From 4dc836773e042806235bd724acc711f0cb9b049b Mon Sep 17 00:00:00 2001
From: Bodo Moeller <bodo@openssl.org>
Date: Mon, 16 Sep 2013 14:55:03 +0200
Subject: Sync CHANGES and NEWS files.

(Various changes from the master branch are now in the 1.0.2 branch too.)
---
 NEWS | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 5db2581455..2d1dd133e6 100644
--- a/NEWS
+++ b/NEWS
@@ -5,10 +5,17 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:
+
+      o Corrected fix for CVE-2013-0169
+
   Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
 
       o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
       o Include the fips configuration module.
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix for TLS AESNI record handling flaw CVE-2012-2686
 
   Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
 
@@ -40,6 +47,15 @@
       o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
       o SRP support.
 
+  Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k:
+
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+
+  Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j:
+
+      o Fix DTLS record length checking bug CVE-2012-2333
+
   Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i:
 
       o Fix for ASN1 overflow bug CVE-2012-2110
@@ -116,6 +132,15 @@
       o Opaque PRF Input TLS extension support.
       o Updated time routines to avoid OS limitations.
 
+  Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y:
+
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+
+  Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x:
+
+      o Fix DTLS record length checking bug CVE-2012-2333
+
   Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w:
 
       o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
-- 
cgit v1.2.3