update NEWS for charybdis 3.5.3.
This commit is contained in:
William Pitcock
parent
1bc097d1ec
commit
50851b0b55
1 changed files with 23 additions and 1 deletions
24
NEWS.md
24
NEWS.md
|
|
@ -1,8 +1,30 @@
|
|||
# News
|
||||
|
||||
This is charybdis 3.5.2, Copyright (c) 2005-2016 Charybdis team.
|
||||
This is charybdis 3.5.3, Copyright (c) 2005-2016 Charybdis team.
|
||||
See LICENSE for licensing details (GPL v2).
|
||||
|
||||
## charybdis-3.5.3
|
||||
|
||||
### security
|
||||
- incorporate all relevant security patches for charybdis through 6th September 2016:
|
||||
- fix issue allowing EXTERNAL authentications to be spoofed using a certificate not actually
|
||||
held by the authenticating user
|
||||
|
||||
### misc
|
||||
- mbedtls TLS backend improvements from charybdis 4 and 5:
|
||||
- add support for configurable ciphersuites
|
||||
- disable legacy (SSLv2) renegotiation support if possible
|
||||
- disable session tickets if possible
|
||||
- general robustness improvements
|
||||
- gnutls TLS backend improvements from charybdis 4:
|
||||
- make certfp support more reliable on newer gnutls versions
|
||||
- avoid possible null dereference when constructing ciphersuites
|
||||
- openssl TLS backend improvements from charybdis 4:
|
||||
- avoid a possible use-after-free issue when newer openssl versions cannot load keypairs in a rehash
|
||||
- improve compatibility with libressl
|
||||
- more robustly load DH parameters files
|
||||
- daemonization improvements from charybdis 4
|
||||
|
||||
## charybdis-3.5.2
|
||||
|
||||
### user
|
||||
|
|
|
|||
Loading…
Reference in a new issue