From: Tomas Mraz <tomas@openssl.org>
Date: Mon, 29 Sep 2025 12:23:12 +0000 (+0200)
Subject: Add CHANGES.md and NEWS.md updates
X-Git-Tag: openssl-3.6.0~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=deef067261e5085bc9b246cc2c4ddfa33f7eebf4;p=thirdparty%2Fopenssl.git

Add CHANGES.md and NEWS.md updates

Including a few corrections of the previous entries.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
---

diff --git a/CHANGES.md b/CHANGES.md
index d62f7f87134..af43910a79e 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -278,6 +278,55 @@ OpenSSL 3.6
 OpenSSL 3.5
 -----------
 
+### Changes between 3.5.3 and 3.5.4 [xx XXX xxxx]
+
+ * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap
+
+   Issue summary: An application trying to decrypt CMS messages encrypted using
+   password based encryption can trigger an out-of-bounds read and write.
+
+   Impact summary: This out-of-bounds read may trigger a crash which leads to
+   Denial of Service for an application. The out-of-bounds write can cause
+   a memory corruption which can have various consequences including
+   a Denial of Service or Execution of attacker-supplied code.
+
+   The issue was reported by Stanislav Fort (Aisle Research).
+
+   ([CVE-2025-9230])
+
+   *Viktor Dukhovni*
+
+ * Fix Timing side-channel in SM2 algorithm on 64 bit ARM
+
+   Issue summary: A timing side-channel which could potentially allow remote
+   recovery of the private key exists in the SM2 algorithm implementation on
+   64 bit ARM platforms.
+
+   Impact summary: A timing side-channel in SM2 signature computations on
+   64 bit ARM platforms could allow recovering the private key by an attacker.
+
+   The issue was reported by Stanislav Fort (Aisle Research).
+
+   ([CVE-2025-9231])
+
+   *Stanislav Fort and TomÃ¡Å¡ MrÃ¡z*
+
+ * Fix Out-of-bounds read in HTTP client no_proxy handling
+
+   Issue summary: An application using the OpenSSL HTTP client API functions
+   may trigger an out-of-bounds read if the "no_proxy" environment variable is
+   set and the host portion of the authority component of the HTTP URL is an
+   IPv6 address.
+
+   Impact summary: An out-of-bounds read can trigger a crash which leads to
+   Denial of Service for an application.
+
+   The issue was reported by Stanislav Fort (Aisle Research).
+
+   ([CVE-2025-9232])
+
+   *Stanislav Fort*
+
 ### Changes between 3.5.2 and 3.5.3 [16 Sep 2025]
 
  * Avoided a potential race condition introduced in 3.5.1, where
@@ -21534,6 +21583,9 @@ ndif
 
 <!-- Links -->
 
+[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
+[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
+[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
 [CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
 [CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
 [CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143
diff --git a/NEWS.md b/NEWS.md
index 53ca91edfca..c02d6eb4e52 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -56,19 +56,40 @@ changes:
 OpenSSL 3.5
 -----------
 
+### Major changes between OpenSSL 3.5.3 and OpenSSL 3.5.4 [under development]
+
+OpenSSL 3.5.4 is a security patch release. The most severe CVE fixed in this
+release is Moderate.
+
+This release incorporates the following bug fixes and mitigations:
+
+  * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
+    ([CVE-2025-9230])
+
+  * Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
+    ([CVE-2025-9231])
+
+  * Fix Out-of-bounds read in HTTP client no_proxy handling.
+    ([CVE-2025-9232])
+
 ### Major changes between OpenSSL 3.5.2 and OpenSSL 3.5.3 [16 Sep 2025]
 
-  * Added FIPS 140-3 PCT on DH key generation.
+OpenSSL 3.5.3 is a bug fix release.
+
+This release incorporates the following bug fixes and mitigations:
 
-    *Nikola Pajkovsky*
+  * Added FIPS 140-3 PCT on DH key generation.
 
   * Fixed the synthesised `OPENSSL_VERSION_NUMBER`.
 
-    *Richard Levitte*
+  * Removed PCT on key import in the FIPS provider as it is not required by
+    the standard.
 
 ### Major changes between OpenSSL 3.5.1 and OpenSSL 3.5.2 [5 Aug 2025]
 
-  * none
+OpenSSL 3.5.2 is a bug fix release.
+
+  * The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
 
 ### Major changes between OpenSSL 3.5.0 and OpenSSL 3.5.1 [1 Jul 2025]
 
@@ -78,9 +99,9 @@ release is Low.
 This release incorporates the following bug fixes and mitigations:
 
   * Fix x509 application adds trusted use instead of rejected use.
-   ([CVE-2025-4575])
+    ([CVE-2025-4575])
 
-### Major changes between OpenSSL 3.4 and OpenSSL 3.5 [8 Apr 2025]
+### Major changes between OpenSSL 3.4 and OpenSSL 3.5.0 [8 Apr 2025]
 
 OpenSSL 3.5.0 is a feature release adding significant new functionality to
 OpenSSL.
@@ -1946,6 +1967,9 @@ OpenSSL 0.9.x
   * Support for various new platforms
 
 <!-- Links -->
+[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
+[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
+[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
 [CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
 [CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
 [CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143