Add CVE number.OpenSSL_0_9_8l

author: Ben Laurie <ben@openssl.org> 2009-11-05 16:08:52 +0000
committer: Ben Laurie <ben@openssl.org> 2009-11-05 16:08:52 +0000
commit: 1917fb6dd84e0a572f258a2931802224eb92b5c1 (patch)
tree: 806c753ab07e100b01819859eff885a045b45986
parent: 0fc93c4b928552ace40ceb6e2ccce42fe1d1b60d (diff)
download: openssl-1917fb6dd84e0a572f258a2931802224eb92b5c1.tar.gz
1 files changed, 5 insertions, 4 deletions
diff --git a/CHANGES b/CHANGES
index cd445c9313..3c9f51c5b7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,10 +5,11 @@
  Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]
 
   *) Disable renegotiation completely - this fixes a severe security
-     problem at the cost of breaking all renegotiation. Renegotiation
-     can be re-enabled by setting
-     OPENSSL_ENABLE_UNSAFE_LEGACY_SESSION_RENEGOTATION at
-     compile-time. This is really not recommended.
+     problem (CVE-2009-3555) at the cost of breaking all
+     renegotiation. Renegotiation can be re-enabled by setting
+     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+     run-time. This is really not recommended unless you know what
+     you're doing.
      [Ben Laurie]
 
  Changes between 0.9.8j and 0.9.8k  [25 Mar 2009]
author	Ben Laurie <ben@openssl.org>	2009-11-05 16:08:52 +0000
committer	Ben Laurie <ben@openssl.org>	2009-11-05 16:08:52 +0000
commit	1917fb6dd84e0a572f258a2931802224eb92b5c1 (patch)
tree	806c753ab07e100b01819859eff885a045b45986
parent	0fc93c4b928552ace40ceb6e2ccce42fe1d1b60d (diff)
download	openssl-1917fb6dd84e0a572f258a2931802224eb92b5c1.tar.gz