diff options
author | simon <simon@FreeBSD.org> | 2010-12-03 22:59:54 +0000 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2010-12-03 22:59:54 +0000 |
commit | 2e755187682578966c1ec502dbfe70c798a908b4 (patch) | |
tree | 001121d5a23a0b1561ac01281edf7c5f1cb0972a /crypto/openssl/CHANGES | |
parent | 477858ee257a6cd5108309ebe5f2cc80ab26c5e1 (diff) | |
parent | ae03beb758270fb19d741c93f7bfde88a6635612 (diff) | |
download | FreeBSD-src-2e755187682578966c1ec502dbfe70c798a908b4.zip FreeBSD-src-2e755187682578966c1ec502dbfe70c798a908b4.tar.gz |
Merge OpenSSL 0.9.8q into head.
Security: CVE-2010-4180
Security: http://www.openssl.org/news/secadv_20101202.txt
MFC after: 3 days
Diffstat (limited to 'crypto/openssl/CHANGES')
-rw-r--r-- | crypto/openssl/CHANGES | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES index 58fd57c..55820db 100644 --- a/crypto/openssl/CHANGES +++ b/crypto/openssl/CHANGES @@ -2,6 +2,18 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8p and 0.9.8q [2 Dec 2010] + + *) Disable code workaround for ancient and obsolete Netscape browsers + and servers: an attacker can use it in a ciphersuite downgrade attack. + Thanks to Martin Rex for discovering this bug. CVE-2010-4180 + [Steve Henson] + + *) Fixed J-PAKE implementation error, originally discovered by + Sebastien Martini, further info and confirmation from Stefan + Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252 + [Ben Laurie] + Changes between 0.9.8o and 0.9.8p [16 Nov 2010] *) Fix extension code to avoid race conditions which can result in a buffer |