Update CHANGES and NEWS for new release

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/CHANGES.md b/CHANGES.md
index 11e5864c83c1a67f9403d06ea891fc61828277b0..8fd7e7288ac6ee5625fa1d4af426560bcfad10fe 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -72,13 +72,37 @@ OpenSSL 3.1
 
 ### Changes between 3.0.0 and 3.0.1 [xx XXX xxxx]
 
+ * Fixed invalid handling of X509_verify_cert() internal errors in libssl
+   Internally libssl in OpenSSL calls X509_verify_cert() on the client side to
+   verify a certificate supplied by a server. That function may return a
+   negative return value to indicate an internal error (for example out of
+   memory). Such a negative return value is mishandled by OpenSSL and will cause
+   an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate
+   success and a subsequent call to SSL_get_error() to return the value
+   SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be
+   returned by OpenSSL if the application has previously called
+   SSL_CTX_set_cert_verify_callback(). Since most applications do not do this
+   the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be
+   totally unexpected and applications may not behave correctly as a result. The
+   exact behaviour will depend on the application but it could result in
+   crashes, infinite loops or other similar incorrect responses.
+
+   This issue is made more serious in combination with a separate bug in OpenSSL
+   3.0 that will cause X509_verify_cert() to indicate an internal error when
+   processing a certificate chain. This will occur where a certificate does not
+   include the Subject Alternative Name extension but where a Certificate
+   Authority has enforced name constraints. This issue can occur even with valid
+   chains.
+   ([CVE-2021-4044])
+
+   *Matt Caswell*
+
  * Corrected a few file name and file reference bugs in the build,
    installation and setup scripts, which lead to installation verification
    failures.  Slightly enhanced the installation verification script.
 
    *Richard Levitte*
 
-
 OpenSSL 3.0
 -----------
 

diff --git a/NEWS.md b/NEWS.md
index 720cec7330d6af20df49c6ec0d6be5468ec7d185..9da16da913416915911050fdbfd2344fd4d906d6 100644 (file)
--- a/NEWS.md
+++ b/NEWS.md
@@ -21,13 +21,19 @@ OpenSSL 3.1
 
 ### Major changes between OpenSSL 3.0 and OpenSSL 3.1 [under development]
 
- * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings
-   by default.
+  * Subject or issuer names in X.509 objects are now displayed as UTF-8 strings
+    by default.
 
 OpenSSL 3.0
 -----------
 
-### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0
+### Major changes between OpenSSL 3.0.0 and OpenSSL 3.0.1
+  * Fixed invalid handling of X509_verify_cert() internal errors in libssl
+    ([CVE-2021-4044])
+  * Allow fetching an operation from the provider that owns an unexportable key
+    as a fallback if that is still allowed by the property query.
+
+### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0
 
   * Enhanced 'openssl list' with many new options.
   * Added migration guide to man7.