From a16cca768051ae7c2020426fef00bb0ec537477a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 4 May 2009 21:57:14 +0000
Subject: - Michael Smith posted bug report #2786255  
 (http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how  
 libcurl did not deal with SSL session ids properly if the server rejected a  
 re-use of one. Starting now, it will forget the rejected one and remember  
 the new. This change was for OpenSSL only, it is likely that other SSL lib  
 code needs similar fixes.

---
 RELEASE-NOTES | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'RELEASE-NOTES')

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 11e3a6648..af2197c8e 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -39,6 +39,7 @@ This release includes the following bugfixes:
  o TFTP problems after a failed transfer to the same host
  o improved out of the box TPF compatibility
  o HTTP PUT protocol line endings portions mangled from CRLF to CRCRLF
+ o Rejected SSL session ids are killed properly (for OpenSSL builds)
 
 This release includes the following known bugs:
 
@@ -51,6 +52,6 @@ advice from friends like these:
  Andre Guibert de Bruet, Andreas Farber, Frank Hempel, Pierre Brico,
  Kamil Dudka, Jim Freeman, Daniel Johnson, Toshio Kuratomi, Martin Storsjo,
  Pramod Sharma, Gisle Vanem, Leanic Lefever, Rainer Koenig, Sven Wegener,
- Tim Chen, Constantine Sapuntzakis, David McCreedy
+ Tim Chen, Constantine Sapuntzakis, David McCreedy, Michael Smith
 
         Thanks! (and sorry if I forgot to mention someone)
-- 
cgit v1.2.3