generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clean up CHANGES

Browse Source 
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 31832e8ff1)

Conflicts:
	CHANGES
This commit is contained in:
Emilia Kasper 2014-11-20 12:20:02 +01:00
parent e5f261df73
commit 0b9e82763f
1 changed files with 1 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CHANGES
View File

@ -2,7 +2,7 @@
OpenSSL CHANGES OpenSSL CHANGES
_______________ _______________
Changes between 1.0.1j and 1.0.2 [xx XXX xxxx] Changes between 1.0.1k and 1.0.2 [xx XXX xxxx]
*) SRTP Memory Leak. *) SRTP Memory Leak.
@ -43,22 +43,6 @@
(CVE-2014-3566) (CVE-2014-3566)
[Adam Langley, Bodo Moeller] [Adam Langley, Bodo Moeller]
*) Tighten handling of the ChangeCipherSpec (CCS) message: reject
early CCS messages during renegotiation. (Note that because
renegotiation is encrypted, this early CCS was not exploitable.)
[Emilia Käsper]
*) Tighten client-side session ticket handling during renegotiation:
ensure that the client only accepts a session ticket if the server sends
the extension anew in the ServerHello. Previously, a TLS client would
reuse the old extension state and thus accept a session ticket if one was
announced in the initial ServerHello.
Similarly, ensure that the client requires a session ticket if one
was advertised in the ServerHello. Previously, a TLS client would
ignore a missing NewSessionTicket message.
[Emilia Käsper]
*) Accelerated NIST P-256 elliptic curve implementation for x86_64 *) Accelerated NIST P-256 elliptic curve implementation for x86_64
(other platforms pending). (other platforms pending).
[Shay Gueron & Vlad Krasnov (Intel Corp), Andy Polyakov] [Shay Gueron & Vlad Krasnov (Intel Corp), Andy Polyakov]