generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Further updates to CHANGES and NEWS

Browse Source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2016-01-28 12:28:53 +00:00
parent 5fed60f962
commit bea4cb2e80
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGES
View File

@ -4,6 +4,13 @@
Changes between 1.0.1q and 1.0.1r [xx XXX xxxx] Changes between 1.0.1q and 1.0.1r [xx XXX xxxx]
*) Protection for DH small subgroup attacks
As a precautionary measure the SSL_OP_SINGLE_DH_USE option has been
switched on by default and cannot be disabled. This could have some
performance impact.
[Matt Caswell]
*) SSLv2 doesn't block disabled ciphers *) SSLv2 doesn't block disabled ciphers
A malicious client can negotiate SSLv2 ciphers that have been disabled on A malicious client can negotiate SSLv2 ciphers that have been disabled on

1
NEWS
View File

@ -7,6 +7,7 @@
Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [under development] Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [under development]
o Protection for DH small subgroup attacks
o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) o SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015]