use correct credit in CHANGES

Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 4138e3882556c762d77eb827b8be98507cde48df) Conflicts: CHANGES
2015-01-06 21:12:15 +00:00 · 2015-01-06 21:12:15 +00:00 · 9c6c664041
commit 9c6c664041
parent 11f719da38
1 changed files with 4 additions and 2 deletions
--- a/6
+++ b/6
@ -7,7 +7,8 @@
  *) Abort handshake if server key exchange message is omitted for ephemeral
     ECDH ciphersuites.

-     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+     reporting this issue.
     (CVE-2014-3572)
     [Steve Henson]

@ -15,7 +16,8 @@
     violated the TLS standard by allowing the use of temporary RSA keys in
     non-export ciphersuites and could be used by a server to effectively
     downgrade the RSA key length used to a value smaller than the server
-     certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+     INRIA or reporting this issue.
     (CVE-2015-0204)
     [Steve Henson]