diff options
author | Matt Caswell <matt@openssl.org> | 2024-01-29 17:19:24 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2024-01-30 13:49:09 +0100 |
commit | 0873e6f61a4f2841a7a4cf6b4f331132946c04bc (patch) | |
tree | e98085e55fed2a6534ed3d557374004cf3f9097f /NEWS.md | |
parent | replace strstr() with strchr() for single characters (diff) | |
download | openssl-0873e6f61a4f2841a7a4cf6b4f331132946c04bc.tar.xz openssl-0873e6f61a4f2841a7a4cf6b4f331132946c04bc.zip |
Update CHANGES.md and NEWS.md for new release
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
(Merged from https://github.com/openssl/openssl/pull/23421)
Diffstat (limited to 'NEWS.md')
-rw-r--r-- | NEWS.md | 19 |
1 files changed, 12 insertions, 7 deletions
@@ -31,12 +31,21 @@ OpenSSL 3.2 ### Major changes between OpenSSL 3.2.0 and OpenSSL 3.2.1 [under development] - * Fixed Excessive time spent checking invalid RSA public keys - ([CVE-2023-6237]) +OpenSSL 3.2.1 is a security patch release. The most severe CVE fixed in this +release is Low. + +This release incorporates the following bug fixes and mitigations: + * Fixed PKCS12 Decoding crashes + ([CVE-2024-0727]) + * Fixed excessive time spent checking invalid RSA public keys + ([CVE-2023-6237]) * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) + * Fixed excessive time spent in DH check / generation with large Q parameter + value + [(CVE-2023-5678)] ### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023] @@ -125,11 +134,6 @@ tracker][issue tracker]. OpenSSL 3.1 ----------- -### Major changes between OpenSSL 3.1.4 and OpenSSL 3.1.5 [under development] - - * Fix excessive time spent in DH check / generation with large Q parameter - value ([CVE-2023-5678]) - ### Major changes between OpenSSL 3.1.3 and OpenSSL 3.1.4 [24 Oct 2023] * Mitigate incorrect resize handling for symmetric cipher keys and IVs. @@ -1585,6 +1589,7 @@ OpenSSL 0.9.x <!-- Links --> +[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727 [CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237 [CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678 |