From 216ac24bd3cd7c600b0ed59b6573bbfcbba52b41 Mon Sep 17 00:00:00 2001
From: "Mark J. Cox" <mark@openssl.org>
Date: Thu, 28 Feb 2008 13:35:58 +0000
Subject: [PATCH] Add missing changelog entry for
 http://cvs.openssl.org/chngview?cn=16587

---
 CHANGES | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGES b/CHANGES
index 1adfa3608b..4211498e81 100644
--- a/CHANGES
+++ b/CHANGES
@@ -199,6 +199,10 @@
      authentication-only ciphersuites.
      [Bodo Moeller]
 
+  *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
+     not complete and could lead to a possible single byte overflow
+     (CVE-2007-5135) [Ben Laurie]
+
  Changes between 0.9.8d and 0.9.8e  [23 Feb 2007]
 
   *) Since AES128 and AES256 (and similarly Camellia128 and
-- 
2.50.1