diff options
author | Bodo Möller <bodo@openssl.org> | 2009-11-26 18:39:21 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2009-11-26 18:39:21 +0000 |
commit | 2256dedfec66f2bb6841444e342a15a3144536e4 (patch) | |
tree | 9cb3586f057b56e5b55dc929d8244fcf3dcfd090 | |
parent | 1917fb6dd84e0a572f258a2931802224eb92b5c1 (diff) | |
download | openssl-new-BRANCH_OpenSSL_0_9_8k.tar.gz |
Import corrected CHANGES file from OpenSSL_0_9_8-stable (as far asBRANCH_OpenSSL_0_9_8k
applicable for this branch)
-rw-r--r-- | CHANGES | 17 |
1 files changed, 4 insertions, 13 deletions
@@ -96,6 +96,10 @@ Changes between 0.9.8h and 0.9.8i [15 Sep 2008] + *) Fix NULL pointer dereference if a DTLS server received + ChangeCipherSpec as first record (CVE-2009-1386). + [PR #1679] + *) Fix a state transitition in s3_srvr.c and d1_srvr.c (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...). [Nagendra Modadugu] @@ -1499,19 +1503,6 @@ differing sizes. [Richard Levitte] - Changes between 0.9.7m and 0.9.7n [xx XXX xxxx] - - *) In the SSL/TLS server implementation, be strict about session ID - context matching (which matters if an application uses a single - external cache for different purposes). Previously, - out-of-context reuse was forbidden only if SSL_VERIFY_PEER was - set. This did ensure strict client verification, but meant that, - with applications using a single external cache for quite - different requirements, clients could circumvent ciphersuite - restrictions for a given session ID context by starting a session - in a different context. - [Bodo Moeller] - Changes between 0.9.7l and 0.9.7m [23 Feb 2007] *) Cleanse PEM buffers before freeing them since they may contain |