[openssl-commits] [openssl] OpenSSL source code branch master updated. 4138e3882556c762d77eb827b8be98507cde48df
Dr. Stephen Henson
steve at openssl.org
Tue Jan 6 22:41:18 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".
The branch, master has been updated
via 4138e3882556c762d77eb827b8be98507cde48df (commit)
from ac8e9cbe14b59dacfe4ac52bc5ff06f8003e9b01 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4138e3882556c762d77eb827b8be98507cde48df
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Jan 6 21:12:15 2015 +0000
use correct credit in CHANGES
Reviewed-by: Matt Caswell <matt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/CHANGES b/CHANGES
index f8dfbd4..ef87df3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -670,7 +670,8 @@
*) Abort handshake if server key exchange message is omitted for ephemeral
ECDH ciphersuites.
- Thanks to Karthikeyan Bhargavan for reporting this issue.
+ Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+ reporting this issue.
(CVE-2014-3572)
[Steve Henson]
@@ -678,7 +679,8 @@
violated the TLS standard by allowing the use of temporary RSA keys in
non-export ciphersuites and could be used by a server to effectively
downgrade the RSA key length used to a value smaller than the server
- certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+ certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+ INRIA or reporting this issue.
(CVE-2015-0204)
[Steve Henson]
hooks/post-receive
--
OpenSSL source code
More information about the openssl-commits
mailing list