X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=ChangeLog;h=0f0240e23a18e9224d6d713e4673032f5ce90e13;hb=b1a17ab16492b1ebb13e2d696b2f121a85fa71ba;hp=938b9114887192df4d5ef79d5934543ece410ffb;hpb=2f452345f3e599de9a25dd3b1954367bb9098b4f;p=radsecproxy.git

diff --git a/ChangeLog b/ChangeLog
index 938b911..0f0240e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,30 @@
+2013-09-05 1.6.3
+	Enhancements:
+	- Threads are allocated with a 32 KB stack rather than what
+	happens to be the default. Patch by Fabian Mauchle.
+	- On systems with mallopt(3), freed memory is returned to the
+	system more aggressively. Patch by Fabian Mauchle.
+
+	Bug fixes:
+	- radsecproxy-hash(1) no longer prints the hash four times.
+	Reported by Simon Lundström and jocar.
+	- Escaped slashes in regular expressions now works. Reported by
+	Duarte Fonseca. (RADSECPROXY-51)
+	- The duplication cache is purged properly. Patch by Fabian
+	Mauchle.
+	- Stop freeing a shared piece of memory manifesting itself as a
+	crash when using dynamic discovery. Patch by Fabian Mauchle.
+	- Closing and freeing TLS clients properly. Patch by Fabian
+	Mauchle.
+	- Timing out on TLS clients not closing the connection properly.
+	Patch by Fabian Mauchle.
+
 2012-10-25 1.6.2
 	Bug fixes (security):
 	- Fix the issue with verification of clients when using multiple
 	'tls' config blocks (RADSECPROXY-43) for DTLS too. Fixes
-	CVE-2012-4523. Reported by Raphael Geissert.
+	CVE-2012-4566 (CVE id corrected 2012-11-01, after the release of
+	1.6.2). Reported by Raphael Geissert.
 
 2012-09-14 1.6.1
 	Bug fixes (security):