Update CHANGES and NEWS for new release

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/CHANGES.md b/CHANGES.md
index 0a0f56395429f63f538540eac5d2c4810df6d2e9..228c61d1415af3e1622704a92cf0aeb11ca88398 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,6 +30,31 @@ breaking changes, and mappings for the large list of deprecated functions.
 
 ### Changes between 3.0.0 and 3.0.1 [xx XXX xxxx]
 
+ * Fixed invalid handling of X509_verify_cert() internal errors in libssl
+   Internally libssl in OpenSSL calls X509_verify_cert() on the client side to
+   verify a certificate supplied by a server. That function may return a
+   negative return value to indicate an internal error (for example out of
+   memory). Such a negative return value is mishandled by OpenSSL and will cause
+   an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate
+   success and a subsequent call to SSL_get_error() to return the value
+   SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be
+   returned by OpenSSL if the application has previously called
+   SSL_CTX_set_cert_verify_callback(). Since most applications do not do this
+   the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be
+   totally unexpected and applications may not behave correctly as a result. The
+   exact behaviour will depend on the application but it could result in
+   crashes, infinite loops or other similar incorrect responses.
+
+   This issue is made more serious in combination with a separate bug in OpenSSL
+   3.0 that will cause X509_verify_cert() to indicate an internal error when
+   processing a certificate chain. This will occur where a certificate does not
+   include the Subject Alternative Name extension but where a Certificate
+   Authority has enforced name constraints. This issue can occur even with valid
+   chains.
+   ([CVE-2021-4044])
+
+   *Matt Caswell*
+
  * Corrected a few file name and file reference bugs in the build,
    installation and setup scripts, which lead to installation verification
    failures.  Slightly enhanced the installation verification script.

diff --git a/NEWS.md b/NEWS.md
index 047b38dd8806522ee3e5e1f3799b6ad1b6539a77..f76b9d20c045cf6b8a6a7fdbeb8ecbbe37a7623e 100644 (file)
--- a/NEWS.md
+++ b/NEWS.md
@@ -20,8 +20,10 @@ OpenSSL 3.0
 
 ### Major changes between OpenSSL 3.0.0 and OpenSSL 3.0.1 [under development]
 
- * Allow fetching an operation from the provider that owns an unexportable key
-   as a fallback if that is still allowed by the property query.
+  * Fixed invalid handling of X509_verify_cert() internal errors in libssl
+    ([CVE-2021-4044])
+  * Allow fetching an operation from the provider that owns an unexportable key
+    as a fallback if that is still allowed by the property query.
 
 ### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [7 sep 2021]