1 files changed, 19 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 62bcab9..7c1bb29 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,25 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+This release primarily addresses a number of security issues in coordination
+with the OpenSSL project.
+2.1.6 - Security update
+        * Fixes for the following issues are integrated into LibreSSL 2.1.6:
+          - CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
+          - CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
+          - CVE-2015-0287 - ASN.1 structure reuse memory corruption
+          - CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
+          - CVE-2015-0289 - PKCS7 NULL pointer dereferences
+        * The fix for CVE-2015-0207 - Segmentation fault in DTLSv1_listen
+          is integrated for safety, but LibreSSL is not vulnerable.
+        * Libtls is now built by default. The --enable-libtls
+          configuration option is no longer required.
+          The libtls API is now stable for the 2.1.x series.
 2.1.5 - Bug fixes and a security update
        * Fix incorrect comparison function in openssl(1) certhash command.
          Thanks to Christian Neukirchen / Void Linux.

diff --git a/ChangeLog b/ChangeLog index 62bcab9..7c1bb29 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,25 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	This release primarily addresses a number of security issues in coordination
		32	with the OpenSSL project.
		33
		34	2.1.6 - Security update
		35
		36	* Fixes for the following issues are integrated into LibreSSL 2.1.6:
		37	- CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
		38	- CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
		39	- CVE-2015-0287 - ASN.1 structure reuse memory corruption
		40	- CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
		41	- CVE-2015-0289 - PKCS7 NULL pointer dereferences
		42
		43	* The fix for CVE-2015-0207 - Segmentation fault in DTLSv1_listen
		44	is integrated for safety, but LibreSSL is not vulnerable.
		45
		46	* Libtls is now built by default. The --enable-libtls
		47	configuration option is no longer required.
		48	The libtls API is now stable for the 2.1.x series.
		49
31	2.1.5 - Bug fixes and a security update	50	2.1.5 - Bug fixes and a security update
32	* Fix incorrect comparison function in openssl(1) certhash command.	51	* Fix incorrect comparison function in openssl(1) certhash command.
33	Thanks to Christian Neukirchen / Void Linux.	52	Thanks to Christian Neukirchen / Void Linux.