Skip to content

Commit

Permalink
Update CHANGES.md and NEWS.md for new release
Browse files Browse the repository at this point in the history
Reviewed-by: Tomas Mraz <[email protected]>
Release: yes
(Merged from openssl#23421)
  • Loading branch information
mattcaswell committed Jan 30, 2024
1 parent 0f644b9 commit 0873e6f
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 30 deletions.
65 changes: 42 additions & 23 deletions CHANGES.md
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,12 @@ OpenSSL 3.3

### Changes between 3.2 and 3.3 [xx XXX xxxx]

* The EVP_PKEY_fromdata function has been augmented to allow for the derivation
of CRT (Chinese Remainder Theorem) parameters when requested. See the
OSSL_PKEY_PARAM_DERIVE_FROM_PQ param in the EVP_PKEY-RSA documentation.

*Neil Horman*

* The activate and soft_load configuration settings for providers in
openssl.cnf have been updated to require a value of [1|yes|true|on]
(in lower or UPPER case) to enable the setting. Conversely a value
Expand Down Expand Up @@ -86,6 +92,26 @@ OpenSSL 3.2

### Changes between 3.2.0 and 3.2.1 [xx XXX xxxx]

* A file in PKCS12 format can contain certificates and keys and may come from
an untrusted source. The PKCS12 specification allows certain fields to be
NULL, but OpenSSL did not correctly check for this case. A fix has been
applied to prevent a NULL pointer dereference that results in OpenSSL
crashing. If an application processes PKCS12 files from an untrusted source
using the OpenSSL APIs then that application will be vulnerable to this
issue prior to this fix.

OpenSSL APIs that were vulnerable to this are: PKCS12_parse(),
PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()
and PKCS12_newpass().

We have also fixed a similar issue in SMIME_write_PKCS7(). However since this
function is related to writing data we do not consider it security
significant.

([CVE-2024-0727])

*Matt Caswell*

* When function EVP_PKEY_public_check() is called on RSA public keys,
a computation is done to confirm that the RSA modulus, n, is composite.
For valid RSA keys, n is a product of two or more large primes and this
Expand Down Expand Up @@ -134,18 +160,26 @@ OpenSSL 3.2

*Rohan McLure*

* Fix excessive time spent in DH check / generation with large Q parameter
value.

Applications that use the functions DH_generate_key() to generate an
X9.42 DH key may experience long delays. Likewise, applications that use
DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()
to check an X9.42 DH key or X9.42 DH parameters may experience long delays.
Where the key or parameters that are being checked have been obtained from
an untrusted source this may lead to a Denial of Service.

([CVE-2023-5678])

*Richard Levitte*

* Disable building QUIC server utility when OpenSSL is configured with
`no-apps`.

*Vitalii Koshura*

### Changes between 3.1 and 3.2 [xx XXX xxxx]

* The EVP_PKEY_fromdata function has been augmented to allow for the derivation
of CRT (Chinese Remainder Theorem) parameters when requested. See the
OSSL_PKEY_PARAM_DERIVE_FROM_PQ param in the EVP_PKEY-RSA documentation.

*Neil Horman*
### Changes between 3.1 and 3.2.0 [23 Nov 2023]

* The BLAKE2b hash algorithm supports a configurable output length
by setting the "size" parameter.
Expand Down Expand Up @@ -597,22 +631,6 @@ OpenSSL 3.2
OpenSSL 3.1
-----------

### Changes between 3.1.4 and 3.1.5 [xx XXX xxxx]

* Fix excessive time spent in DH check / generation with large Q parameter
value.

Applications that use the functions DH_generate_key() to generate an
X9.42 DH key may experience long delays. Likewise, applications that use
DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()
to check an X9.42 DH key or X9.42 DH parameters may experience long delays.
Where the key or parameters that are being checked have been obtained from
an untrusted source this may lead to a Denial of Service.

([CVE-2023-5678])

*Richard Levitte*

### Changes between 3.1.3 and 3.1.4 [24 Oct 2023]

* Fix incorrect key and IV resizing issues when calling EVP_EncryptInit_ex2(),
Expand Down Expand Up @@ -20439,6 +20457,7 @@ ndif

<!-- Links -->

[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
[CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
Expand Down
19 changes: 12 additions & 7 deletions NEWS.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,21 @@ OpenSSL 3.2

### Major changes between OpenSSL 3.2.0 and OpenSSL 3.2.1 [under development]

* Fixed Excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
OpenSSL 3.2.1 is a security patch release. The most severe CVE fixed in this
release is Low.

This release incorporates the following bug fixes and mitigations:

* Fixed PKCS12 Decoding crashes
([CVE-2024-0727])
* Fixed excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
CPUs which support PowerISA 2.07
([CVE-2023-6129])
* Fixed excessive time spent in DH check / generation with large Q parameter
value
[(CVE-2023-5678)]

### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023]

Expand Down Expand Up @@ -125,11 +134,6 @@ tracker][issue tracker].
OpenSSL 3.1
-----------

### Major changes between OpenSSL 3.1.4 and OpenSSL 3.1.5 [under development]

* Fix excessive time spent in DH check / generation with large Q parameter
value ([CVE-2023-5678])

### Major changes between OpenSSL 3.1.3 and OpenSSL 3.1.4 [24 Oct 2023]

* Mitigate incorrect resize handling for symmetric cipher keys and IVs.
Expand Down Expand Up @@ -1585,6 +1589,7 @@ OpenSSL 0.9.x

<!-- Links -->

[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
[CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
Expand Down

0 comments on commit 0873e6f

Please sign in to comment.