[crypto/ec] for ECC parameters with NULL or zero cofactor, compute it

[openssl.git] / CHANGES

diff --git a/CHANGES b/CHANGES
index 2c89717497971e479b0cadf576daff83876cefb7..1b6c1830e852b88430ec93ecdf695ac1e49fe66d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,13 @@
 
  Changes between 1.1.0k and 1.1.0l [xx XXX xxxx]
 
 
  Changes between 1.1.0k and 1.1.0l [xx XXX xxxx]
 

+  *) Compute ECC cofactors if not provided during EC_GROUP construction. Before
+     this change, EC_GROUP_set_generator would accept order and/or cofactor as
+     NULL. After this change, only the cofactor parameter can be NULL. It also
+     does some minimal sanity checks on the passed order.
+     (CVE-2019-1547)
+     [Billy Bob Brumley]
+

   *) Use Windows installation paths in the mingw builds
 
      Mingw isn't a POSIX environment per se, which means that Windows
   *) Use Windows installation paths in the mingw builds
 
      Mingw isn't a POSIX environment per se, which means that Windows


@@ -16,7 +23,6 @@
      (CVE-2019-1552)
      [Richard Levitte]
 
      (CVE-2019-1552)
      [Richard Levitte]
 

-

  Changes between 1.1.0j and 1.1.0k [28 May 2019]
 
   *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
  Changes between 1.1.0j and 1.1.0k [28 May 2019]
 
   *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024.