diff options
| author | Matt Caswell <matt@openssl.org> | 2018-08-14 10:39:19 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-08-14 10:57:00 +0100 |
| commit | 825dbd019c7eca898457f64d377074d7f0d43ada (patch) | |
| tree | 378a3d83cc00f2346bdb042cae1d7e0bb40af8c6 | |
| parent | cc08075f66cd84949524444321bb59566f22dce0 (diff) | |
Updates to CHANGES and NEWS for the new release
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6950)
| -rw-r--r-- | CHANGES | 24 | ||||
| -rw-r--r-- | NEWS | 3 |
2 files changed, 26 insertions, 1 deletions
@@ -9,6 +9,30 @@ Changes between 1.1.0h and 1.1.0i [xx XXX xxxx] + *) Client DoS due to large DH parameter + + During key agreement in a TLS handshake using a DH(E) based ciphersuite a + malicious server can send a very large prime value to the client. This will + cause the client to spend an unreasonably long period of time generating a + key for this prime resulting in a hang until the client has finished. This + could be exploited in a Denial Of Service attack. + + This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken + (CVE-2018-0732) + [Guido Vranken] + + *) Cache timing vulnerability in RSA Key Generation + + The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to + a cache timing side channel attack. An attacker with sufficient access to + mount cache timing attacks during the RSA key generation process could + recover the private key. + + This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera + Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia. + (CVE-2018-0737) + [Billy Brumley] + *) Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str parameter is no longer accepted, as it leads to a corrupt table. NULL pem_str is reserved for alias entries only. @@ -7,7 +7,8 @@ Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [under development] - o + o Client DoS due to large DH parameter (CVE-2018-0732) + o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [27 Mar 2018] |