Potential buffer-overflow for ssl_read_record()

commit: 8648f04e47986d8bf2679dc24ad144b779e9950d [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Wed Sep 11 13:16:28 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Wed Sep 11 13:16:28 2013 +0200
tree: 966dd659be49d9f34014c6152d01b013d43a0e29
parent: 3f5b7536546e99595c05d803b56a64c60ef0f0e4 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index f8a46d9..88e5341 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,5 +1,10 @@
 PolarSSL ChangeLog
 
+= Branch 1.1
+Security
+   * Potential buffer-overflow for ssl_read_record() (independently found by
+     both TrustInSoft and Paul Brodeur of Leviathan Security Group)
+
 = Version 1.1.7 released on 2013-06-19
 Changes
    * HAVEGE random generator disabled by default
commit	8648f04e47986d8bf2679dc24ad144b779e9950d	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Wed Sep 11 13:16:28 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Wed Sep 11 13:16:28 2013 +0200
tree	966dd659be49d9f34014c6152d01b013d43a0e29
parent	3f5b7536546e99595c05d803b56a64c60ef0f0e4 [diff] [blame]