Update CHANGES.md and NEWS.md from 3.0.7

Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19565)
author: Tomas Mraz <tomas@openssl.org> 2022-11-01 11:38:31 +0100
committer: Tomas Mraz <tomas@openssl.org> 2022-11-22 18:16:06 +0100
commit: e0fbaf2a4add8dd012b92923b0f23e87b1d28482 (patch)
tree: d21ebf02de9bc63e77e652f005efdd3b0b9a9437 /NEWS.md
parent: Add an EVP signature demo using DSA (diff)
download: openssl-e0fbaf2a4add8dd012b92923b0f23e87b1d28482.tar.xz
openssl-e0fbaf2a4add8dd012b92923b0f23e87b1d28482.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/NEWS.md b/NEWS.md
index b934aaa0a8..fa5b43b16d 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -32,6 +32,13 @@ OpenSSL 3.2
 OpenSSL 3.0
 -----------
 
+### Major changes between OpenSSL 3.0.6 and OpenSSL 3.0.7 [1 Nov 2022]
+
+  * Added RIPEMD160 to the default provider.
+  * Fixed regressions introduced in 3.0.6 version.
+  * Fixed two buffer overflows in punycode decoding functions.
+    ([CVE-2022-3786]) and ([CVE-2022-3602])
+
 ### Major changes between OpenSSL 3.0.5 and OpenSSL 3.0.6 [11 Oct 2022]
 
   * Fix for custom ciphers to prevent accidental use of NULL encryption
author	Tomas Mraz <tomas@openssl.org>	2022-11-01 11:38:31 +0100
committer	Tomas Mraz <tomas@openssl.org>	2022-11-22 18:16:06 +0100
commit	e0fbaf2a4add8dd012b92923b0f23e87b1d28482 (patch)
tree	d21ebf02de9bc63e77e652f005efdd3b0b9a9437 /NEWS.md
parent	Add an EVP signature demo using DSA (diff)
download	openssl-e0fbaf2a4add8dd012b92923b0f23e87b1d28482.tar.xz openssl-e0fbaf2a4add8dd012b92923b0f23e87b1d28482.zip