Update NEWS

This commit is contained in:
Tatsuya Kinoshita
2016-11-19 15:41:22 +09:00
parent 251e191754
commit fdfab25608

4
NEWS
View File

@@ -19,8 +19,8 @@ w3m X.X.X - YYYY-MM-DD
[CVE-2016-9426], [CVE-2016-9428], [CVE-2016-9429], [CVE-2016-9430],
[CVE-2016-9431], [CVE-2016-9432], [CVE-2016-9433], [CVE-2016-9434],
[CVE-2016-9435], [CVE-2016-9436], [CVE-2016-9437], [CVE-2016-9438],
[CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9442],
[CVE-2016-9443]
[CVE-2016-9439], [CVE-2016-9440], [CVE-2016-9441], [CVE-2016-9443]
- fix potential heap buffer corruption due to Strgrow [CVE-2016-9442]
- disable SSLv2 and SSLv3 by default [CVE-2014-3566]
- set ssl_verify_server to 1 by default
- disable RC4, export ciphers, and keys < 128 bits