summaryrefslogtreecommitdiffstats
path: root/NEWS.md
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2024-01-29 17:19:24 +0100
committerMatt Caswell <matt@openssl.org>2024-01-30 13:49:09 +0100
commit0873e6f61a4f2841a7a4cf6b4f331132946c04bc (patch)
treee98085e55fed2a6534ed3d557374004cf3f9097f /NEWS.md
parentreplace strstr() with strchr() for single characters (diff)
downloadopenssl-0873e6f61a4f2841a7a4cf6b4f331132946c04bc.tar.xz
openssl-0873e6f61a4f2841a7a4cf6b4f331132946c04bc.zip
Update CHANGES.md and NEWS.md for new release
Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes (Merged from https://github.com/openssl/openssl/pull/23421)
Diffstat (limited to 'NEWS.md')
-rw-r--r--NEWS.md19
1 files changed, 12 insertions, 7 deletions
diff --git a/NEWS.md b/NEWS.md
index 351f21034a..b0514c65ce 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -31,12 +31,21 @@ OpenSSL 3.2
### Major changes between OpenSSL 3.2.0 and OpenSSL 3.2.1 [under development]
- * Fixed Excessive time spent checking invalid RSA public keys
- ([CVE-2023-6237])
+OpenSSL 3.2.1 is a security patch release. The most severe CVE fixed in this
+release is Low.
+
+This release incorporates the following bug fixes and mitigations:
+ * Fixed PKCS12 Decoding crashes
+ ([CVE-2024-0727])
+ * Fixed excessive time spent checking invalid RSA public keys
+ ([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
CPUs which support PowerISA 2.07
([CVE-2023-6129])
+ * Fixed excessive time spent in DH check / generation with large Q parameter
+ value
+ [(CVE-2023-5678)]
### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023]
@@ -125,11 +134,6 @@ tracker][issue tracker].
OpenSSL 3.1
-----------
-### Major changes between OpenSSL 3.1.4 and OpenSSL 3.1.5 [under development]
-
- * Fix excessive time spent in DH check / generation with large Q parameter
- value ([CVE-2023-5678])
-
### Major changes between OpenSSL 3.1.3 and OpenSSL 3.1.4 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs.
@@ -1585,6 +1589,7 @@ OpenSSL 0.9.x
<!-- Links -->
+[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
[CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678