From fef0b61e18b9c7475e4d6e67ddfc55db46573f4e Mon Sep 17 00:00:00 2001
From: marha <marha@users.sourceforge.net>
Date: Wed, 16 Jun 2010 16:17:11 +0000
Subject: Switched to openssl-1.0.0a

---
 openssl/CHANGES | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'openssl/CHANGES')

diff --git a/openssl/CHANGES b/openssl/CHANGES
index e8655ab14..b139cf624 100644
--- a/openssl/CHANGES
+++ b/openssl/CHANGES
@@ -2,6 +2,12 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 1.0.0 and 1.0.0a  [01 Jun 2010]
+
+  *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover 
+     (CVE-2010-1633)
+     [Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
+
  Changes between 0.9.8n and 1.0.0  [29 Mar 2010]
 
   *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
@@ -843,6 +849,17 @@
   *) Change 'Configure' script to enable Camellia by default.
      [NTT]
   
+ Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
+
+  *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+     access or freeing data twice (CVE-2010-0742)
+     [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
+
+  *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
+     common in certificates and some applications which only call
+     SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
+     [Steve Henson]
+
  Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
 
   *) When rejecting SSL/TLS records due to an incorrect version number, never
-- 
cgit v1.2.3