From 13ae44ce5865b720708aae9cb1d2e2f08a0d90cb Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Wed, 28 Jan 2009 16:38:41 +1100
Subject:    - markus@cvs.openbsd.org 2009/01/26 09:58:15      [cipher.c
 cipher.h packet.c]      Work around the CPNI-957037 Plaintext Recovery Attack
 by always      reading 256K of data on packet size or HMAC errors (in CBC
 mode only).      Help, feedback and ok djm@      Feedback from Martin
 Albrecht and Paterson Kenny

---
 ChangeLog | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 1ce3a84b8..8584ff316 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -80,6 +80,12 @@
    - naddy@cvs.openbsd.org 2009/01/24 17:10:22
      [ssh_config.5 sshd_config.5]
      sync list of preferred ciphers; ok djm@
+   - markus@cvs.openbsd.org 2009/01/26 09:58:15
+     [cipher.c cipher.h packet.c]
+     Work around the CPNI-957037 Plaintext Recovery Attack by always
+     reading 256K of data on packet size or HMAC errors (in CBC mode only).
+     Help, feedback and ok djm@
+     Feedback from Martin Albrecht and Paterson Kenny
 
 20090107
  - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X.
@@ -5089,5 +5095,5 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.5178 2009/01/28 05:34:00 djm Exp $
+$Id: ChangeLog,v 1.5179 2009/01/28 05:38:41 djm Exp $
 
-- 
cgit v1.2.3