[openssl-commits] [openssl] OpenSSL source code branch OpenSSL_1_0_0-stable updated. OpenSSL_1_0_0o-61-g65c63da

Dr. Stephen Henson steve at openssl.org
Tue Jan 6 22:45:03 UTC 2015


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".

The branch, OpenSSL_1_0_0-stable has been updated
       via  65c63da207543cd3d1de7ef20355b7ac364af8dd (commit)
      from  9f028e4a788b9531bbfc66a3bf2b9cba36a167eb (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 65c63da207543cd3d1de7ef20355b7ac364af8dd
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Tue Jan 6 21:12:15 2015 +0000

    use correct credit in CHANGES
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (cherry picked from commit 4138e3882556c762d77eb827b8be98507cde48df)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 0fbac88..bc92912 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,7 +7,8 @@
   *) Abort handshake if server key exchange message is omitted for ephemeral
      ECDH ciphersuites.
 
-     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+     reporting this issue.
      (CVE-2014-3572)
      [Steve Henson]
 
@@ -15,7 +16,8 @@
      violated the TLS standard by allowing the use of temporary RSA keys in
      non-export ciphersuites and could be used by a server to effectively
      downgrade the RSA key length used to a value smaller than the server
-     certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+     INRIA or reporting this issue.
      (CVE-2015-0204)
      [Steve Henson]
 


hooks/post-receive
-- 
OpenSSL source code


More information about the openssl-commits mailing list