Loading CHANGES +7 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,13 @@ Changes between 1.0.1q and 1.0.1r [xx XXX xxxx] *) Protection for DH small subgroup attacks As a precautionary measure the SSL_OP_SINGLE_DH_USE option has been switched on by default and cannot be disabled. This could have some performance impact. [Matt Caswell] *) SSLv2 doesn't block disabled ciphers A malicious client can negotiate SSLv2 ciphers that have been disabled on Loading NEWS +1 −0 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [under development] o Protection for DH small subgroup attacks o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] Loading Loading
CHANGES +7 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,13 @@ Changes between 1.0.1q and 1.0.1r [xx XXX xxxx] *) Protection for DH small subgroup attacks As a precautionary measure the SSL_OP_SINGLE_DH_USE option has been switched on by default and cannot be disabled. This could have some performance impact. [Matt Caswell] *) SSLv2 doesn't block disabled ciphers A malicious client can negotiate SSLv2 ciphers that have been disabled on Loading
NEWS +1 −0 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [under development] o Protection for DH small subgroup attacks o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] Loading
Richard Levitte <levitte@openssl.org>Richard Levitte <levitte@openssl.org>