To avoid SWEET32 attack, move 3DES to weak Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

commit: d33726b92e09605a088369d0e01c99d138c0524f [log] [tgz]
author: Rich Salz <rsalz@openssl.org> Sat Jul 30 12:21:32 2016 -0400
committer: Matt Caswell <matt@openssl.org> Wed Aug 24 14:05:52 2016 +0100
tree: 2ca91bfac0f0ee1eb031196cf1c7becfe70a9ce1
parent: cfd20f64cc4bd440cfc8fe59f2daaa575015af3d [diff] [blame]
diff --git a/CHANGES b/CHANGES
index 32a7c7b..fb4e7a5 100644
--- a/CHANGES
+++ b/CHANGES

@@ -4,6 +4,10 @@
 
  Changes between 1.0.2h and 1.1.0  [xx XXX xxxx]
 
+  *) Because of the SWEET32 attack, 3DES cipher suites have been disabled by
+     default like RC4.  See the RC4 item below to re-enable both.
+     [Rich Salz]
+
   *) The method for finding the storage location for the Windows RAND seed file
      has changed. First we check %RANDFILE%. If that is not set then we check
      the directories %HOME%, %USERPROFILE% and %SYSTEMROOT% in that order. If
commit	d33726b92e09605a088369d0e01c99d138c0524f	[log] [tgz]
author	Rich Salz <rsalz@openssl.org>	Sat Jul 30 12:21:32 2016 -0400
committer	Matt Caswell <matt@openssl.org>	Wed Aug 24 14:05:52 2016 +0100
tree	2ca91bfac0f0ee1eb031196cf1c7becfe70a9ce1
parent	cfd20f64cc4bd440cfc8fe59f2daaa575015af3d [diff] [blame]