Merge new security defaults for programs (RC4 disabled, SSL3 disabled)

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index d336409..96a09ae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,8 @@
      for pre-1.2 clients when multiple certificates are available.
    * Add support for getrandom() syscall on recent Linux kernels with Glibc or
      a compatible enough libc (eg uClibc).
+   * Add ssl_set_arc4_support() to make it easier to diable RC4 at runtime
+     while using the default ciphersuite list.
 
 Bugfix
    * Stack buffer overflow if ctr_drbg_update() is called with too large
@@ -60,6 +62,8 @@
      with a suitable (extended)KeyUsage or curve or no PSK set.
    * It is now possible to disable neogtiation of truncated HMAC server-side
      at runtime with ssl_set_truncated_hmac().
+   * Example programs for SSL client and server now disable SSLv3 by default.
+   * Example programs for SSL client and server now disable RC4 by default.
 
 = PolarSSL 1.3.9 released 2014-10-20
 Security