diff --git a/CHANGES b/CHANGES index f310a75075..04b14bda8c 100644 --- a/CHANGES +++ b/CHANGES @@ -261,14 +261,6 @@ *) Add support for SCTP. [Robin Seggelmann ] - *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) - [Andrey Kulikov ] - - *) Prevent malformed RFC3779 data triggering an assertion failure. - Thanks to Andrew Chi, BBN Technologies, for discovering the flaw - and Rob Austein for fixing it. (CVE-2011-4577) - [Rob Austein ] - *) Improved PRNG seeding for VOS. [Paul Green ] @@ -531,6 +523,17 @@ Changes between 1.0.0e and 1.0.0f [xx XXX xxxx] + *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) + [Adam Langley (Google)] + + *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) + [Andrey Kulikov ] + + *) Prevent malformed RFC3779 data triggering an assertion failure. + Thanks to Andrew Chi, BBN Technologies, for discovering the flaw + and Rob Austein for fixing it. (CVE-2011-4577) + [Rob Austein ] + *) Fix ssl_ciph.c set-up race. [Adam Langley (Google)]