projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[crypto/ec] for ECC parameters with NULL or zero cofactor, compute it
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 8cfdec686028a4b53c1d172508fdc0b6db96e47b..ee272f2266254cb67b41aaa804904587ad2497c7 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,22 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.0.2s and 1.0.2t [xx XXX xxxx]
+
+  *) Compute ECC cofactors if not provided during EC_GROUP construction. Before
+     this change, EC_GROUP_set_generator would accept order and/or cofactor as
+     NULL. After this change, only the cofactor parameter can be NULL. It also
+     does some minimal sanity checks on the passed order.
+     (CVE-2019-1547)
+     [Billy Bob Brumley]
+
+  *) Document issue with installation paths in diverse Windows builds
+
+     '/usr/local/ssl' is an unsafe prefix for location to install OpenSSL
+     binaries and run-time config file.
+     (CVE-2019-1552)
+     [Richard Levitte]
+
  Changes between 1.0.2r and 1.0.2s [28 May 2019]
 
   *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
Unnamed repository; edit this file 'description' to name the repository.