From: Billy Brumley <bbrumley@gmail.com>
Date: Fri, 6 Sep 2019 14:26:40 +0000 (+0300)
Subject: CHANGES entry: for ECC parameters with NULL or zero cofactor, compute it
X-Git-Tag: openssl-3.0.0-alpha1~1433
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a1a0e6f28580d6a79762188128e23cca559993a8;p=oweals%2Fopenssl.git

CHANGES entry: for ECC parameters with NULL or zero cofactor, compute it

This is a forward port from https://github.com/openssl/openssl/pull/9781
of the CHANGES entry for the functionality added in
https://github.com/openssl/openssl/pull/9727

(cherry picked from commit 4b965086cb56c24cb5d2197fc04869b95f209a11)

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9797)
---

diff --git a/CHANGES b/CHANGES
index 369b32756c..9599c64545 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,13 @@
 
  Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
 
+  *) Compute ECC cofactors if not provided during EC_GROUP construction. Before
+     this change, EC_GROUP_set_generator would accept order and/or cofactor as
+     NULL. After this change, only the cofactor parameter can be NULL. It also
+     does some minimal sanity checks on the passed order.
+     (CVE-2019-1547)
+     [Billy Bob Brumley]
+
   *) Early start up entropy quality from the DEVRANDOM seed source has been
      improved for older Linux systems.  The RAND subsystem will wait for
      /dev/random to be producing output before seeding from /dev/urandom.