Add CHANGES/NEWS for CVE-2023-3817

Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #21551)
openssl · Jul 31, 2023 · 2330fdf · 2330fdf
1 parent 34d0f5c
commit 2330fdf
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 0 deletions.
diff --git a/CHANGES b/CHANGES
@@ -9,6 +9,22 @@
 
  Changes between 1.1.1u and 1.1.1v [xx XXX xxxx]
 
+ *) Fix excessive time spent checking DH q parameter value.
+
+    The function DH_check() performs various checks on DH parameters. After
+    fixing CVE-2023-3446 it was discovered that a large q parameter value can
+    also trigger an overly long computation during some of these checks.
+    A correct q value, if present, cannot be larger than the modulus p
+    parameter, thus it is unnecessary to perform these checks if q is larger
+    than p.
+
+    If DH_check() is called with such q parameter value,
+    DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally
+    intensive checks are skipped.
+
+    (CVE-2023-3817)
+    [Tomáš Mráz]
+
  *) Fix DH_check() excessive time with over sized modulus
 
     The function DH_check() performs various checks on DH parameters. One of

diff --git a/NEWS b/NEWS
@@ -7,6 +7,7 @@
 
   Major changes between OpenSSL 1.1.1u and OpenSSL 1.1.1v [under development]
 
+      o Fix excessive time spent checking DH q parameter value (CVE-2023-3817)
       o Fix DH_check() excessive time with over sized modulus (CVE-2023-3446)
 
   Major changes between OpenSSL 1.1.1t and OpenSSL 1.1.1u [30 May 2023]