From eb26b7c51935036eac4b0ed40d672566c3df7dd9 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 28 Feb 2017 18:47:27 +0000 Subject: [PATCH] Clarify ChangeLog for #569 --- ChangeLog | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 018743d85..c4092980f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -16,14 +16,11 @@ Security * Removed MD5 from the allowed hash algorithms for CertificateRequest and CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2. Introduced by interoperability fix for #513. - -Security * Fixed a bug that caused freeing a buffer that was allocated on the stack, when verifying the validity of a key on secp224k1. This could be triggered remotely for example with a maliciously constructed certificate - and might have led to remote code execution on some exotic embedded - platforms. Reported independently by rongsaws and Regina Wilson. - CVE-2017-2784 + and potentially could lead to remote code execution on some platforms. + Reported independently by rongsaws and Regina Wilson. #569 CVE-2017-2784 Bugfix * Fix output certificate verification flags set by x509_crt_verify_top() when