Remove a CVE reference from CHANGES/NEWS

master/3.2 was never vulnerable to CVE-2023-5678 since it was fixed before it was released. Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23432)
author: Matt Caswell <matt@openssl.org> 2024-01-30 16:51:52 +0000
committer: Tomas Mraz <tomas@openssl.org> 2024-02-01 18:30:21 +0100
commit: afb19f07aecc84998eeea56c4d65f5e0499abb5a (patch)
tree: c9243ac03eeb71698413b25604204e5be38829c8 /NEWS.md
parent: 504e72fc1a1432d5266bd6e8909648c49884a36c (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/NEWS.md b/NEWS.md
index b0514c65ce..a0748e6a39 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -43,9 +43,6 @@ This release incorporates the following bug fixes and mitigations:
   * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
     CPUs which support PowerISA 2.07
     ([CVE-2023-6129])
-  * Fixed excessive time spent in DH check / generation with large Q parameter
-    value
-    [(CVE-2023-5678)]
 
 ### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023]
 
@@ -121,6 +118,12 @@ This release incorporates the following documentation enhancements:
 
     See [OpenSSL Guide].
 
+This release incorporates the following bug fixes and mitigations:
+
+  * Fixed excessive time spent in DH check / generation with large Q parameter
+    value
+    ([CVE-2023-5678])
+
 A more detailed list of changes in this release can be found in the
 [CHANGES.md] file.
author	Matt Caswell <matt@openssl.org>	2024-01-30 16:51:52 +0000
committer	Tomas Mraz <tomas@openssl.org>	2024-02-01 18:30:21 +0100
commit	afb19f07aecc84998eeea56c4d65f5e0499abb5a (patch)
tree	c9243ac03eeb71698413b25604204e5be38829c8 /NEWS.md
parent	504e72fc1a1432d5266bd6e8909648c49884a36c (diff)