[v9_9] openssl 1.0.2f patch

4306.	[maint]		Added a PKCS#11 openssl patch supporting
			version 1.0.2f [RT #38312]

CHANGES

@@ -1,3 +1,6 @@
+4306.	[maint]		Added a PKCS#11 openssl patch supporting
+			version 1.0.2f [RT #38312]
+
 4305.	[bug]		dnssec-signzone was not removing unnecessary rrsigs
 			from the zone's apex. [RT #41483]
 

doc/arm/pkcs11.xml

@@ -67,15 +67,15 @@
     <para>
       The modified OpenSSL code is included in the BIND 9 release,
       in the form of a context diff against the latest versions of
-      OpenSSL.  OpenSSL 0.9.8, 1.0.0, and 1.0.1 are supported; there are
-      separate diffs for each version.  In the examples to follow,
-      we use OpenSSL 0.9.8, but the same methods work with OpenSSL
-      1.0.0 and 1.0.1.
+      OpenSSL.  OpenSSL 0.9.8, 1.0.0, 1.0.1 and 1.0.2 are supported;
+      there are separate diffs for each version.  In the examples to
+      follow, we use OpenSSL 0.9.8, but the same methods work with
+      OpenSSL 1.0.0 through 1.0.2.
     </para>
     <note>
-      The latest OpenSSL versions at the time of the BIND release
-      are 0.9.8y, 1.0.0k and 1.0.1e.
-      ISC will provide an updated patch as new versions of OpenSSL
+      The OpenSSL patches as of this writing (January 2016)
+      support versions 0.9.8zh, 1.0.0t, 1.0.1q and 1.0.2f.
+      ISC will provide updated patches as new versions of OpenSSL
       are released. The version number in the following examples
       is expected to change.</note>
     <para>