diff options
author | Tomas Mraz <tomas@openssl.org> | 2023-07-07 09:54:18 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-07-14 13:01:05 +0200 |
commit | 1e398bec538978b9957e69bf9e12b3c626290bea (patch) | |
tree | 7282e6e1b92824935b29224de681ad9ad4134b5d /NEWS.md | |
parent | 3993bb0c0c87e3ed0ab4274e4688aa814e164cfc (diff) |
Add CHANGES.md and NEWS.md entries for CVE-2023-2975
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21384)
Diffstat (limited to 'NEWS.md')
-rw-r--r-- | NEWS.md | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -39,10 +39,11 @@ OpenSSL 3.1 ### Major changes between OpenSSL 3.1.1 and OpenSSL 3.1.2 [under development] - * When building with the `enable-fips` option and using the resulting - FIPS provider, TLS 1.2 will, by default, mandate the use of an - extended master secret and the Hash and HMAC DRBGs will not operate - with truncated digests. + * Do not ignore empty associated data entries with AES-SIV ([CVE-2023-2975]) + * When building with the `enable-fips` option and using the resulting + FIPS provider, TLS 1.2 will, by default, mandate the use of an + extended master secret and the Hash and HMAC DRBGs will not operate + with truncated digests. ### Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [30 May 2023] @@ -1479,6 +1480,7 @@ OpenSSL 0.9.x <!-- Links --> +[CVE-2023-2975]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2975 [CVE-2023-2650]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2650 [CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255 [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 |