tls: reduce the strength of CCM_8 ciphers due to their short IV.

Fixes #16154 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16652)
author: Pauli <pauli@openssl.org> 2021-09-22 02:31:22 +0200
committer: Pauli <pauli@openssl.org> 2021-09-24 09:38:23 +0200
commit: 1a473d1cc67e04ae9fea517b36dc332143250cf5 (patch)
tree: 8c1577a61ca49ac1ff97ab35526f60c263d002f6 /CHANGES.md
parent: Change TLS RC4 cipher strength check to be data driven. (diff)
download: openssl-1a473d1cc67e04ae9fea517b36dc332143250cf5.tar.xz
openssl-1a473d1cc67e04ae9fea517b36dc332143250cf5.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md
index c9d3825eec..cfb6eb0821 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,6 +24,11 @@ OpenSSL 3.1
 
 ### Changes between 3.0 and 3.1 [xx XXX xxxx]
 
+ * CCM8 cipher suites in TLS have been downgraded to security level 1 because
+   they use a short tag which lowers their strength.
+
+   *Paul Dale*
+
  * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings
    by default.
author	Pauli <pauli@openssl.org>	2021-09-22 02:31:22 +0200
committer	Pauli <pauli@openssl.org>	2021-09-24 09:38:23 +0200
commit	1a473d1cc67e04ae9fea517b36dc332143250cf5 (patch)
tree	8c1577a61ca49ac1ff97ab35526f60c263d002f6 /CHANGES.md
parent	Change TLS RC4 cipher strength check to be data driven. (diff)
download	openssl-1a473d1cc67e04ae9fea517b36dc332143250cf5.tar.xz openssl-1a473d1cc67e04ae9fea517b36dc332143250cf5.zip