mirror of https://github.com/openssl/openssl
Update CHANGES/NEWS for new release
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Matt Caswell
parent
3469282ed2
commit
a40398a15e
43
CHANGES.md
43
CHANGES.md
|
|
@ -114,7 +114,43 @@ breaking changes, and mappings for the large list of deprecated functions.
|
|||
|
||||
[Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
|
||||
|
||||
### Changes between 3.0.1 and 3.0.2 [xx XXX xxxx]
|
||||
### Changes between 3.0.1 and 3.0.2 [15 mar 2022]
|
||||
|
||||
* Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
|
||||
for non-prime moduli.
|
||||
|
||||
Internally this function is used when parsing certificates that contain
|
||||
elliptic curve public keys in compressed form or explicit elliptic curve
|
||||
parameters with a base point encoded in compressed form.
|
||||
|
||||
It is possible to trigger the infinite loop by crafting a certificate that
|
||||
has invalid explicit curve parameters.
|
||||
|
||||
Since certificate parsing happens prior to verification of the certificate
|
||||
signature, any process that parses an externally supplied certificate may thus
|
||||
be subject to a denial of service attack. The infinite loop can also be
|
||||
reached when parsing crafted private keys as they can contain explicit
|
||||
elliptic curve parameters.
|
||||
|
||||
Thus vulnerable situations include:
|
||||
|
||||
- TLS clients consuming server certificates
|
||||
- TLS servers consuming client certificates
|
||||
- Hosting providers taking certificates or private keys from customers
|
||||
- Certificate authorities parsing certification requests from subscribers
|
||||
- Anything else which parses ASN.1 elliptic curve parameters
|
||||
|
||||
Also any other applications that use the BN_mod_sqrt() where the attacker
|
||||
can control the parameter values are vulnerable to this DoS issue.
|
||||
([CVE-2022-0778])
|
||||
|
||||
*Tomáš Mráz*
|
||||
|
||||
* Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
|
||||
to the list of ciphersuites providing Perfect Forward Secrecy as
|
||||
required by SECLEVEL >= 3.
|
||||
|
||||
*Dmitry Belyavskiy, Nicola Tuveri*
|
||||
|
||||
* Made the AES constant time code for no-asm configurations
|
||||
optional due to the resulting 95% performance degradation.
|
||||
|
|
@ -123,6 +159,11 @@ breaking changes, and mappings for the large list of deprecated functions.
|
|||
|
||||
*Paul Dale*
|
||||
|
||||
* Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty
|
||||
passphrase strings.
|
||||
|
||||
*Darshan Sen*
|
||||
|
||||
* The negative return value handling of the certificate verification callback
|
||||
was reverted. The replacement is to set the verification retry state with
|
||||
the SSL_set_retry_verify() function.
|
||||
|
|
|
|||
5
NEWS.md
5
NEWS.md
|
|
@ -29,6 +29,11 @@ OpenSSL 3.1
|
|||
OpenSSL 3.0
|
||||
-----------
|
||||
|
||||
### Major changes between OpenSSL 3.0.1 and OpenSSL 3.0.2
|
||||
|
||||
* Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
|
||||
for non-prime moduli ([CVE-2022-0778])
|
||||
|
||||
### Major changes between OpenSSL 3.0.0 and OpenSSL 3.0.1
|
||||
|
||||
* Fixed invalid handling of X509_verify_cert() internal errors in libssl
|
||||
|
|
|
|||
Loading…
Reference in New Issue