X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=NEWS;h=2d865f2d8c49c03a916c39fe38526746bbb223b6;hp=af64d9bc52cac74314aaf4a0db11e055f204d48a;hb=22d41cd348555ccf99ad9eaa2bf321764a2f81bb;hpb=251c47001b951ec10dcd08b7d727e103560f8f25 diff --git a/NEWS b/NEWS index af64d9bc52..2d865f2d8c 100644 --- a/NEWS +++ b/NEWS @@ -5,12 +5,112 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. - Known issues in OpenSSL 1.0.2: + Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [under development] - o v3_scts.c compilation error on some platforms: fixed in 1.0.2-beta2-dev - o Issues compiling WIN32 fips static libraries: fixed in 1.0.2-beta2-dev + o + + Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017] - Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.2 [in beta]: + o config now recognises 64-bit mingw and chooses mingw64 instead of mingw + + Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017] + + o Truncated packet could crash via OOB read (CVE-2017-3731) + o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732) + o Montgomery multiplication may produce incorrect results (CVE-2016-7055) + + Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016] + + o Missing CRL sanity check (CVE-2016-7052) + + Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016] + + o OCSP Status Request extension unbounded memory growth (CVE-2016-6304) + o SWEET32 Mitigation (CVE-2016-2183) + o OOB write in MDC2_Update() (CVE-2016-6303) + o Malformed SHA512 ticket DoS (CVE-2016-6302) + o OOB write in BN_bn2dec() (CVE-2016-2182) + o OOB read in TS_OBJ_print_bio() (CVE-2016-2180) + o Pointer arithmetic undefined behaviour (CVE-2016-2177) + o Constant time flag not preserved in DSA signing (CVE-2016-2178) + o DTLS buffered message DoS (CVE-2016-2179) + o DTLS replay protection DoS (CVE-2016-2181) + o Certificate message OOB reads (CVE-2016-6306) + + Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] + + o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107) + o Fix EVP_EncodeUpdate overflow (CVE-2016-2105) + o Fix EVP_EncryptUpdate overflow (CVE-2016-2106) + o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109) + o EBCDIC overread (CVE-2016-2176) + o Modify behavior of ALPN to invoke callback after SNI/servername + callback, such that updates to the SSL_CTX affect ALPN. + o Remove LOW from the DEFAULT cipher list. This removes singles DES from + the default. + o Only remove the SSLv2 methods with the no-ssl2-method option. + + Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016] + + o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. + o Disable SSLv2 default build, default negotiation and weak ciphers + (CVE-2016-0800) + o Fix a double-free in DSA code (CVE-2016-0705) + o Disable SRP fake user seed to address a server memory leak + (CVE-2016-0798) + o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption + (CVE-2016-0797) + o Fix memory issues in BIO_*printf functions (CVE-2016-0799) + o Fix side channel attack on modular exponentiation (CVE-2016-0702) + + Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016] + + o DH small subgroups (CVE-2016-0701) + o SSLv2 doesn't block disabled ciphers (CVE-2015-3197) + + Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] + + o BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) + o Certificate verify crash with missing PSS parameter (CVE-2015-3194) + o X509_ATTRIBUTE memory leak (CVE-2015-3195) + o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs + o In DSA_generate_parameters_ex, if the provided seed is too short, + return an error + + Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015] + + o Alternate chains certificate forgery (CVE-2015-1793) + o Race condition handling PSK identify hint (CVE-2015-3196) + + Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] + + o Fix HMAC ABI incompatibility + + Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] + + o Malformed ECParameters causes infinite loop (CVE-2015-1788) + o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) + o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) + o CMS verify infinite loop with unknown hash function (CVE-2015-1792) + o Race condition handling NewSessionTicket (CVE-2015-1791) + + Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] + + o OpenSSL 1.0.2 ClientHello sigalgs DoS fix (CVE-2015-0291) + o Multiblock corrupted pointer fix (CVE-2015-0290) + o Segmentation fault in DTLSv1_listen fix (CVE-2015-0207) + o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) + o Segmentation fault for invalid PSS parameters fix (CVE-2015-0208) + o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) + o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) + o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) + o Empty CKE with client auth and DHE fix (CVE-2015-1787) + o Handshake with unseeded PRNG fix (CVE-2015-0285) + o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) + o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) + o Removed the export ciphers from the DEFAULT ciphers + + Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]: o Suite B support for TLS 1.2 and DTLS 1.2 o Support for DTLS 1.2 @@ -21,6 +121,55 @@ o ALPN support. o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH. + Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] + + o Build fixes for the Windows and OpenVMS platforms + + Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] + + o Fix for CVE-2014-3571 + o Fix for CVE-2015-0206 + o Fix for CVE-2014-3569 + o Fix for CVE-2014-3572 + o Fix for CVE-2015-0204 + o Fix for CVE-2015-0205 + o Fix for CVE-2014-8275 + o Fix for CVE-2014-3570 + + Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] + + o Fix for CVE-2014-3513 + o Fix for CVE-2014-3567 + o Mitigation for CVE-2014-3566 (SSL protocol vulnerability) + o Fix for CVE-2014-3568 + + Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] + + o Fix for CVE-2014-3512 + o Fix for CVE-2014-3511 + o Fix for CVE-2014-3510 + o Fix for CVE-2014-3507 + o Fix for CVE-2014-3506 + o Fix for CVE-2014-3505 + o Fix for CVE-2014-3509 + o Fix for CVE-2014-5139 + o Fix for CVE-2014-3508 + + Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] + + o Fix for CVE-2014-0224 + o Fix for CVE-2014-0221 + o Fix for CVE-2014-0198 + o Fix for CVE-2014-0195 + o Fix for CVE-2014-3470 + o Fix for CVE-2010-5298 + + Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014] + + o Fix for CVE-2014-0160 + o Add TLS padding extension workaround for broken servers. + o Fix for CVE-2014-0076 + Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] o Don't include gmt_unix_time in TLS server and client random values @@ -70,19 +219,6 @@ o Preliminary FIPS capability for unvalidated 2.0 FIPS module. o SRP support. - Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]: - - o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 - o Fix OCSP bad key DoS attack CVE-2013-0166 - - Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]: - - o Fix DTLS record length checking bug CVE-2012-2333 - - Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]: - - o Fix for ASN1 overflow bug CVE-2012-2110 - Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]: o Fix for CMS/PKCS#7 MMA CVE-2012-0884 @@ -155,62 +291,6 @@ o Opaque PRF Input TLS extension support. o Updated time routines to avoid OS limitations. - Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]: - - o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 - o Fix OCSP bad key DoS attack CVE-2013-0166 - - Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]: - - o Fix DTLS record length checking bug CVE-2012-2333 - - Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]: - - o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110) - - Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]: - - o Fix for ASN1 overflow bug CVE-2012-2110 - - Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]: - - o Fix for CMS/PKCS#7 MMA CVE-2012-0884 - o Corrected fix for CVE-2011-4619 - o Various DTLS fixes. - - Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]: - - o Fix for DTLS DoS issue CVE-2012-0050 - - Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]: - - o Fix for DTLS plaintext recovery attack CVE-2011-4108 - o Fix policy check double free error CVE-2011-4109 - o Clear block padding bytes of SSL 3.0 records CVE-2011-4576 - o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619 - o Check for malformed RFC3779 data CVE-2011-4577 - - Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]: - - o Fix for security issue CVE-2011-0014 - - Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]: - - o Fix for security issue CVE-2010-4180 - o Fix for CVE-2010-4252 - - Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]: - - o Fix for security issue CVE-2010-3864. - - Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]: - - o Fix for security issue CVE-2010-0742. - o Various DTLS fixes. - o Recognise SHA2 certificates if only SSL algorithms added. - o Fix for no-rc4 compilation. - o Chil ENGINE unload workaround. - Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]: o CFB cipher definition fixes.