Mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2026-01-18 17:11:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

CHANGES.md, NEWS.md: update for 3.5.4

Browse Source 
3.5.4 CHANGES.md includes the following:
 * https://github.com/openssl/openssl/pull/28415
 * https://github.com/openssl/openssl/pull/28573
 * https://github.com/openssl/openssl/pull/28603

3.5.4 NEWS.md includes the following:
 * https://github.com/openssl/openssl/pull/28603

Release: Yes
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28734)
This commit is contained in:
Eugene Syromiatnikov
2025-09-30 11:06:25 +02:00
committed by Tomas Mraz
parent 2dda0c50ea
commit 481eb62f69
2 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
CHANGES.md
View File

@@ -345,6 +345,23 @@ OpenSSL 3.5
*Stanislav Fort*
* The FIPS provider no longer performs a PCT on key import for ECX keys
(that was introduced in 3.5.2), following the latest update
on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
*Eugene Syromiatnikov*
* Fixed the length of the ASN.1 sequence for the SM3 digests of RSA-encrypted
signatures.
*Xiao Lou Dong Feng*
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
builds, as it broke some exiting applications that relied on the previous
3.x semantics, as documented in `OpenSSL_version(3)`.
*Richard Levitte*
### Changes between 3.5.2 and 3.5.3 [16 Sep 2025]
* Avoided a potential race condition introduced in 3.5.1, where

6
NEWS.md
View File

@@ -80,6 +80,10 @@ This release incorporates the following bug fixes and mitigations:
* Fix Out-of-bounds read in HTTP client no_proxy handling.
([CVE-2025-9232])
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
builds, as it broke some exiting applications that relied on the previous
3.x semantics, as documented in `OpenSSL_version(3)`.
### Major changes between OpenSSL 3.5.2 and OpenSSL 3.5.3 [16 Sep 2025]
OpenSSL 3.5.3 is a bug fix release.
@@ -97,6 +101,8 @@ This release incorporates the following bug fixes and mitigations:
OpenSSL 3.5.2 is a bug fix release.
This release incorporates the following bug fixes and mitigations:
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
### Major changes between OpenSSL 3.5.0 and OpenSSL 3.5.1 [1 Jul 2025]