Add ChangeLog entry

This commit is contained in:
Manuel Pégourié-Gonnard 2015-10-02 10:09:53 +02:00
parent 13ca8951f9
commit 65d6a97e65

View File

@ -1,5 +1,16 @@
PolarSSL ChangeLog PolarSSL ChangeLog
= Version 1.2.17 released 2015-10-xx
Security
* Fix possible heap buffer overflow in SSL if a very long hostname is used.
Can be trigerred remotely if you accept hostnames from untrusted parties.
Found by Guido Vranken.
Changes
* ssl_set_hostname() now rejects host names longer that 255 bytes (maximum
defined by RFC 1035)
= Version 1.2.16 released 2015-09-17 = Version 1.2.16 released 2015-09-17
Security Security