Merge new security defaults for programs (RC4 disabled, SSL3 disabled)
diff --git a/ChangeLog b/ChangeLog
index d336409..96a09ae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,8 @@
for pre-1.2 clients when multiple certificates are available.
* Add support for getrandom() syscall on recent Linux kernels with Glibc or
a compatible enough libc (eg uClibc).
+ * Add ssl_set_arc4_support() to make it easier to diable RC4 at runtime
+ while using the default ciphersuite list.
Bugfix
* Stack buffer overflow if ctr_drbg_update() is called with too large
@@ -60,6 +62,8 @@
with a suitable (extended)KeyUsage or curve or no PSK set.
* It is now possible to disable neogtiation of truncated HMAC server-side
at runtime with ssl_set_truncated_hmac().
+ * Example programs for SSL client and server now disable SSLv3 by default.
+ * Example programs for SSL client and server now disable RC4 by default.
= PolarSSL 1.3.9 released 2014-10-20
Security