From 0695dfb71ca6fe132d15a4d0890e8a868183adf9 Mon Sep 17 00:00:00 2001 From: marha Date: Mon, 21 Dec 2009 15:26:57 +0000 Subject: Switched to openssl-0.9.8l --- openssl/CHANGES | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'openssl/CHANGES') diff --git a/openssl/CHANGES b/openssl/CHANGES index 04d332e33..3c9f51c5b 100644 --- a/openssl/CHANGES +++ b/openssl/CHANGES @@ -2,6 +2,16 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8k and 0.9.8l [5 Nov 2009] + + *) Disable renegotiation completely - this fixes a severe security + problem (CVE-2009-3555) at the cost of breaking all + renegotiation. Renegotiation can be re-enabled by setting + SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at + run-time. This is really not recommended unless you know what + you're doing. + [Ben Laurie] + Changes between 0.9.8j and 0.9.8k [25 Mar 2009] *) Don't set val to NULL when freeing up structures, it is freed up by -- cgit v1.2.3