diff options
author | Kyungwook Tak <k.tak@samsung.com> | 2015-08-31 16:15:21 +0900 |
---|---|---|
committer | Kyungwook Tak <k.tak@samsung.com> | 2015-08-31 16:16:50 +0900 |
commit | 13ea66c69fd44fadc3e1493311a74537b8cb5d7c (patch) | |
tree | c31b529ad95ce803d01be8e6b29c2525e7af56e1 /NEWS | |
parent | 9b8531ea0e590efa2ac959b824e1a350dace84b9 (diff) | |
download | openssl-13ea66c69fd44fadc3e1493311a74537b8cb5d7c.tar.gz openssl-13ea66c69fd44fadc3e1493311a74537b8cb5d7c.tar.bz2 openssl-13ea66c69fd44fadc3e1493311a74537b8cb5d7c.zip |
Imported Upstream version 1.0.1pupstream/1.0.1p
Change-Id: I297624cdcb5d68a3442cdf4666722e66ce7a264b
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -5,6 +5,22 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015] + + o Alternate chains certificate forgery (CVE-2015-1793) + + Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015] + + o Fix HMAC ABI incompatibility + + Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015] + + o Malformed ECParameters causes infinite loop (CVE-2015-1788) + o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) + o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) + o CMS verify infinite loop with unknown hash function (CVE-2015-1792) + o Race condition handling NewSessionTicket (CVE-2015-1791) + Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015] o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) |