update changelog for 2.1.6v2.1.6

author: Brent Cook <bcook@openbsd.org> 2015-03-19 00:50:36 -0500
committer: Brent Cook <bcook@openbsd.org> 2015-03-19 01:13:01 -0500
commit: 89c5dc6bcfb96c830f66052ab8c6959f0d16c6e9 (patch)
tree: b1ef09fddbdeeb0b7f4e38a257ecc53b17bcae74
parent: 2a7498cc7fa3f4d20792f43f2cd7d8a8ee1abfa3 (diff)
download: portable-2.1.6.tar.gz
portable-2.1.6.tar.bz2
portable-2.1.6.zip
1 files changed, 19 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 62bcab9..7c1bb29 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,25 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+This release primarily addresses a number of security issues in coordination
+with the OpenSSL project.
+2.1.6 - Security update
+        * Fixes for the following issues are integrated into LibreSSL 2.1.6:
+          - CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
+          - CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
+          - CVE-2015-0287 - ASN.1 structure reuse memory corruption
+          - CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
+          - CVE-2015-0289 - PKCS7 NULL pointer dereferences
+        * The fix for CVE-2015-0207 - Segmentation fault in DTLSv1_listen
+          is integrated for safety, but LibreSSL is not vulnerable.
+        * Libtls is now built by default. The --enable-libtls
+          configuration option is no longer required.
+          The libtls API is now stable for the 2.1.x series.
 2.1.5 - Bug fixes and a security update
        * Fix incorrect comparison function in openssl(1) certhash command.
          Thanks to Christian Neukirchen / Void Linux.
author	Brent Cook <bcook@openbsd.org>	2015-03-19 00:50:36 -0500
committer	Brent Cook <bcook@openbsd.org>	2015-03-19 01:13:01 -0500
commit	89c5dc6bcfb96c830f66052ab8c6959f0d16c6e9 (patch)
tree	b1ef09fddbdeeb0b7f4e38a257ecc53b17bcae74
parent	2a7498cc7fa3f4d20792f43f2cd7d8a8ee1abfa3 (diff)
download	portable-2.1.6.tar.gz portable-2.1.6.tar.bz2 portable-2.1.6.zip

diff --git a/ChangeLog b/ChangeLog index 62bcab9..7c1bb29 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,25 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	This release primarily addresses a number of security issues in coordination
		32	with the OpenSSL project.
		33
		34	2.1.6 - Security update
		35
		36	* Fixes for the following issues are integrated into LibreSSL 2.1.6:
		37	- CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
		38	- CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
		39	- CVE-2015-0287 - ASN.1 structure reuse memory corruption
		40	- CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
		41	- CVE-2015-0289 - PKCS7 NULL pointer dereferences
		42
		43	* The fix for CVE-2015-0207 - Segmentation fault in DTLSv1_listen
		44	is integrated for safety, but LibreSSL is not vulnerable.
		45
		46	* Libtls is now built by default. The --enable-libtls
		47	configuration option is no longer required.
		48	The libtls API is now stable for the 2.1.x series.
		49
31	2.1.5 - Bug fixes and a security update	50	2.1.5 - Bug fixes and a security update
32	* Fix incorrect comparison function in openssl(1) certhash command.	51	* Fix incorrect comparison function in openssl(1) certhash command.
33	Thanks to Christian Neukirchen / Void Linux.	52	Thanks to Christian Neukirchen / Void Linux.