projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
KDF_CTX_new API has incorrect signature (const should not be there)
[openssl.git] / NEWS.md
diff --git a/NEWS.md b/NEWS.md
index a953810c92afd77104d5fa2e778c4d0e9a3805ea..7e0a0ace48ac8321bb7c1efe4aae3845775b1d91 100644 (file)
--- a/NEWS.md
+++ b/NEWS.md
@@ -19,8 +19,19 @@ OpenSSL Releases
 OpenSSL 3.1
 -----------
 
-### Major changes between OpenSSL 3.1.4 and OpenSSL 3.1.5 [under development]
+### Major changes between OpenSSL 3.1.5 and OpenSSL 3.1.6 [under development]
 
+  * none
+
+### Major changes between OpenSSL 3.1.4 and OpenSSL 3.1.5 [30 Jan 2024]
+
+  * Fixed PKCS12 Decoding crashes
+    ([CVE-2024-0727])
+  * Fixed Excessive time spent checking invalid RSA public keys
+    ([CVE-2023-6237])
+  * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
+    CPUs which support PowerISA 2.07
+    ([CVE-2023-6129])
   * Fix excessive time spent in DH check / generation with large Q parameter
     value ([CVE-2023-5678])
 
@@ -1479,6 +1490,9 @@ OpenSSL 0.9.x
 
 <!-- Links -->
 
+[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
+[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
+[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
 [CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
Unnamed repository; edit this file 'description' to name the repository.