Update CHANGES and NEWS for new release

Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2021-02-16 12:17:04 +0000
committer: Matt Caswell <matt@openssl.org> 2021-02-16 12:33:40 +0000
commit: 8b02603cedc8fbdf9901aa2cc71877c28adbcaf2 (patch)
tree: 15dda126e89df57a37101e5c0b2c9976ff2b641e /NEWS
parent: 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 55ffce8ea3..32e036ee2f 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,13 @@
 
   Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [under development]
 
-      o
+      o Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
+        function (CVE-2021-23841)
+      o Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
+        padding mode to correctly check for rollback attacks
+      o Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
+        EVP_DecryptUpdate functions (CVE-2021-23840)
+      o Fixed SRP_Calc_client_key so that it runs in constant time
 
   Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]
author	Matt Caswell <matt@openssl.org>	2021-02-16 12:17:04 +0000
committer	Matt Caswell <matt@openssl.org>	2021-02-16 12:33:40 +0000
commit	8b02603cedc8fbdf9901aa2cc71877c28adbcaf2 (patch)
tree	15dda126e89df57a37101e5c0b2c9976ff2b641e /NEWS
parent	6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1 (diff)