Changes between 1.1.1p and 1.1.1q [xx XXX xxxx]
- *)
+ *) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
+ implementation would not encrypt the entirety of the data under some
+ circumstances. This could reveal sixteen bytes of data that was
+ preexisting in the memory that wasn't written. In the special case of
+ "in place" encryption, sixteen bytes of the plaintext would be revealed.
+
+ Since OpenSSL does not support OCB based cipher suites for TLS and DTLS,
+ they are both unaffected.
+ (CVE-2022-2097)
+ [Alex Chernyakhovsky, David Benjamin, Alejandro SedeƱo]
Changes between 1.1.1o and 1.1.1p [21 Jun 2022]
Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [under development]
- o
+ o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
+ (CVE-2022-2097)
Major changes between OpenSSL 1.1.1o and OpenSSL 1.1.1p [21 Jun 2022]