diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-04-23 23:56:33 +0200 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-04-23 23:56:33 +0200 |
commit | 579d553464604832911c1eb08d014f487e54e0ff (patch) | |
tree | 9a1102bb53ab75fa0f51b81605e103f70c424a89 /NEWS | |
parent | objxref.pl: improve portability. (diff) | |
download | openssl-579d553464604832911c1eb08d014f487e54e0ff.tar.xz openssl-579d553464604832911c1eb08d014f487e54e0ff.zip |
update NEWS
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 18 |
1 files changed, 18 insertions, 0 deletions
@@ -5,6 +5,12 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a: + + o Fix for ASN1 overflow bug CVE-2012-2110 + o Workarounds for some servers that hang on long client hellos. + o Fix SEGV in AES code. + Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1: o TLS/DTLS heartbeat support. @@ -18,6 +24,10 @@ o Preliminary FIPS capability for unvalidated 2.0 FIPS module. o SRP support. + Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i: + + o Fix for ASN1 overflow bug CVE-2012-2110 + Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h: o Fix for CMS/PKCS#7 MMA CVE-2012-0884 @@ -90,6 +100,14 @@ o Opaque PRF Input TLS extension support. o Updated time routines to avoid OS limitations. + Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w: + + o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110) + + Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v: + + o Fix for ASN1 overflow bug CVE-2012-2110 + Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u: o Fix for CMS/PKCS#7 MMA CVE-2012-0884 |