diff options
author | Pauli <pauli@openssl.org> | 2023-07-07 18:37:08 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-07-14 09:53:42 +1000 |
commit | 7a3d32ae4602eb4d09c6d998b2b1ba4b81ec1f54 (patch) | |
tree | ecdf185f5bbf762cf597eec3543b37cee8846602 /NEWS.md | |
parent | 15e041b751c96ecf668a701d09a373d517610eae (diff) |
Add a NEWS entry covering the FIPS related changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/21386)
(cherry picked from commit dfc4b6c93b99f6666cd958c5643a24bb6edff7b7)
Diffstat (limited to 'NEWS.md')
-rw-r--r-- | NEWS.md | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -37,7 +37,14 @@ OpenSSL 3.2 OpenSSL 3.1 ----------- -### Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [under development] +### Major changes between OpenSSL 3.1.1 and OpenSSL 3.1.2 [under development] + + * When building with the `enable-fips` option and using the resulting + FIPS provider, TLS 1.2 will, by default, mandate the use of an + extended master secret and the Hash and HMAC DRBGs will not operate + with truncated digests. + +### Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [30 May 2023] * Mitigate for very slow `OBJ_obj2txt()` performance with gigantic OBJECT IDENTIFIER sub-identities. ([CVE-2023-2650]) |