Commit 4dc83677 authored by Bodo Moeller's avatar Bodo Moeller
Browse files

Sync CHANGES and NEWS files. 

(Various changes from the master branch are now in the 1.0.2 branch too.)
parent ca567a03

CHANGES

+421 −241

File changed.

Preview size limit exceeded, changes collapsed.

NEWS

+25 −0
Original line number Original line Diff line number Diff line
@@ -5,10 +5,17 @@ 
  This file gives a brief overview of the major changes between each OpenSSL

  This file gives a brief overview of the major changes between each OpenSSL

  release. For more details please read the CHANGES file.

  release. For more details please read the CHANGES file.





  Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:



      o Corrected fix for CVE-2013-0169



  Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:

  Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:





      o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.

      o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.

      o Include the fips configuration module.

      o Include the fips configuration module.

      o Fix OCSP bad key DoS attack CVE-2013-0166

      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169

      o Fix for TLS AESNI record handling flaw CVE-2012-2686





  Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:

  Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
@@ -40,6 +47,15 @@ 
      o Preliminary FIPS capability for unvalidated 2.0 FIPS module.

      o Preliminary FIPS capability for unvalidated 2.0 FIPS module.

      o SRP support.

      o SRP support.





  Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k:



      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169

      o Fix OCSP bad key DoS attack CVE-2013-0166



  Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j:



      o Fix DTLS record length checking bug CVE-2012-2333



  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i:

  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i:





      o Fix for ASN1 overflow bug CVE-2012-2110

      o Fix for ASN1 overflow bug CVE-2012-2110
@@ -116,6 +132,15 @@ 
      o Opaque PRF Input TLS extension support.

      o Opaque PRF Input TLS extension support.

      o Updated time routines to avoid OS limitations.

      o Updated time routines to avoid OS limitations.





  Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y:



      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169

      o Fix OCSP bad key DoS attack CVE-2013-0166



  Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x:



      o Fix DTLS record length checking bug CVE-2012-2333



  Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w:

  Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w:





      o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)

      o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)