OpenSSL

Cryptography and SSL/TLS Toolkit

OpenSSL 3.1 Series Release Notes

The major changes and known issues for the 3.1 branch of the OpenSSL toolkit are summarised below. The contents reflect the current state of the NEWS file inside the git repository.

More details can be found in the ChangeLog.

Major changes between OpenSSL 3.1.3 and OpenSSL 3.1.4 [24 Oct 2023]

  • Mitigate incorrect resize handling for symmetric cipher keys and IVs. ([CVE-2023-5363])

Major changes between OpenSSL 3.1.2 and OpenSSL 3.1.3 [19 Sep 2023]

  • Fix POLY1305 MAC implementation corrupting XMM registers on Windows ([CVE-2023-4807])

Major changes between OpenSSL 3.1.1 and OpenSSL 3.1.2 [1 Aug 2023]

  • Fix excessive time spent checking DH q parameter value ([CVE-2023-3817])
  • Fix DH_check() excessive time with over sized modulus ([CVE-2023-3446])
  • Do not ignore empty associated data entries with AES-SIV ([CVE-2023-2975])

  • When building with the enable-fips option and using the resulting FIPS provider, TLS 1.2 will, by default, mandate the use of an extended master secret and the Hash and HMAC DRBGs will not operate with truncated digests.

Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [30 May 2023]

  • Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. ([CVE-2023-2650])
  • Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms ([CVE-2023-1255])
  • Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466])
  • Fixed handling of invalid certificate policies in leaf certificates ([CVE-2023-0465])

  • Limited the number of nodes created in a policy tree ([CVE-2023-0464])

Major changes between OpenSSL 3.0 and OpenSSL 3.1.0 [14 Mar 2023]

  • SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0.
  • Performance enhancements and new platform support including new assembler code algorithm implementations.
  • Deprecated LHASH statistics functions.

  • FIPS 140-3 compliance changes.