Update from 0.9.7-stable.

author: Dr. Stephen Henson <steve@openssl.org> 2007-02-21 13:49:35 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2007-02-21 13:49:35 +0000
commit: a2e623c0118b0a8149b3a87ff90eb0461a406bd2 (patch)
tree: 428fe60d1b7a116ef10e8d1e71adffe849b792e0 /CHANGES
parent: aa79dd6895bb2d26b69d2df3b6355beb77fda089 (diff)
download: openssl-a2e623c0118b0a8149b3a87ff90eb0461a406bd2.zip
openssl-a2e623c0118b0a8149b3a87ff90eb0461a406bd2.tar.gz
openssl-a2e623c0118b0a8149b3a87ff90eb0461a406bd2.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 837cce4..49cdf5d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1524,6 +1524,10 @@
 
  Changes between 0.9.7l and 0.9.7m  [xx XXX xxxx]
 
+  *) Cleanse PEM buffers before freeing them since they may contain 
+     sensitive data.
+     [Benjamin Bennett <ben@psc.edu>]
+
   *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
      a ciphersuite string such as "DEFAULT:RSA" cannot enable
      authentication-only ciphersuites.
author	Dr. Stephen Henson <steve@openssl.org>	2007-02-21 13:49:35 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2007-02-21 13:49:35 +0000
commit	a2e623c0118b0a8149b3a87ff90eb0461a406bd2 (patch)
tree	428fe60d1b7a116ef10e8d1e71adffe849b792e0 /CHANGES
parent	aa79dd6895bb2d26b69d2df3b6355beb77fda089 (diff)
download	openssl-a2e623c0118b0a8149b3a87ff90eb0461a406bd2.zip openssl-a2e623c0118b0a8149b3a87ff90eb0461a406bd2.tar.gz openssl-a2e623c0118b0a8149b3a87ff90eb0461a406bd2.tar.bz2