- Replaced function that fixes man-in-the-middle attack - Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC) - Released version 0.14.2

commit: d741cf4cca0ad04d4300966011c30c4ab080aec1 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Mon Feb 28 21:10:41 2011 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Mon Feb 28 21:10:41 2011 +0000
tree: 8c76afef72997aa8beae567e27b19c1ca244720a
parent: 02710261aef8e36a7ab3be6fad202173ae022b7c [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 50b5a2b..79540c9 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,6 +1,7 @@
 PolarSSL ChangeLog
 
-= Version 0.14.1 released on 2011-02-22
+= Version 0.14.2 released on 2011-02-28
+This release replaces version 0.14.1 which had possible copyright issues.
 Bugfixes
    * Corrected parsing of UTCTime dates before 1990 and
      after 1950
@@ -13,6 +14,11 @@
      to negotiate anonymous connection (Fixes ticket #12,
 	 found by Boris Krasnovskiy)
 
+Security fixes
+   * Fixed a possible Man-in-the-Middle attack on the
+     Diffie Hellman key exchange (thanks to Larry Highsmith,
+	 Subreption LLC)
+
 = Version 0.14.0 released on 2010-08-16
 Features
    * Added support for SSL_EDH_RSA_AES_128_SHA and
commit	d741cf4cca0ad04d4300966011c30c4ab080aec1	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Mon Feb 28 21:10:41 2011 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Mon Feb 28 21:10:41 2011 +0000
tree	8c76afef72997aa8beae567e27b19c1ca244720a
parent	02710261aef8e36a7ab3be6fad202173ae022b7c [diff] [blame]