diff options
author | Shigeki Ohtsu <ohtsu@ohtsu.org> | 2017-01-27 00:38:57 +0900 |
---|---|---|
committer | Shigeki Ohtsu <ohtsu@ohtsu.org> | 2017-01-27 01:57:46 +0900 |
commit | 31e3b81290d52e6de21253ba8e15788e83b46b96 (patch) | |
tree | 53c89f78ff1638a2d250f8809dc19b09ad349a33 /deps/openssl/openssl/NEWS | |
parent | efbda74686e51525517ec2f89b75039d1db57e59 (diff) | |
download | android-node-v8-31e3b81290d52e6de21253ba8e15788e83b46b96.tar.gz android-node-v8-31e3b81290d52e6de21253ba8e15788e83b46b96.tar.bz2 android-node-v8-31e3b81290d52e6de21253ba8e15788e83b46b96.zip |
deps: upgrade openssl sources to 1.0.2k
This replaces all sources of openssl-1.0.2k.tar.gz into
deps/openssl/openssl
PR-URL: https://github.com/nodejs/node/pull/11021
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Diffstat (limited to 'deps/openssl/openssl/NEWS')
-rw-r--r-- | deps/openssl/openssl/NEWS | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS index c0579632b2..be4a266bac 100644 --- a/deps/openssl/openssl/NEWS +++ b/deps/openssl/openssl/NEWS @@ -5,9 +5,15 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017] + + o Truncated packet could crash via OOB read (CVE-2017-3731) + o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732) + o Montgomery multiplication may produce incorrect results (CVE-2016-7055) + Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016] - o Fix Use After Free for large message sizes (CVE-2016-6309) + o Missing CRL sanity check (CVE-2016-7052) Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016] |