NEWS: fix NEWS entries [ci skip]

author Nikos Mavrogiannopoulos <nmav@gnutls.org>

Fri, 8 Mar 2019 19:17:49 +0000 (20:17 +0100)

committer Nikos Mavrogiannopoulos <nmav@gnutls.org>

Fri, 8 Mar 2019 19:17:52 +0000 (20:17 +0100)
author Nikos Mavrogiannopoulos <nmav@gnutls.org>
Fri, 8 Mar 2019 19:17:49 +0000 (20:17 +0100)
committer Nikos Mavrogiannopoulos <nmav@gnutls.org>
Fri, 8 Mar 2019 19:17:52 +0000 (20:17 +0100)
diff --git a/NEWS b/NEWS

index 4d38bd9a0ed58a0b90b75baf2ff87686ae2938ef..26486008f5043b799ed6c30bf22d45db097f9d3b 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -12,14 +12,6 @@ See the end for copying conditions.
     double free issues. Use-after-free will be turned into NULL dereference.
     The counter-measure does not extend to applications using gnutls_free().
  
-** libgnutls, gnutls tools: Every gnutls_free() will automatically set
-   the free'd pointer to NULL. This prevents possible use-after-free and
-   double free issues. Use-after-free will be turned into NULL dereference,
-   effectively turning harmful attacks like remote-code-executions (RCE) into
-   segmentation faults. Double frees may also be used to achieve RCEs - turning
-   them into no-ops counter measures this attack at this point. 
-   This measurement is only active when building libgnutls and the gnutls tools.
-   
  ** libgnutls: enforce key usage limitations on certificates more actively.
     Previously we would enforce it for TLS1.2 protocol, now we enforce it
     even when TLS1.3 is negotiated, or on client certificates as well. When
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>
	Fri, 8 Mar 2019 19:17:49 +0000 (20:17 +0100)
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>
	Fri, 8 Mar 2019 19:17:52 +0000 (20:17 +0100)