* NEWS: Add note about the new private key export behavior.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36003 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2012-06-10 01:31:06 +0000
committer: emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2012-06-10 01:31:06 +0000
commit: 7db3bb5c8fa6684f331b2aae79b59f5749cad0b9 (patch)
tree: 33bfbb41d0faa932faab44979a92bba910f01db0 /NEWS
parent: 18088467e7489eff252eeb5b904bc93c2949462f (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 7a67533b1e..f51398e948 100644
--- a/NEWS
+++ b/NEWS
@@ -131,6 +131,13 @@ with all sufficient information, see the ChangeLog file.
     also allows to programmatically decline (client) renegotiation attempts.
   * Support for "0/n" splitting of records as BEAST mitigation via
     OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS.
+  * OpenSSL requires passwords for decrypting PEM-encoded files to be at least
+    four characters long. This led to awkward situations where an export with
+    a password with fewer than four characters was possible, but accessing the
+    file afterwards failed. OpenSSL::PKey::RSA, OpenSSL::PKey::DSA and
+    OpenSSL::PKey::EC therefore now enforce the same check when exporting a
+    private key to PEM with a password - it has to be at least four characters
+    long.
 
 === Language changes
 === Compatibility issues (excluding feature bug fixes)
author	emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2012-06-10 01:31:06 +0000
committer	emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2012-06-10 01:31:06 +0000
commit	7db3bb5c8fa6684f331b2aae79b59f5749cad0b9 (patch)
tree	33bfbb41d0faa932faab44979a92bba910f01db0 /NEWS
parent	18088467e7489eff252eeb5b904bc93c2949462f (diff)