Add CHANGES.md and NEWS.md entries for CVE-2023-6129

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23200)
author: Tomas Mraz <tomas@openssl.org> 2024-01-04 10:32:32 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-01-09 15:45:44 +0100
commit: 858c7bc210a406cc7f891ac2aed78692d2e02937 (patch)
tree: 1874b023e6afc86428fbb98a1a34e29a8f6457fb /NEWS.md
parent: poly1305-ppc.pl: Fix vector register clobbering (diff)
download: openssl-858c7bc210a406cc7f891ac2aed78692d2e02937.tar.xz
openssl-858c7bc210a406cc7f891ac2aed78692d2e02937.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/NEWS.md b/NEWS.md
index 6f619a14de..a41353e1a6 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -31,7 +31,9 @@ OpenSSL 3.2
 
 ### Major changes between OpenSSL 3.2.0 and OpenSSL 3.2.1 [under development]
 
-  * none
+  * Fix POLY1305 MAC implementation corrupting vector registers on PowerPC
+    CPUs which support PowerISA 2.07
+    ([CVE-2023-6129])
 
 ### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023]
 
@@ -1580,6 +1582,7 @@ OpenSSL 0.9.x
 
 <!-- Links -->
 
+[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
 [CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
author	Tomas Mraz <tomas@openssl.org>	2024-01-04 10:32:32 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-01-09 15:45:44 +0100
commit	858c7bc210a406cc7f891ac2aed78692d2e02937 (patch)
tree	1874b023e6afc86428fbb98a1a34e29a8f6457fb /NEWS.md
parent	poly1305-ppc.pl: Fix vector register clobbering (diff)
download	openssl-858c7bc210a406cc7f891ac2aed78692d2e02937.tar.xz openssl-858c7bc210a406cc7f891ac2aed78692d2e02937.zip