From 1323b29dc1a12ae0aaf0758306a882097c121a19 Mon Sep 17 00:00:00 2001
From: xuhuiyue <xuhuiyue@huawei.com>
Date: Thu, 17 Oct 2024 17:57:26 +0800
Subject: [PATCH] Prepare for release of 1.1.1wc

 Changes between 1.1.1wb and 1.1.1wc [17 Oct 2024]

 *) Harden BN_GF2m_poly2arr against misuse.

   Fix CVE-2024-9143

 *) Fix SSL_select_next_proto and add ALPN validation in the client

   Fix CVE-2024-5535

 *) Fix possible use-after-free in SSL_free_buffers

   Fix CVE-2024-4741

 *) Fix unconstrained session cache growth in TLSv1.3

   Fix CVE-2024-2511

Signed-off-by: xuhuiyue <xuhuiyue@huawei.com>
---
 CHANGES                    | 20 +++++++++++++++++++-
 NEWS                       |  7 +++++++
 README                     |  2 +-
 include/openssl/opensslv.h |  4 ++--
 4 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/CHANGES b/CHANGES
index e3e9d0a857..8f31d2ef40 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,7 +7,25 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
- Changes between 1.1.1wa and 1.1.1wb [30 Jan 2023]
+ Changes between 1.1.1wb and 1.1.1wc [17 Oct 2024]
+
+ *) Harden BN_GF2m_poly2arr against misuse.
+
+   Fix CVE-2024-9143
+
+ *) Fix SSL_select_next_proto and add ALPN validation in the client
+
+   Fix CVE-2024-5535
+
+ *) Fix possible use-after-free in SSL_free_buffers
+
+   Fix CVE-2024-4741
+
+ *) Fix unconstrained session cache growth in TLSv1.3
+
+   Fix CVE-2024-2511
+
+ Changes between 1.1.1wa and 1.1.1wb [30 Jan 2024]
 
  *) Add NULL checks where ContentInfo data can be NULL
 
diff --git a/NEWS b/NEWS
index 4085102281..69e8cb0b1c 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,13 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1wb and OpenSSL 1.1.1wc [17 OCT 2024]
+
+      o Harden BN_GF2m_poly2arr against misuse. (CVE-2024-9143)
+      o Fix SSL_select_next_proto and add ALPN validation in the client. (CVE-2024-5535)
+      o Fix possible use-after-free in SSL_free_buffers. (CVE-2024-4741)
+      o Fix unconstrained session cache growth in TLSv1.3. (CVE-2024-2511)
+
   Major changes between OpenSSL 1.1.1w and OpenSSL 1.1.1wb [30 Jan 2024]
 
       o Add NULL checks where ContentInfo data can be NULL (CVE-2024-0727)
diff --git a/README b/README
index 403b909737..8828d938f2 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
 
- OpenSSL 1.1.1wb 30 Jan 2024
+ OpenSSL 1.1.1wc 17 Oct 2024
 
  Copyright (c) 1998-2023 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index 06adccdeba..33f2137af8 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h
@@ -39,8 +39,8 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x1010182fL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1wb  30 Jan 2024"
+# define OPENSSL_VERSION_NUMBER  0x1010183fL
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1wc  17 Oct 2024"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)
-- 
Gitee