Update CHANGES.md and NEWS.md for new release

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

1 files changed, 44 insertions, 2 deletions

diff --git a/CHANGES.md b/CHANGES.md
index 4adcde7785..4176c8d383 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,8 +30,35 @@ breaking changes, and mappings for the large list of deprecated functions.
 
 ### Changes between 3.0.6 and 3.0.7 [xx XXX xxxx]
 
- * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT parameters
-   in OpenSSL code.
+ * Fixed two buffer overflows in punycode decoding functions.
+
+   A buffer overrun can be triggered in X.509 certificate verification,
+   specifically in name constraint checking. Note that this occurs after
+   certificate chain signature verification and requires either a CA to
+   have signed the malicious certificate or for the application to continue
+   certificate verification despite failure to construct a path to a trusted
+   issuer.
+
+   In a TLS client, this can be triggered by connecting to a malicious
+   server.  In a TLS server, this can be triggered if the server requests
+   client authentication and a malicious client connects.
+
+   An attacker can craft a malicious email address to overflow
+   an arbitrary number of bytes containing the `.`  character (decimal 46)
+   on the stack.  This buffer overflow could result in a crash (causing a
+   denial of service).
+   ([CVE-2022-3786])
+
+   An attacker can craft a malicious email address to overflow four
+   attacker-controlled bytes on the stack.  This buffer overflow could
+   result in a crash (causing a denial of service) or potentially remote code
+   execution depending on stack layout for any given platform/compiler.
+   ([CVE-2022-3602])
+
+   *Paul Dale*
+
+ * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT
+   parameters in OpenSSL code.
    Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR,
    OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT.
    Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead.
@@ -40,10 +67,25 @@ breaking changes, and mappings for the large list of deprecated functions.
 
    *Shane Lontis*
 
+ * Fixed a regression introduced in 3.0.6 version raising errors on some stack
+   operations.
+
+   *Tomáš Mráz*
+
+ * Fixed a regression introduced in 3.0.6 version not refreshing the certificate
+   data to be signed before signing the certificate.
+
+   *Gibeom Gwon*
+
  * Added RIPEMD160 to the default provider.
 
    *Paul Dale*
 
+ * Ensured that the key share group sent or accepted for the key exchange
+   is allowed for the protocol version.
+
+   *Matt Caswell*
+
 ### Changes between 3.0.5 and 3.0.6 [11 Oct 2022]
 
  * OpenSSL supports creating a custom cipher via the legacy