diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-11-29 18:32:05 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-11-29 18:32:05 +0000 |
commit | 300b1d76fe27541c662ca606a6a201b2718e0c65 (patch) | |
tree | 8666b058ac74eeda00568cf1f17f76341436ac01 /CHANGES | |
parent | ae3fff50343705e9324d4a91af41ec843de9f3ed (diff) | |
download | openssl-300b1d76fe27541c662ca606a6a201b2718e0c65.tar.gz |
apply J-PKAKE fix to HEAD (original by Ben)
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 11 |
1 files changed, 9 insertions, 2 deletions
@@ -123,7 +123,7 @@ whose return value is often ignored. [Steve Henson] - Changes between 1.0.0b and 1.0.1 [xx XXX xxxx] + Changes between 1.0.0c and 1.0.1 [xx XXX xxxx] *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id. [Steve Henson] @@ -162,7 +162,14 @@ Add command line options to s_client/s_server. [Steve Henson] - Changes between 1.0.0a and 1.0.0b [xx XXX xxxx] + Changes between 1.0.0b and 1.0.0c [xx XXX xxxx] + + *) Fixed J-PAKE implementation error, originally discovered by + Sebastien Martini, further info and confirmation from Stefan + Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252 + [Ben Laurie] + + Changes between 1.0.0a and 1.0.0b [16 Nov 2010] *) Fix extension code to avoid race conditions which can result in a buffer overrun vulnerability: resumed sessions must not be modified as they can |