diff options
| author | Matt Caswell <matt@openssl.org> | 2018-03-27 11:58:34 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-03-27 14:31:51 +0200 |
| commit | f6c024c2e7f33e9d26c62cf19d519e5ef7fa4a09 (patch) | |
| tree | 517a5cb241796451df4a951c86793f25de86483d /NEWS | |
| parent | test/test_test.c: add CRYPTO_memcmp regression test. (diff) | |
| download | openssl-f6c024c2e7f33e9d26c62cf19d519e5ef7fa4a09.tar.xz openssl-f6c024c2e7f33e9d26c62cf19d519e5ef7fa4a09.zip | |
Update CHANGES and NEWS for the new release
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -5,7 +5,7 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.1 [in pre-release] + Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.1 [in pre-release] o Support for TLSv1.3 added o Move the display of configuration data to configdata.pm. @@ -24,6 +24,9 @@ Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development] + o Constructed ASN.1 types with a recursive definition could exceed the + stack (CVE-2018-0739) + o Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733) o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017] |