Reject excessively large primes in DH key generation.

[openssl.git] / NEWS

diff --git a/NEWS b/NEWS
index f7da7a9e2e718004d457ebaaa92fedd46a7ad7f7..0fb47242cd7f2a1b7856c850fe7498b530486815 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,16 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
-  Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [under development]
+  Major changes between OpenSSL 1.0.2o and OpenSSL 1.0.2p [under development]
+
+      o
+
+  Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018]
+
+      o Constructed ASN.1 types with a recursive definition could exceed the
+        stack (CVE-2018-0739)
+
+  Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017]
 
       o Read/write after SSL object in error state (CVE-2017-3737)
       o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)