Update CHANGES and NEWS
Update the CHANGES and NEWS files for the new release. Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell
12
CHANGES
12
CHANGES
@@ -4,7 +4,17 @@
|
|||||||
|
|
||||||
Changes between 0.9.8zg and 0.9.8zh [xx XXX xxxx]
|
Changes between 0.9.8zg and 0.9.8zh [xx XXX xxxx]
|
||||||
|
|
||||||
*)
|
*) X509_ATTRIBUTE memory leak
|
||||||
|
|
||||||
|
When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
|
||||||
|
memory. This structure is used by the PKCS#7 and CMS routines so any
|
||||||
|
application which reads PKCS#7 or CMS data from untrusted sources is
|
||||||
|
affected. SSL/TLS is not affected.
|
||||||
|
|
||||||
|
This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
|
||||||
|
libFuzzer.
|
||||||
|
(CVE-2015-3195)
|
||||||
|
[Stephen Henson]
|
||||||
|
|
||||||
Changes between 0.9.8zf and 0.9.8zg [11 Jun 2015]
|
Changes between 0.9.8zf and 0.9.8zg [11 Jun 2015]
|
||||||
|
|
||||||
|
|||||||
2
NEWS
2
NEWS
@@ -7,7 +7,7 @@
|
|||||||
|
|
||||||
Major changes between OpenSSL 0.9.8zg and OpenSSL 0.9.8zh [under development]
|
Major changes between OpenSSL 0.9.8zg and OpenSSL 0.9.8zh [under development]
|
||||||
|
|
||||||
o
|
o X509_ATTRIBUTE memory leak (CVE-2015-3195)
|
||||||
|
|
||||||
Major changes between OpenSSL 0.9.8zf and OpenSSL 0.9.8zg [11 Jun 2015]
|
Major changes between OpenSSL 0.9.8zf and OpenSSL 0.9.8zg [11 Jun 2015]
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user