diff options
author | Matt Caswell <matt@openssl.org> | 2020-12-08 11:19:41 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-12-08 11:45:55 +0000 |
commit | 1e13198fa72943dd7e5154d7250a86b93a8f7e47 (patch) | |
tree | 3f1470a3c86b53c0b072e33153e9497bdb920d86 /CHANGES.md | |
parent | 22b88fc9c0e22545401c0b34d24843883ea73fec (diff) | |
download | openssl-1e13198fa72943dd7e5154d7250a86b93a8f7e47.tar.gz |
Update CHANGES and NEWS for new release
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'CHANGES.md')
-rw-r--r-- | CHANGES.md | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/CHANGES.md b/CHANGES.md index e3ab1c5562..b099baa27a 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1339,7 +1339,19 @@ OpenSSL 1.1.1 ### Changes between 1.1.1h and 1.1.1i [xx XXX xxxx] - * + * Fixed NULL pointer deref in the GENERAL_NAME_cmp function + This function could crash if both GENERAL_NAMEs contain an EDIPARTYNAME. + If an attacker can control both items being compared then this could lead + to a possible denial of service attack. OpenSSL itself uses the + GENERAL_NAME_cmp function for two purposes: + 1) Comparing CRL distribution point names between an available CRL and a + CRL distribution point embedded in an X509 certificate + 2) When verifying that a timestamp response token signer matches the + timestamp authority name (exposed via the API functions + TS_RESP_verify_response and TS_RESP_verify_token) + ([CVE-2020-1971]) + + *Matt Caswell* ### Changes between 1.1.1g and 1.1.1h [22 Sep 2020] @@ -18662,6 +18674,7 @@ ndif <!-- Links --> +[CVE-2020-1971]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1971 [CVE-2020-1967]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1967 [CVE-2019-1563]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1563 [CVE-2019-1559]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1559 |