X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=CHANGES;h=7adbeb80a0bc4a11860135b818d9073ab6c8704c;hp=5e04f229923d3e4f63ba592ff5ba35ce37c1c4ca;hb=18a2d293f19e8583a702b3881b16f018f8c6ef94;hpb=fd28a41ec899eb8749e21d11441fd4df35ed9a07 diff --git a/CHANGES b/CHANGES index 5e04f22992..7adbeb80a0 100644 --- a/CHANGES +++ b/CHANGES @@ -303,46 +303,7 @@ whose return value is often ignored. [Steve Henson] - Changes between 1.0.1h and 1.0.2 [xx XXX xxxx] - - *) SRTP Memory Leak. - - A flaw in the DTLS SRTP extension parsing code allows an attacker, who - sends a carefully crafted handshake message, to cause OpenSSL to fail - to free up to 64k of memory causing a memory leak. This could be - exploited in a Denial Of Service attack. This issue affects OpenSSL - 1.0.1 server implementations for both SSL/TLS and DTLS regardless of - whether SRTP is used or configured. Implementations of OpenSSL that - have been compiled with OPENSSL_NO_SRTP defined are not affected. - - The fix was developed by the OpenSSL team. - (CVE-2014-3513) - [OpenSSL team] - - *) Session Ticket Memory Leak. - - When an OpenSSL SSL/TLS/DTLS server receives a session ticket the - integrity of that ticket is first verified. In the event of a session - ticket integrity check failing, OpenSSL will fail to free memory - causing a memory leak. By sending a large number of invalid session - tickets an attacker could exploit this issue in a Denial Of Service - attack. - (CVE-2014-3567) - [Steve Henson] - - *) Build option no-ssl3 is incomplete. - - When OpenSSL is configured with "no-ssl3" as a build option, servers - could accept and complete a SSL 3.0 handshake, and clients could be - configured to send them. - (CVE-2014-3568) - [Akamai and the OpenSSL team] - - *) Add support for TLS_FALLBACK_SCSV. - Client applications doing fallback retries should call - SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). - (CVE-2014-3566) - [Adam Langley, Bodo Moeller] + Changes between 1.0.1j and 1.0.2 [xx XXX xxxx] *) Accelerated NIST P-256 elliptic curve implementation for x86_64 (other platforms pending). @@ -664,7 +625,46 @@ X509_CINF_set_modified, X509_CINF_get_issuer, X509_CINF_get_extensions and X509_CINF_get_signature were reverted post internal team review. - Changes between 1.0.1i and 1.0.1j [xx XXX xxxx] + Changes between 1.0.1i and 1.0.1j [15 Oct 2014] + + *) SRTP Memory Leak. + + A flaw in the DTLS SRTP extension parsing code allows an attacker, who + sends a carefully crafted handshake message, to cause OpenSSL to fail + to free up to 64k of memory causing a memory leak. This could be + exploited in a Denial Of Service attack. This issue affects OpenSSL + 1.0.1 server implementations for both SSL/TLS and DTLS regardless of + whether SRTP is used or configured. Implementations of OpenSSL that + have been compiled with OPENSSL_NO_SRTP defined are not affected. + + The fix was developed by the OpenSSL team. + (CVE-2014-3513) + [OpenSSL team] + + *) Session Ticket Memory Leak. + + When an OpenSSL SSL/TLS/DTLS server receives a session ticket the + integrity of that ticket is first verified. In the event of a session + ticket integrity check failing, OpenSSL will fail to free memory + causing a memory leak. By sending a large number of invalid session + tickets an attacker could exploit this issue in a Denial Of Service + attack. + (CVE-2014-3567) + [Steve Henson] + + *) Build option no-ssl3 is incomplete. + + When OpenSSL is configured with "no-ssl3" as a build option, servers + could accept and complete a SSL 3.0 handshake, and clients could be + configured to send them. + (CVE-2014-3568) + [Akamai and the OpenSSL team] + + *) Add support for TLS_FALLBACK_SCSV. + Client applications doing fallback retries should call + SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). + (CVE-2014-3566) + [Adam Langley, Bodo Moeller] *) Add additional DigestInfo checks.