prov: use new MAC_init arguments in signature legacy code

[openssl.git] / NEWS.md

diff --git a/NEWS.md b/NEWS.md
index c655bf7dfef0d7552767ebbe6fdb102e6a1d252d..342e6569f3eceeb0d1d1a9b1b3b820c46c67fc1a 100644 (file)
--- a/NEWS.md
+++ b/NEWS.md
@@ -18,7 +18,7 @@ OpenSSL Releases
 OpenSSL 3.0
 -----------
 
-### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 alpha 11 [in pre-release]
+### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development]
 
   * Deprecated the `OCSP_REQ_CTX` type and functions.
   * Deprecated the `EC_KEY` and `EC_KEY_METHOD` types and functions.
@@ -80,7 +80,19 @@ OpenSSL 3.0
 OpenSSL 1.1.1
 -------------
 
-### Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [under development]
+### Major changes between OpenSSL 1.1.1j and OpenSSL 1.1.1k [under development]
+
+### Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]
+
+  * Fixed a NULL pointer deref in the X509_issuer_and_serial_hash()
+    function ([CVE-2021-23841])
+  * Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
+    padding mode to correctly check for rollback attacks
+  * Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and
+    EVP_DecryptUpdate functions ([CVE-2021-23840])
+  * Fixed SRP_Calc_client_key so that it runs in constant time
+
+### Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [8 Dec 2020]
 
   * Fixed NULL pointer deref in GENERAL_NAME_cmp ([CVE-2020-1971])