Updates CHANGES and NEWS for the new release

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12949)
author: Matt Caswell <matt@openssl.org> 2020-09-22 13:13:17 +0100
committer: Matt Caswell <matt@openssl.org> 2020-09-22 13:45:08 +0100
commit: 6f26a76d2d8caf5142a444a9aa60316aa99b21a2 (patch)
tree: 9e304c8533f47b7d30305a22605f4e9c8f5a1974
parent: 256989ce442c19151ae2b79b8d137c364e8479f2 (diff)
2 files changed, 9 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index ee5403dffc..150af73395 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.1g and 1.1.1h [xx XXX xxxx]
 
+  *) Certificates with explicit curve parameters are now disallowed in
+     verification chains if the X509_V_FLAG_X509_STRICT flag is used.
+     [Tomas Mraz]
+
   *) The 'MinProtocol' and 'MaxProtocol' configuration commands now silently
      ignore TLS protocol version bounds when configuring DTLS-based contexts, and
      conversely, silently ignore DTLS protocol version bounds when configuring
diff --git a/NEWS b/NEWS
index fc8ff7371a..47db6cbb5d 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,11 @@
 
   Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [under development]
 
-      o
+      o Disallow explicit curve parameters in verifications chains when
+        X509_V_FLAG_X509_STRICT is used
+      o Enable 'MinProtocol' and 'MaxProtocol' to configure both TLS and DTLS
+        contexts
+      o Oracle Developer Studio will start reporting deprecation warnings
 
   Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020]
author	Matt Caswell <matt@openssl.org>	2020-09-22 13:13:17 +0100
committer	Matt Caswell <matt@openssl.org>	2020-09-22 13:45:08 +0100
commit	6f26a76d2d8caf5142a444a9aa60316aa99b21a2 (patch)
tree	9e304c8533f47b7d30305a22605f4e9c8f5a1974
parent	256989ce442c19151ae2b79b8d137c364e8479f2 (diff)