From 9a267ece9baee50b57c657da0126272aacbecb50 Mon Sep 17 00:00:00 2001
From: Eugene Syromiatnikov <esyr@openssl.org>
Date: Tue, 16 Sep 2025 01:40:35 +0200
Subject: [PATCH] CHANGES.md, NEWS.md: update for 3.5.3

CHANGES.md:
 * https://github.com/openssl/openssl/pull/28198
 * https://github.com/openssl/openssl/pull/28398
 * https://github.com/openssl/openssl/pull/28411
 * https://github.com/openssl/openssl/pull/28447
 * https://github.com/openssl/openssl/pull/28449

NEWS.md:
 * https://github.com/openssl/openssl/pull/28447

Release: Yes
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28558)
---
 CHANGES.md | 31 +++++++++++++++++++++++++++----
 NEWS.md    |  4 ----
 2 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index ef7e2dfa687..c6fa44d0dd1 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,6 +30,33 @@ OpenSSL 3.5
 
 ### Changes between 3.5.2 and 3.5.3 [xx XXX xxxx]
 
+ * Avoided a potential race condition introduced in 3.5.1, where
+   `OSSL_STORE_CTX` kept open during lookup while potentially being used
+   by multiple threads simultaneously, that could lead to potential crashes
+   when multiple concurrent TLS connections are served.
+
+   *Matt Caswell*
+
+ * The FIPS provider no longer performs a PCT on key import for RSA, DH,
+   and EC keys (that was introduced in 3.5.2), following the latest update
+   on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
+
+   *Dr Paul Dale*
+
+ * Secure memory allocation calls are no longer used for HMAC keys.
+
+   *Dr Paul Dale*
+
+ * `openssl req` no longer generates certificates with an empty extension list
+   when SKID/AKID are set to `none` during generation.
+
+   *David Benjamin*
+
+ * The man page date is now derived from the release date provided
+   in `VERSION.dat` and not the current date for the released builds.
+
+   *Enji Cooper*
+
  * Hardened the provider implementation of the RSA public key "encrypt"
    operation to add a missing check that the caller-indicated output buffer
    size is at least as large as the byte count of the RSA modulus.  The issue
@@ -43,10 +70,6 @@ OpenSSL 3.5
 
    *Viktor Dukhovni*
 
- * Added PCT for key import for SLH-DSA when in FIPS mode.
-
-   *Dr Paul Dale*
-
  * Added FIPS 140-3 PCT on DH key generation.
 
    *Nikola Pajkovsky*
diff --git a/NEWS.md b/NEWS.md
index 441bf810d8b..0d3b5a0b70d 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -25,10 +25,6 @@ OpenSSL 3.5
 
 ### Major changes between OpenSSL 3.5.2 and OpenSSL 3.5.3 [under development]
 
-  * Added PCT for key import for SLH-DSA when in FIPS mode.
-
-    *Dr Paul Dale*
-
   * Added FIPS 140-3 PCT on DH key generation.
 
     *Nikola Pajkovsky*
-- 
2.47.3