svn merge ^/branches/released

author: marha <marha@users.sourceforge.net> 2009-12-22 14:14:24 +0000
committer: marha <marha@users.sourceforge.net> 2009-12-22 14:14:24 +0000
commit: 4284aeba874b9168f2228c59639bec8346a56796 (patch)
tree: d51ffb4507e0cae24b0875d8bb6b2c037829a684 /openssl/CHANGES
parent: c438f190eedc71ee8dd14e14fec660e98d3dc0bf (diff)
parent: 0695dfb71ca6fe132d15a4d0890e8a868183adf9 (diff)
download: vcxsrv-4284aeba874b9168f2228c59639bec8346a56796.tar.gz
vcxsrv-4284aeba874b9168f2228c59639bec8346a56796.tar.bz2
vcxsrv-4284aeba874b9168f2228c59639bec8346a56796.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/openssl/CHANGES b/openssl/CHANGES
index 04d332e33..3c9f51c5b 100644
--- a/openssl/CHANGES
+++ b/openssl/CHANGES
@@ -2,6 +2,16 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]
+
+  *) Disable renegotiation completely - this fixes a severe security
+     problem (CVE-2009-3555) at the cost of breaking all
+     renegotiation. Renegotiation can be re-enabled by setting
+     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+     run-time. This is really not recommended unless you know what
+     you're doing.
+     [Ben Laurie]
+
  Changes between 0.9.8j and 0.9.8k  [25 Mar 2009]
 
   *) Don't set val to NULL when freeing up structures, it is freed up by
author	marha <marha@users.sourceforge.net>	2009-12-22 14:14:24 +0000
committer	marha <marha@users.sourceforge.net>	2009-12-22 14:14:24 +0000
commit	4284aeba874b9168f2228c59639bec8346a56796 (patch)
tree	d51ffb4507e0cae24b0875d8bb6b2c037829a684 /openssl/CHANGES
parent	c438f190eedc71ee8dd14e14fec660e98d3dc0bf (diff)
parent	0695dfb71ca6fe132d15a4d0890e8a868183adf9 (diff)
download	vcxsrv-4284aeba874b9168f2228c59639bec8346a56796.tar.gz vcxsrv-4284aeba874b9168f2228c59639bec8346a56796.tar.bz2 vcxsrv-4284aeba874b9168f2228c59639bec8346a56796.zip