diff options
author | Matt Caswell <matt@openssl.org> | 2020-04-21 10:33:43 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-04-21 11:20:39 +0100 |
commit | 23424be835dc10f0942c91952142d75345ef9de1 (patch) | |
tree | 8b3dd0154399c191822b07c7a456ec9ee1617225 /CHANGES | |
parent | bb19162558017d530a6c26d6eb972ba15d73ba81 (diff) |
Update CHANGES and NEWS for release of 1.1.1g
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -9,6 +9,16 @@ Changes between 1.1.1f and 1.1.1g [xx XXX xxxx] + *) Fixed segmentation fault in SSL_check_chain() + Server or client applications that call the SSL_check_chain() function + during or after a TLS 1.3 handshake may crash due to a NULL pointer + dereference as a result of incorrect handling of the + "signature_algorithms_cert" TLS extension. The crash occurs if an invalid + or unrecognised signature algorithm is received from the peer. This could + be exploited by a malicious peer in a Denial of Service attack. + (CVE-2020-1967) + [Benjamin Kaduk] + *) Added AES consttime code for no-asm configurations an optional constant time support for AES was added when building openssl for no-asm. |