Update CHANGES and NEWS for new release

Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2017-02-16 09:51:56 +0000
committer: Matt Caswell <matt@openssl.org> 2017-02-16 10:11:09 +0000
commit: aed24635b8c3a0635448c90ebee6eb2447be4a66 (patch)
tree: e0fe7a5554d24bdcc307591c5df7a51508ef8821
parent: 60747ea22f8b25b2a7e54e7fe4ad47dfe8f93383 (diff)
2 files changed, 11 insertions, 2 deletions
diff --git a/CHANGES b/CHANGES
index d516e2cb25..88385c953b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,16 @@
 
  Changes between 1.1.0d and 1.1.0e [xx XXX xxxx]
 
-  *)
+  *) Encrypt-Then-Mac renegotiation crash
+
+     During a renegotiation handshake if the Encrypt-Then-Mac extension is
+     negotiated where it was not in the original handshake (or vice-versa) then
+     this can cause OpenSSL to crash (dependant on ciphersuite). Both clients
+     and servers are affected.
+
+     This issue was reported to OpenSSL by Joe Orton (Red Hat).
+     (CVE-2017-3733)
+     [Matt Caswell]
 
  Changes between 1.1.0c and 1.1.0d [26 Jan 2017]
 
diff --git a/NEWS b/NEWS
index 693bbecfc2..8e10c97705 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,7 @@
 
   Major changes between OpenSSL 1.1.0d and OpenSSL 1.1.0e [under development]
 
-      o
+      o Encrypt-Then-Mac renegotiation crash (CVE-2017-3733)
 
   Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017]
author	Matt Caswell <matt@openssl.org>	2017-02-16 09:51:56 +0000
committer	Matt Caswell <matt@openssl.org>	2017-02-16 10:11:09 +0000
commit	aed24635b8c3a0635448c90ebee6eb2447be4a66 (patch)
tree	e0fe7a5554d24bdcc307591c5df7a51508ef8821
parent	60747ea22f8b25b2a7e54e7fe4ad47dfe8f93383 (diff)