* NEWS: Update.

git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1695 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845

1 files changed, 16 insertions, 2 deletions

diff --git a/NEWS b/NEWS
index b15f606..79ad025 100644
--- a/NEWS
+++ b/NEWS
@@ -1,17 +1,31 @@
 Changes in release 0.29.0:
 * New interfaces:
- - ne_socket.h: ne_sock_writev() (Julien Reichel), ne_sock_set_error(),
-   ne_iaddr_raw()
  - added ne_acl3744.h, updated WebDAV ACL support (Henrik Holst)
  - added built-in SOCKS v4/v4a/v5 support: ne_socket.h:ne_sock_proxy(),       
    and ne_session.h:ne_session_socks_proxy()
  - added support for system-default proxies: ne_session_system_proxy(),
    implemented using libproxy where available.
  - added NE_SESSFLAG_EXPECT100 session flag
+ - ne_socket.h: ne_sock_writev() (Julien Reichel), ne_sock_set_error(),
+   ne_iaddr_raw()
+ - ne_string.h: ne_buffer_qappend(), ne_strnqdup()
 * Deprecated interfaces:
  - ne_acl.h is obsoleted by ne_acl3744.h
 * Other changes:
  - ne_free() implemented as a function on Win32 (thanks to Helge Hess)
+ - test suite output now compacted
+
+Changes in release 0.28.6:
+* SECURITY (CVE-2009-2473): Fix "billion laughs" attack against expat;
+  could allow a Denial of Service attack by a malicious server.
+* SECURITY (CVE-2009-2474): Fix handling of an embedded NUL byte in
+  a certificate subject name with OpenSSL; could allow an undetected
+  MITM attack against an SSL server if a trusted CA issues such a cert.
+
+Changes in release 0.28.5:
+* Enable support for X.509v1 CA certificates in GnuTLS.
+* Fix handling of EINTR in connect() calls.
+* Fix use of builds with SOCK_CLOEXEC support on older Linux kernels.
 
 Changes in release 0.28.4:
 * Fix ne_forget_auth (Kai Sommerfeld)