Updates to CHANGES and NEWS for the new release

 Changes between 1.1.0h and 1.1.0i [xx XXX xxxx]

  *) Client DoS due to large DH parameter

     During key agreement in a TLS handshake using a DH(E) based ciphersuite a

     malicious server can send a very large prime value to the client. This will

     cause the client to spend an unreasonably long period of time generating a

     key for this prime resulting in a hang until the client has finished. This

     could be exploited in a Denial Of Service attack.

     This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken

     (CVE-2018-0732)

     [Guido Vranken]

  *) Cache timing vulnerability in RSA Key Generation

     The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to

     a cache timing side channel attack. An attacker with sufficient access to

     mount cache timing attacks during the RSA key generation process could

     recover the private key.

     This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera

     Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.

     (CVE-2018-0737)

     [Billy Brumley]

  *) Make EVP_PKEY_asn1_new() a bit stricter about its input.  A NULL pem_str

     parameter is no longer accepted, as it leads to a corrupt table.  NULL

     pem_str is reserved for alias entries only.

  Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [under development]

      o

      o Client DoS due to large DH parameter (CVE-2018-0732)

      o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)

  Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [27 Mar 2018]