From 44c1aa4a0213a16ea928de4285d2481410d194d3 Mon Sep 17 00:00:00 2001
From: Jack Lloyd <lloyd@randombit.net>
Date: Wed, 2 Dec 2015 08:34:52 -0500
Subject: Remove support for broken 112 and 128 bit SECP ECC groups.

---
 doc/news.rst | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'doc')

diff --git a/doc/news.rst b/doc/news.rst
index bf6b91535..cce298ffd 100644
--- a/doc/news.rst
+++ b/doc/news.rst
@@ -15,6 +15,9 @@ Version 1.11.25, Not Yet Released
   by ensuring the table is loaded into memory at start and computing the table
   at runtime to avoid flush+reload based attacks due to shared VMM mappings.
 
+* Support for the insecure ECC groups secp112r1, secp112r2, secp128r1, and
+  secp128r2 has been removed.
+
 * The OpenSSL implementation of RC4 would return the wrong value from `name` if
   leading bytes of the keystream had been skipped in the output.
 
-- 
cgit v1.2.3