summaryrefslogtreecommitdiffstats
path: root/NEWS.md
diff options
context:
space:
mode:
authorTomas Mraz <tomas@openssl.org>2023-03-21 16:15:47 +0100
committerTomas Mraz <tomas@openssl.org>2023-03-28 13:43:04 +0200
commit5ab3f71a33cb0140fc29ae9244cd4f8331c2f3a5 (patch)
treee271e1895b6bd190adefc882d658a0baa19a9310 /NEWS.md
parentUpdated CHANGES.md and NEWS.md for CVE-2023-0465 (diff)
downloadopenssl-5ab3f71a33cb0140fc29ae9244cd4f8331c2f3a5.tar.xz
openssl-5ab3f71a33cb0140fc29ae9244cd4f8331c2f3a5.zip
Fix documentation of X509_VERIFY_PARAM_add0_policy()
The function was incorrectly documented as enabling policy checking. Fixes: CVE-2023-0466 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20561)
Diffstat (limited to 'NEWS.md')
-rw-r--r--NEWS.md2
1 files changed, 2 insertions, 0 deletions
diff --git a/NEWS.md b/NEWS.md
index b1eaab4b8d..ef077a5437 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -37,6 +37,7 @@ OpenSSL 3.1
### Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [under development]
+ * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466])
* Fixed handling of invalid certificate policies in leaf certificates
([CVE-2023-0465])
* Limited the number of nodes created in a policy tree ([CVE-2023-0464])
@@ -1464,6 +1465,7 @@ OpenSSL 0.9.x
* Support for various new platforms
<!-- Links -->
+[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466
[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465
[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464
[CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401