ECDH downgrade bug fix.

Fix bug where an OpenSSL client would accept a handshake using an ephemeral ECDH ciphersuites with the server key exchange message omitted. Thanks to Karthikeyan Bhargavan for reporting this issue. CVE-2014-3572 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit b15f8769644b00ef7283521593360b7b2135cb63)
author: Dr. Stephen Henson <steve@openssl.org> 2014-10-24 12:30:33 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2015-01-05 23:48:55 +0000
commit: ef28c6d6767a6a30df5add36171894c96628fe98 (patch)
tree: 06d44aa1bd2ac6ab54db402e4ac48b2f433cb50d /CHANGES
parent: 2175744952f5c8eaa2749f347629891497a1bcca (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index bfb75bea0b..8d3e6ff67e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,13 @@
 
  Changes between 1.0.1j and 1.0.1k [xx XXX xxxx]
 
+  *) Abort handshake if server key exchange message is omitted for ephemeral
+     ECDH ciphersuites.
+
+     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     (CVE-2014-3572)
+     [Steve Henson]
+
   *) Ensure that the session ID context of an SSL is updated when its
      SSL_CTX is updated via SSL_set_SSL_CTX.
author	Dr. Stephen Henson <steve@openssl.org>	2014-10-24 12:30:33 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2015-01-05 23:48:55 +0000
commit	ef28c6d6767a6a30df5add36171894c96628fe98 (patch)
tree	06d44aa1bd2ac6ab54db402e4ac48b2f433cb50d /CHANGES
parent	2175744952f5c8eaa2749f347629891497a1bcca (diff)