TLS resumption: restrict session re-use

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 239731436679ab4afc241e7df4389caaa016af32..8c46dcc7d1bf9da7343fc91e8c4d597061d36123 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -126,6 +126,11 @@ JH/28 OpenSSL: fix transport-required OCSP stapling verification under session
       passed on the wire for the restarted session. Fix by using the recorded
       ocsp status of the stored session for the new connection.
 
+JH/29 TLS resumption: the key for session lookup in the client now includes
+      more info that a server could potentially use in configuring a TLS
+      session, avoiding oferring mismatching sessions to such a server.
+      Previously only the server IP was used.
+
 
 Exim version 4.95
 -----------------