diff options
author | Matt Caswell <matt@openssl.org> | 2015-01-08 13:07:08 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-01-08 13:51:50 +0000 |
commit | e02863b5ac8f6fc581e75e24e53b4ef5ea0b15ca (patch) | |
tree | 2c974ea3b2729def288524a41a24e1366a3098c2 | |
parent | 04685bc949e90a877656cf5020b6d4f90a9636a6 (diff) |
CHANGES and NEWS updates for release
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Steve Henson <steve@openssl.org>
-rw-r--r-- | CHANGES | 45 | ||||
-rw-r--r-- | NEWS | 9 |
2 files changed, 53 insertions, 1 deletions
@@ -4,6 +4,29 @@ Changes between 1.0.1j and 1.0.1k [xx XXX xxxx] + *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS + message can cause a segmentation fault in OpenSSL due to a NULL pointer + dereference. This could lead to a Denial Of Service attack. Thanks to + Markus Stenberg of Cisco Systems, Inc. for reporting this issue. + (CVE-2014-3571) + [Steve Henson] + + *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the + dtls1_buffer_record function under certain conditions. In particular this + could occur if an attacker sent repeated DTLS records with the same + sequence number but for the next epoch. The memory leak could be exploited + by an attacker in a Denial of Service attack through memory exhaustion. + Thanks to Chris Mueller for reporting this issue. + (CVE-2015-0206) + [Matt Caswell] + + *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is + built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl + method would be set to NULL which could later result in a NULL pointer + dereference. Thanks to Frank Schmirler for reporting this issue. + (CVE-2014-3569) + [Kurt Roeckx] + *) Abort handshake if server key exchange message is omitted for ephemeral ECDH ciphersuites. @@ -21,6 +44,17 @@ (CVE-2015-0204) [Steve Henson] + *) Fixed issue where DH client certificates are accepted without verification. + An OpenSSL server will accept a DH certificate for client authentication + without the certificate verify message. This effectively allows a client to + authenticate without the use of a private key. This only affects servers + which trust a client certificate authority which issues certificates + containing DH keys: these are extremely rare and hardly ever encountered. + Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting + this issue. + (CVE-2015-0205) + [Steve Henson] + *) Ensure that the session ID context of an SSL is updated when its SSL_CTX is updated via SSL_set_SSL_CTX. @@ -65,6 +99,17 @@ (CVE-2014-8275) [Steve Henson] + *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect + results on some platforms, including x86_64. This bug occurs at random + with a very low probability, and is not known to be exploitable in any + way, though its exact impact is difficult to determine. Thanks to Pieter + Wuille (Blockstream) who reported this issue and also suggested an initial + fix. Further analysis was conducted by the OpenSSL development team and + Adam Langley of Google. The final fix was developed by Andy Polyakov of + the OpenSSL core team. + (CVE-2014-3570) + [Andy Polyakov] + *) Do not resume sessions on the server if the negotiated protocol version does not match the session's version. Resuming with a different version, while not strictly forbidden by the RFC, is of questionable @@ -7,7 +7,14 @@ Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [under development] - o + o Fix for CVE-2014-3571 + o Fix for CVE-2015-0206 + o Fix for CVE-2014-3569 + o Fix for CVE-2014-3572 + o Fix for CVE-2015-0204 + o Fix for CVE-2015-0205 + o Fix for CVE-2014-8275 + o Fix for CVE-2014-3570 Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] |