diff options
author | Richard Levitte <levitte@openssl.org> | 2022-07-05 10:25:00 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2022-07-05 10:25:00 +0200 |
commit | 78ba51a3b8b505d8d03abca8fa95e4fb1464d94e (patch) | |
tree | df2b18e2cae74867f82c99b8f12456a1f39cd937 | |
parent | 9131afdca30b6d1650af9ea6179569a80ab8cb06 (diff) |
Update CHANGES and NEWS for upcoming release 1.1.1q
Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes
-rw-r--r-- | CHANGES | 11 | ||||
-rw-r--r-- | NEWS | 3 |
2 files changed, 12 insertions, 2 deletions
@@ -9,7 +9,16 @@ Changes between 1.1.1p and 1.1.1q [xx XXX xxxx] - *) + *) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised + implementation would not encrypt the entirety of the data under some + circumstances. This could reveal sixteen bytes of data that was + preexisting in the memory that wasn't written. In the special case of + "in place" encryption, sixteen bytes of the plaintext would be revealed. + + Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, + they are both unaffected. + (CVE-2022-2097) + [Alex Chernyakhovsky, David Benjamin, Alejandro SedeƱo] Changes between 1.1.1o and 1.1.1p [21 Jun 2022] @@ -7,7 +7,8 @@ Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [under development] - o + o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms + (CVE-2022-2097) Major changes between OpenSSL 1.1.1o and OpenSSL 1.1.1p [21 Jun 2022] |