Update CHANGES and NEWS for new release (d90d8537) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

CHANGES

+20 −0

Original line number	Original line	Diff line number	Diff line
	@@ -9,6 +9,26 @@

	Changes between 1.1.1 and 1.1.1a [xx XXX xxxx]		Changes between 1.1.1 and 1.1.1a [xx XXX xxxx]

			*) Timing vulnerability in DSA signature generation

			The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
			timing side channel attack. An attacker could use variations in the signing
			algorithm to recover the private key.

			This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
			(CVE-2018-0734)
			[Paul Dale]

			*) Timing vulnerability in ECDSA signature generation

			The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a
			timing side channel attack. An attacker could use variations in the signing
			algorithm to recover the private key.

			This issue was reported to OpenSSL on 25th October 2018 by Samuel Weiser.
			(CVE-2018-0735)
			[Paul Dale]

	*) Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for		*) Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for
	the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). The old names		the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). The old names
	are retained for backwards compatibility.		are retained for backwards compatibility.

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -7,7 +7,8 @@

	Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [under development]		Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [under development]

	o		o Timing vulnerability in DSA signature generation (CVE-2018-0734)
			o Timing vulnerability in ECDSA signature generation (CVE-2018-0735)

	Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018]		Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018]