diff options
| author | Brent Cook <bcook@openbsd.org> | 2016-09-23 05:43:04 -0500 |
|---|---|---|
| committer | Brent Cook <bcook@openbsd.org> | 2016-09-23 05:43:25 -0500 |
| commit | b67802c2db673f970b2421998e97a4755813acc9 (patch) | |
| tree | 9ea1f3520bf74dfcaee151f34fd1d7ba690a1f37 | |
| parent | 25d8a429c13a240de8789e12d26ea036b921a665 (diff) | |
| download | portable-2.3.8.tar.gz portable-2.3.8.tar.bz2 portable-2.3.8.zip | |
update changelog for 2.3.8v2.3.8
| -rw-r--r-- | ChangeLog | 9 |
1 files changed, 9 insertions, 0 deletions
| @@ -28,6 +28,15 @@ history is also available from Git. | |||
| 28 | 28 | ||
| 29 | LibreSSL Portable Release Notes: | 29 | LibreSSL Portable Release Notes: |
| 30 | 30 | ||
| 31 | 2.3.8 - Security and reliability fixes | ||
| 32 | |||
| 33 | * Avoid unbounded memory growth in libssl, which can be triggered by a | ||
| 34 | TLS client repeatedly renegotiating and sending OCSP Status Request | ||
| 35 | TLS extensions. | ||
| 36 | |||
| 37 | * Avoid falling back to a weak digest for (EC)DH when using SNI with | ||
| 38 | libssl. | ||
| 39 | |||
| 31 | 2.3.7 - OCSP fixes | 40 | 2.3.7 - OCSP fixes |
| 32 | 41 | ||
| 33 | * Fix several issues in the OCSP code that could result in the | 42 | * Fix several issues in the OCSP code that could result in the |