Comment 2 for bug 1331452

Thanks for taking on this update; I have a few questions:

The changelog references a patch that isn't included:

+ - debian/patches/fix_renegotiation.patch: add upstream commit to fix
+ renegotiation in ssl/s3_clnt.c, ssl/t1_lib.c.

Why was this patch dropped? It feels accidental, since it's still in the changelog.

The modifications to the file crypto/cms/cms_smime.c appear to have been dropped from debian/patches/CVE-2012-0884.patch. Was this intentional?

Thanks