Sync CHANGES.md and NEWS.md with 3.1 branch

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22647)
This commit is contained in:
Tomas Mraz 2023-11-07 15:14:34 +01:00
parent 68ed191f6b
commit 2d0d3edb04
2 changed files with 11 additions and 3 deletions

View File

@ -475,9 +475,13 @@ OpenSSL 3.2
OpenSSL 3.1
-----------
### Changes between 3.1.3 and 3.1.4 [xx XXX xxxx]
### Changes between 3.1.4 and 3.1.5 [xx XXX xxxx]
* Fix incorrect key and IV resizing issues when calling EVP_EncryptInit_ex2(),
* none yet
### Changes between 3.1.3 and 3.1.4 [24 Oct 2023]
* Fix incorrect key and IV resizing issues when calling EVP_EncryptInit_ex2(),
EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() with OSSL_PARAM parameters
that alter the key or IV length ([CVE-2023-5363]).

View File

@ -52,7 +52,11 @@ OpenSSL 3.2
OpenSSL 3.1
-----------
### Major changes between OpenSSL 3.1.3 and OpenSSL 3.1.4 [under development]
### Major changes between OpenSSL 3.1.4 and OpenSSL 3.1.5 [under development]
* none
### Major changes between OpenSSL 3.1.3 and OpenSSL 3.1.4 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs.
([CVE-2023-5363])