From: Mark J. Cox <mark@openssl.org>
Date: Thu, 28 Feb 2008 13:35:58 +0000 (+0000)
Subject: Add missing changelog entry for http://cvs.openssl.org/chngview?cn=16587
X-Git-Tag: OpenSSL_0_9_8h~76
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=216ac24bd3cd7c600b0ed59b6573bbfcbba52b41;p=openssl

Add missing changelog entry for http://cvs.openssl.org/chngview?cn=16587
---

diff --git a/CHANGES b/CHANGES
index 1adfa3608b..4211498e81 100644
--- a/CHANGES
+++ b/CHANGES
@@ -199,6 +199,10 @@
      authentication-only ciphersuites.
      [Bodo Moeller]
 
+  *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
+     not complete and could lead to a possible single byte overflow
+     (CVE-2007-5135) [Ben Laurie]
+
  Changes between 0.9.8d and 0.9.8e  [23 Feb 2007]
 
   *) Since AES128 and AES256 (and similarly Camellia128 and