for CVE-2014-0160
@@ -160,6 +168,16 @@
       o Opaque PRF Input TLS extension support.
       o Updated time routines to avoid OS limitations.
 
+  Major changes between OpenSSL 0.9.8y and OpenSSL 0.9.8za [5 Jun 2014]:
+
+      o Fix for CVE-2014-0224
+      o Fix for CVE-2014-0221
+      o Fix for CVE-2014-0195
+      o Fix for CVE-2014-3470
+      o Fix for CVE-2014-0076
+      o Fix for CVE-2010-5298
+      o Fix to TLS alert handling.
+
   Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]:
 
       o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169