From: Rob Stradling <rob@comodo.com>
Date: Thu, 12 Sep 2013 21:12:21 +0000 (+0100)
Subject: Update CHANGES.
X-Git-Tag: master-post-reformat~1182
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=785da0e6107460d05e2ed627613ddc851ac43ff6;hp=cbf81235122917265e18a86f07a7af2d15e3d525

Update CHANGES.
---

diff --git a/CHANGES b/CHANGES
index 734c3752bf..d292bd53ee 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,14 @@
 
  Changes between 1.0.x and 1.1.0  [xx XXX xxxx]
 
+  *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
+     avoids preferring ECDHE-ECDSA ciphers when the client appears to be
+     Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
+     several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
+     is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
+     10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
+     [Rob Stradling, Adam Langley]
+
   *) Experimental encrypt-then-mac support.
     
      Experimental support for encrypt then mac from