Document rollback issues.

commit: aa826d88e196ec13e1df4aeb2a55b8ea579aba60 [log] [tgz]
author: Bodo Möller <bodo@openssl.org> Sat Jul 29 19:27:20 2000 +0000
committer: Bodo Möller <bodo@openssl.org> Sat Jul 29 19:27:20 2000 +0000
tree: 560c4c0734d7d996d611971774528a64782924ae
parent: 37569e64e8012014a4b027d896da6c6cdf372507 [diff] [blame]
diff --git a/CHANGES b/CHANGES
index 159c1e2..74f5bc7 100644
--- a/CHANGES
+++ b/CHANGES

@@ -4,9 +4,11 @@
 
  Changes between 0.9.5a and 0.9.6  [xx XXX 2000]
 
-  *) Fix SSL 2.0 rollback checking: The previous implementation of the
-     test was never triggered due to an off-by-one error in
-     RSA_padding_check_SSLv23().
+  *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
+     RSA_padding_check_SSLv23(), special padding was never detected
+     and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
+     version rollback attacks was not effective.
+
      In s23_clnt.c, don't use special rollback-attack detection padding
      (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
      client; similarly, in s23_srvr.c, don't do the rollback check if
commit	aa826d88e196ec13e1df4aeb2a55b8ea579aba60	[log] [tgz]
author	Bodo Möller <bodo@openssl.org>	Sat Jul 29 19:27:20 2000 +0000
committer	Bodo Möller <bodo@openssl.org>	Sat Jul 29 19:27:20 2000 +0000
tree	560c4c0734d7d996d611971774528a64782924ae
parent	37569e64e8012014a4b027d896da6c6cdf372507 [diff] [blame]