diff options
author | marha <marha@users.sourceforge.net> | 2011-04-13 07:49:50 +0000 |
---|---|---|
committer | marha <marha@users.sourceforge.net> | 2011-04-13 07:49:50 +0000 |
commit | 7bcdd32ccff794b9a83a88ff9bc2d0b7b088bd06 (patch) | |
tree | d5d217cd4d21932fa490076d0dea9a259a9a8a31 /openssl/CHANGES | |
parent | 125aba11ec484309e4dc5b2abf1b15ac98784159 (diff) | |
download | vcxsrv-7bcdd32ccff794b9a83a88ff9bc2d0b7b088bd06.tar.gz vcxsrv-7bcdd32ccff794b9a83a88ff9bc2d0b7b088bd06.tar.bz2 vcxsrv-7bcdd32ccff794b9a83a88ff9bc2d0b7b088bd06.zip |
Updated to openssl-1.0.0d
Diffstat (limited to 'openssl/CHANGES')
-rw-r--r-- | openssl/CHANGES | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/openssl/CHANGES b/openssl/CHANGES index 38bfd34aa..5cae85c9c 100644 --- a/openssl/CHANGES +++ b/openssl/CHANGES @@ -2,6 +2,16 @@ OpenSSL CHANGES _______________ + Changes between 1.0.0c and 1.0.0d [8 Feb 2011] + + *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014 + [Neel Mehta, Adam Langley, Bodo Moeller (Google)] + + *) Fix bug in string printing code: if *any* escaping is enabled we must + escape the escape character (backslash) or the resulting string is + ambiguous. + [Steve Henson] + Changes between 1.0.0b and 1.0.0c [2 Dec 2010] *) Disable code workaround for ancient and obsolete Netscape browsers @@ -872,11 +882,34 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] - Changes between 0.9.8o and 0.9.8p [xx XXX xxxx] + Changes between 0.9.8q and 0.9.8r [8 Feb 2011] + + *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014 + [Neel Mehta, Adam Langley, Bodo Moeller (Google)] + + *) Fix bug in string printing code: if *any* escaping is enabled we must + escape the escape character (backslash) or the resulting string is + ambiguous. + [Steve Henson] + + Changes between 0.9.8p and 0.9.8q [2 Dec 2010] + + *) Disable code workaround for ancient and obsolete Netscape browsers + and servers: an attacker can use it in a ciphersuite downgrade attack. + Thanks to Martin Rex for discovering this bug. CVE-2010-4180 + [Steve Henson] + + *) Fixed J-PAKE implementation error, originally discovered by + Sebastien Martini, further info and confirmation from Stefan + Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252 + [Ben Laurie] + + Changes between 0.9.8o and 0.9.8p [16 Nov 2010] *) Fix extension code to avoid race conditions which can result in a buffer overrun vulnerability: resumed sessions must not be modified as they can be shared by multiple threads. CVE-2010-3864 + [Steve Henson] *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939 [Steve Henson] |