diff options
| author | Tomas Mraz <tomas@openssl.org> | 2024-01-09 18:08:22 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2024-01-15 10:58:10 +0100 |
| commit | 5149deb832bc98cd908c4fca345c6f1150f4e286 (patch) | |
| tree | 8d6a895675377ceeaf8b6bfdd6f96187b25f9fbb /NEWS.md | |
| parent | 18c02492138d1eb8b6548cb26e7b625fb2414a2a (diff) | |
Add CHANGES.md and NEWS.md entries for CVE-2023-6237
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23243)
(cherry picked from commit 38b2508f638787842750aec9a75745e1d8786743)
Diffstat (limited to 'NEWS.md')
| -rw-r--r-- | NEWS.md | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -20,7 +20,9 @@ OpenSSL 3.0 ### Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [under development] - * Fix POLY1305 MAC implementation corrupting vector registers on PowerPC + * Fixed Excessive time spent checking invalid RSA public keys + ([CVE-2023-6237]) + * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) * Fix excessive time spent in DH check / generation with large Q parameter @@ -1466,6 +1468,7 @@ OpenSSL 0.9.x <!-- Links --> +[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237 [CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363 |