1 files changed, 72 insertions, 32 deletions

diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml
index 52ee9c086a..5df2632149 100644
--- a/lib/ssl/doc/src/notes.xml
+++ b/lib/ssl/doc/src/notes.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="latin1" ?>
+<?xml version="1.0" encoding="iso-8859-1" ?>
 <!DOCTYPE chapter SYSTEM "chapter.dtd">
 
 <chapter>
@@ -28,59 +28,99 @@
     <rev>G</rev>
     <file>notes.xml</file>
   </header>
-  <p>This document describes the changes made to the SSL application.
-    </p>
+  <p>This document describes the changes made to the SSL application.</p>
+  
+  <section><title>SSL 4.1.6</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    replace "a ssl" with "an ssl" reindent
+	    pkix_path_validation/3 Trivial documentation fixes
+	    (Thanks to Christian von Roques )</p>
+          <p>
+	    Own Id: OTP-9464</p>
+        </item>
+      </list>
+    </section>
 
-    <section><title>SSL 4.1.4</title>
 
     <section><title>Improvements and New Features</title>
       <list>
         <item>
           <p>
-	    Reduced memory footprint of an ssl connection.</p>
+	    Adds function clause to avoid denial of service attack.
+	    Thanks to Vinod for reporting this vulnerability.</p>
           <p>
-	    Handshake hashes, premaster secret and "public_key_info"
-	    does not need to be saved when the connection has been
-	    established. The own certificate is no longer duplicated
-	    in the state.</p>
-          <p>
-	    Own Id: OTP-9021</p>
+	    Own Id: OTP-9364</p>
         </item>
         <item>
           <p>
-	    Add the option {hibernate_after, int()} to ssl:connect
-	    and ssl:listen</p>
+	    Error handling code now takes care of inet:getopts/2 and
+	    inets:setopts/2 crashes. Thanks to Richard Jones for
+	    reporting this.</p>
           <p>
-	    Own Id: OTP-9106</p>
+	    Own Id: OTP-9382</p>
         </item>
-      </list>
-    </section>
-
-</section>
-
-<section><title>SSL 4.1.3</title>
-
-    <section><title>Fixed Bugs and Malfunctions</title>
-      <list>
         <item>
           <p>
-	    Fixed error in cache-handling fix from ssl-4.1.2</p>
+	    Support explicit use of packet option httph and httph_bin</p>
           <p>
-	    Own Id: OTP-9018 Aux Id: seq11739 </p>
+	    Own Id: OTP-9461</p>
         </item>
         <item>
           <p>
-	    Verification of a critical extended_key_usage-extension
-	    corrected</p>
+	    Decoding of hello extensions could fail to come to the
+	    correct conclusion due to an error in a binary match
+	    pattern. Thanks to Ben Murphy.</p>
           <p>
-	    Own Id: OTP-9029 Aux Id: seq11541 </p>
+	    Own Id: OTP-9589</p>
         </item>
       </list>
     </section>
 
 </section>
 
-<section><title>SSL 4.1.2</title>
+<section>
+    <title>SSL 4.1.5</title>
+    
+    <section><title>Improvements and New Features</title>
+    <list>
+      <item>
+	<p>Calling gen_tcp:connect with option {ip, {127,0,0,1}} results in 
+	an exit with reason badarg. Neither SSL nor INETS This was not 
+	catched, resulting in crashes with incomprehensible reasons.</p>
+	<p>Own Id: OTP-9289 Aux Id: seq11845</p>
+      </item>
+    </list>
+    </section>
+    
+  </section>
+  
+  <section>
+    <title>SSL 4.1.3</title>
+  
+    <section><title>Fixed Bugs and Malfunctions</title>
+    <list>
+      <item>
+	<p>
+	Fixed error in cache-handling fix from ssl-4.1.2</p>
+	<p>
+	Own Id: OTP-9018 Aux Id: seq11739 </p>
+      </item>
+      <item>
+	<p>Verification of a critical extended_key_usage-extension
+	corrected</p>
+	<p>Own Id: OTP-9029 Aux Id: seq11541 </p>
+      </item>
+    </list>
+    </section>
+
+  </section>
+
+  <section>
+    <title>SSL 4.1.2</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
       <list>
@@ -566,7 +606,7 @@
             Own Id: OTP-8224</p>
         </item>
         <item>
-            <p>A ssl:ssl_accept/3 could crash a connection if the
+            <p>An ssl:ssl_accept/3 could crash a connection if the
             timing was wrong.</p> <p>Removed info message if the
             socket closed without a proper disconnect from the ssl
             layer. </p> <p>ssl:send/2 is now blocking until the
@@ -782,7 +822,7 @@
         <item>
           <p>
             The new ssl implementation released as a alfa in this
-            version supports upgrading of a tcp connection to a ssl
+            version supports upgrading of a tcp connection to an ssl
             connection so that http client and servers may implement
             RFC 2817.</p>
           <p>
@@ -801,7 +841,7 @@
             very crippled as the control of the ssl-socket was deep
             down in openssl making it hard if not impossible to
             support all inet options, ipv6 and upgrade of a tcp
-            connection to a ssl connection. The alfa version has a
+            connection to an ssl connection. The alfa version has a
             few limitations that will be removed before the ssl-4.0
             release. Main differences and limitations in the alfa are
             listed below.</p>