Update changelog

author: Brent Cook <bcook@openbsd.org> 2016-09-23 05:40:01 -0500
committer: Brent Cook <bcook@openbsd.org> 2016-09-23 05:41:25 -0500
commit: a89681418780095c3a8d0786bedfa43e4afb2349 (patch)
tree: bcc24fb25e4ef3379745c659117bd83d475c49b6
parent: b7ba692f72f232602efb3e720ab0510406bae69c (diff)
download: portable-a89681418780095c3a8d0786bedfa43e4afb2349.tar.gz
portable-a89681418780095c3a8d0786bedfa43e4afb2349.tar.bz2
portable-a89681418780095c3a8d0786bedfa43e4afb2349.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 6ec28e0..0c5a934 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,19 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+2.4.3 - Bug fixes and reliability improvements
+        * Reverted change that cleans up the EVP cipher context in
+          EVP_EncryptFinal() and EVP_DecryptFinal(). Some software relies on the
+          previous behaviour.
+        * Avoid unbounded memory growth in libssl, which can be triggered by a
+          TLS client repeatedly renegotiating and sending OCSP Status Request
+          TLS extensions.
+        * Avoid falling back to a weak digest for (EC)DH when using SNI with
+          libssl.
 2.4.2 - Bug fixes and improvements
        * Fixed loading default certificate locations with openssl s_client.
author	Brent Cook <bcook@openbsd.org>	2016-09-23 05:40:01 -0500
committer	Brent Cook <bcook@openbsd.org>	2016-09-23 05:41:25 -0500
commit	a89681418780095c3a8d0786bedfa43e4afb2349 (patch)
tree	bcc24fb25e4ef3379745c659117bd83d475c49b6
parent	b7ba692f72f232602efb3e720ab0510406bae69c (diff)
download	portable-a89681418780095c3a8d0786bedfa43e4afb2349.tar.gz portable-a89681418780095c3a8d0786bedfa43e4afb2349.tar.bz2 portable-a89681418780095c3a8d0786bedfa43e4afb2349.zip

diff --git a/ChangeLog b/ChangeLog index 6ec28e0..0c5a934 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,19 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	2.4.3 - Bug fixes and reliability improvements
		32
		33	* Reverted change that cleans up the EVP cipher context in
		34	EVP_EncryptFinal() and EVP_DecryptFinal(). Some software relies on the
		35	previous behaviour.
		36
		37	* Avoid unbounded memory growth in libssl, which can be triggered by a
		38	TLS client repeatedly renegotiating and sending OCSP Status Request
		39	TLS extensions.
		40
		41	* Avoid falling back to a weak digest for (EC)DH when using SNI with
		42	libssl.
		43
31	2.4.2 - Bug fixes and improvements	44	2.4.2 - Bug fixes and improvements
32		45
33	* Fixed loading default certificate locations with openssl s_client.	46	* Fixed loading default certificate locations with openssl s_client.