summaryrefslogtreecommitdiffstats
path: root/CHANGES.md
diff options
context:
space:
mode:
authorTomas Mraz <tomas@openssl.org>2022-11-01 11:38:31 +0100
committerTomas Mraz <tomas@openssl.org>2022-11-22 18:16:06 +0100
commite0fbaf2a4add8dd012b92923b0f23e87b1d28482 (patch)
treed21ebf02de9bc63e77e652f005efdd3b0b9a9437 /CHANGES.md
parent858b5d12b85b0639519d21206c9da7e1bb976a00 (diff)
Update CHANGES.md and NEWS.md from 3.0.7
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19565)
Diffstat (limited to 'CHANGES.md')
-rw-r--r--CHANGES.md64
1 files changed, 53 insertions, 11 deletions
diff --git a/CHANGES.md b/CHANGES.md
index e4dd7833fa..2c12daf151 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,16 +24,6 @@ OpenSSL 3.2
### Changes between 3.0 and 3.2 [xx XXX xxxx]
- * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT parameters
- in OpenSSL code.
- Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR,
- OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT.
- Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead.
- Using these invalid names may cause algorithms to use slower methods
- that ignore the CRT parameters.
-
- *Shane Lontis*
-
* Add support for certificate compression (RFC8879), including
library support for Brotli and Zstandard compression.
@@ -246,12 +236,64 @@ breaking changes, and mappings for the large list of deprecated functions.
[Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
-### Changes between 3.0.6 and 3.0.7 [xx XXX xxxx]
+### Changes between 3.0.6 and 3.0.7 [1 Nov 2022]
+
+ * Fixed two buffer overflows in punycode decoding functions.
+
+ A buffer overrun can be triggered in X.509 certificate verification,
+ specifically in name constraint checking. Note that this occurs after
+ certificate chain signature verification and requires either a CA to
+ have signed the malicious certificate or for the application to continue
+ certificate verification despite failure to construct a path to a trusted
+ issuer.
+
+ In a TLS client, this can be triggered by connecting to a malicious
+ server. In a TLS server, this can be triggered if the server requests
+ client authentication and a malicious client connects.
+
+ An attacker can craft a malicious email address to overflow
+ an arbitrary number of bytes containing the `.` character (decimal 46)
+ on the stack. This buffer overflow could result in a crash (causing a
+ denial of service).
+ ([CVE-2022-3786])
+
+ An attacker can craft a malicious email address to overflow four
+ attacker-controlled bytes on the stack. This buffer overflow could
+ result in a crash (causing a denial of service) or potentially remote code
+ execution depending on stack layout for any given platform/compiler.
+ ([CVE-2022-3602])
+
+ *Paul Dale*
+
+ * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT
+ parameters in OpenSSL code.
+ Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR,
+ OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT.
+ Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead.
+ Using these invalid names may cause algorithms to use slower methods
+ that ignore the CRT parameters.
+
+ *Shane Lontis*
+
+ * Fixed a regression introduced in 3.0.6 version raising errors on some stack
+ operations.
+
+ *Tomáš Mráz*
+
+ * Fixed a regression introduced in 3.0.6 version not refreshing the certificate
+ data to be signed before signing the certificate.
+
+ *Gibeom Gwon*
* Added RIPEMD160 to the default provider.
*Paul Dale*
+ * Ensured that the key share group sent or accepted for the key exchange
+ is allowed for the protocol version.
+
+ *Matt Caswell*
+
### Changes between 3.0.5 and 3.0.6 [11 Oct 2022]
* OpenSSL supports creating a custom cipher via the legacy