Add CHANGES/NEWS for CVE-2023-3817

Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21551)
author: Tomas Mraz <tomas@openssl.org> 2023-07-25 16:00:06 +0200
committer: Matt Caswell <matt@openssl.org> 2023-07-31 14:30:37 +0100
commit: 2330fdfb84961a1e49ada4dc335868a0831122ce (patch)
tree: 178787f0f89d47a9466e8696904ffe265d49f779 /CHANGES
parent: 34d0f5cb93680a5286d1eb59125631ec8fd6dc81 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 9814647746..558aeb849a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,22 @@
 
  Changes between 1.1.1u and 1.1.1v [xx XXX xxxx]
 
+ *) Fix excessive time spent checking DH q parameter value.
+
+    The function DH_check() performs various checks on DH parameters. After
+    fixing CVE-2023-3446 it was discovered that a large q parameter value can
+    also trigger an overly long computation during some of these checks.
+    A correct q value, if present, cannot be larger than the modulus p
+    parameter, thus it is unnecessary to perform these checks if q is larger
+    than p.
+
+    If DH_check() is called with such q parameter value,
+    DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally
+    intensive checks are skipped.
+
+    (CVE-2023-3817)
+    [Tomáš Mráz]
+
  *) Fix DH_check() excessive time with over sized modulus
 
     The function DH_check() performs various checks on DH parameters. One of
author	Tomas Mraz <tomas@openssl.org>	2023-07-25 16:00:06 +0200
committer	Matt Caswell <matt@openssl.org>	2023-07-31 14:30:37 +0100
commit	2330fdfb84961a1e49ada4dc335868a0831122ce (patch)
tree	178787f0f89d47a9466e8696904ffe265d49f779 /CHANGES
parent	34d0f5cb93680a5286d1eb59125631ec8fd6dc81 (diff)