Update CHANGES and NEWS for new release

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/CHANGES b/CHANGES
index ff01d65b7ec2241f2ce8363c23475f42bcf09bc2..d08b3c74f5cb104589f12e7318141ebe4da2b7d6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,19 @@
 
  Changes between 1.1.1h and 1.1.1i [xx XXX xxxx]
 
+  *) Fixed NULL pointer deref in the GENERAL_NAME_cmp function
+     This function could crash if both GENERAL_NAMEs contain an EDIPARTYNAME.
+     If an attacker can control both items being compared  then this could lead
+     to a possible denial of service attack. OpenSSL itself uses the
+     GENERAL_NAME_cmp function for two purposes:
+     1) Comparing CRL distribution point names between an available CRL and a
+        CRL distribution point embedded in an X509 certificate
+     2) When verifying that a timestamp response token signer matches the
+        timestamp authority name (exposed via the API functions
+        TS_RESP_verify_response and TS_RESP_verify_token)
+     (CVE-2020-1971)
+     [Matt Caswell]
+
   *) Add support for Apple Silicon M1 Macs with the darwin64-arm64-cc target.
      [Stuart Carnie]
 

diff --git a/NEWS b/NEWS
index 0a9adf3e3d9828de66eddae1512fed0784950222..5a304ae6006a3f68ee1dd2d29fa206b4ed4104ce 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,7 @@
 
   Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [under development]
 
-      o
+      o Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)
 
   Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [22 Sep 2020]