OpenSSL CHANGES
_______________
- Changes between 1.0.1j and 1.0.1k [xx XXX xxxx]
+ Changes between 1.0.1l and 1.0.1m [xx XXX xxxx]
+
+ *)
+
+ Changes between 1.0.1k and 1.0.1l [15 Jan 2015]
+
+ *) Build fixes for the Windows and OpenVMS platforms
+ [Matt Caswell and Richard Levitte]
+
+ Changes between 1.0.1j and 1.0.1k [8 Jan 2015]
+
+ *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
+ message can cause a segmentation fault in OpenSSL due to a NULL pointer
+ dereference. This could lead to a Denial Of Service attack. Thanks to
+ Markus Stenberg of Cisco Systems, Inc. for reporting this issue.
+ (CVE-2014-3571)
+ [Steve Henson]
+
+ *) Fix DTLS memory leak in dtls1_buffer_record. A memory leak can occur in the
+ dtls1_buffer_record function under certain conditions. In particular this
+ could occur if an attacker sent repeated DTLS records with the same
+ sequence number but for the next epoch. The memory leak could be exploited
+ by an attacker in a Denial of Service attack through memory exhaustion.
+ Thanks to Chris Mueller for reporting this issue.
+ (CVE-2015-0206)
+ [Matt Caswell]
+
+ *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
+ built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
+ method would be set to NULL which could later result in a NULL pointer
+ dereference. Thanks to Frank Schmirler for reporting this issue.
+ (CVE-2014-3569)
+ [Kurt Roeckx]
*) Abort handshake if server key exchange message is omitted for ephemeral
ECDH ciphersuites.
- Thanks to Karthikeyan Bhargavan for reporting this issue.
+ Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+ reporting this issue.
(CVE-2014-3572)
[Steve Henson]
violated the TLS standard by allowing the use of temporary RSA keys in
non-export ciphersuites and could be used by a server to effectively
downgrade the RSA key length used to a value smaller than the server
- certificate. Thanks for Karthikeyan Bhargavan for reporting this issue.
+ certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+ INRIA or reporting this issue.
(CVE-2015-0204)
[Steve Henson]
+ *) Fixed issue where DH client certificates are accepted without verification.
+ An OpenSSL server will accept a DH certificate for client authentication
+ without the certificate verify message. This effectively allows a client to
+ authenticate without the use of a private key. This only affects servers
+ which trust a client certificate authority which issues certificates
+ containing DH keys: these are extremely rare and hardly ever encountered.
+ Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting
+ this issue.
+ (CVE-2015-0205)
+ [Steve Henson]
+
*) Ensure that the session ID context of an SSL is updated when its
SSL_CTX is updated via SSL_set_SSL_CTX.
(CVE-2014-8275)
[Steve Henson]
+ *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect
+ results on some platforms, including x86_64. This bug occurs at random
+ with a very low probability, and is not known to be exploitable in any
+ way, though its exact impact is difficult to determine. Thanks to Pieter
+ Wuille (Blockstream) who reported this issue and also suggested an initial
+ fix. Further analysis was conducted by the OpenSSL development team and
+ Adam Langley of Google. The final fix was developed by Andy Polyakov of
+ the OpenSSL core team.
+ (CVE-2014-3570)
+ [Andy Polyakov]
+
*) Do not resume sessions on the server if the negotiated protocol
version does not match the session's version. Resuming with a different
version, while not strictly forbidden by the RFC, is of questionable
projects / openssl.git / blobdiff