Switched to openssl-0.9.8l

author: marha <marha@users.sourceforge.net> 2009-12-21 15:26:57 +0000
committer: marha <marha@users.sourceforge.net> 2009-12-21 15:26:57 +0000
commit: 0695dfb71ca6fe132d15a4d0890e8a868183adf9 (patch)
tree: 1803f38d893025a3dbfeafec7a56146e141c0772 /openssl/CHANGES
parent: 1ee02cd0419021c3d4950af2619da39c6e9c47f0 (diff)
download: vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.gz
vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.bz2
vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/openssl/CHANGES b/openssl/CHANGES
index 04d332e33..3c9f51c5b 100644
--- a/openssl/CHANGES
+++ b/openssl/CHANGES
@@ -2,6 +2,16 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]
+
+  *) Disable renegotiation completely - this fixes a severe security
+     problem (CVE-2009-3555) at the cost of breaking all
+     renegotiation. Renegotiation can be re-enabled by setting
+     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+     run-time. This is really not recommended unless you know what
+     you're doing.
+     [Ben Laurie]
+
  Changes between 0.9.8j and 0.9.8k  [25 Mar 2009]
 
   *) Don't set val to NULL when freeing up structures, it is freed up by
author	marha <marha@users.sourceforge.net>	2009-12-21 15:26:57 +0000
committer	marha <marha@users.sourceforge.net>	2009-12-21 15:26:57 +0000
commit	0695dfb71ca6fe132d15a4d0890e8a868183adf9 (patch)
tree	1803f38d893025a3dbfeafec7a56146e141c0772 /openssl/CHANGES
parent	1ee02cd0419021c3d4950af2619da39c6e9c47f0 (diff)
download	vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.gz vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.bz2 vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.zip