From: Matt Caswell <matt@openssl.org>
Date: Tue, 1 Dec 2015 14:39:47 +0000 (+0000)
Subject: Update CHANGES and NEWS
X-Git-Tag: OpenSSL_1_0_0t~1
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=a402b2b7bcff8d6901aa771e49c45cf38836e7bf

Update CHANGES and NEWS

Update the CHANGES and NEWS files for the new release.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/CHANGES b/CHANGES
index ccf2c03dc6..2c48a4b3a6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,26 @@
 
  Changes between 1.0.0s and 1.0.0t [xx XXX xxxx]
 
-  *)
+  *) X509_ATTRIBUTE memory leak
+
+     When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
+     memory. This structure is used by the PKCS#7 and CMS routines so any
+     application which reads PKCS#7 or CMS data from untrusted sources is
+     affected. SSL/TLS is not affected.
+
+     This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
+     libFuzzer.
+     (CVE-2015-3195)
+     [Stephen Henson]
+
+  *) Race condition handling PSK identify hint
+
+     If PSK identity hints are received by a multi-threaded client then
+     the values are wrongly updated in the parent SSL_CTX structure. This can
+     result in a race condition potentially leading to a double free of the
+     identify hint data.
+     (CVE-2015-3196)
+     [Stephen Henson]
 
  Changes between 1.0.0r and 1.0.0s [11 Jun 2015]
 
diff --git a/NEWS b/NEWS
index 99ba9605c3..3ff3d1392b 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,8 @@
 
   Major changes between OpenSSL 1.0.0s and OpenSSL 1.0.0t [under development]
 
-      o
+      o X509_ATTRIBUTE memory leak (CVE-2015-3195)
+      o Race condition handling PSK identify hint (CVE-2015-3196)
 
   Major changes between OpenSSL 1.0.0r and OpenSSL 1.0.0s [11 Jun 2015]