]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
74743418 MC |
5 | Changes between 0.9.8zh and 0.9.8zi [xx XXX xxxx] |
6 | ||
7 | *) | |
8 | ||
c2ef6710 | 9 | Changes between 0.9.8zg and 0.9.8zh [3 Dec 2015] |
2c9dfa18 | 10 | |
35c8d0d8 MC |
11 | *) X509_ATTRIBUTE memory leak |
12 | ||
13 | When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak | |
14 | memory. This structure is used by the PKCS#7 and CMS routines so any | |
15 | application which reads PKCS#7 or CMS data from untrusted sources is | |
16 | affected. SSL/TLS is not affected. | |
17 | ||
18 | This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using | |
19 | libFuzzer. | |
20 | (CVE-2015-3195) | |
21 | [Stephen Henson] | |
2c9dfa18 | 22 | |
0823ddc5 | 23 | Changes between 0.9.8zf and 0.9.8zg [11 Jun 2015] |
79cc5417 | 24 | |
ad656796 MC |
25 | *) Malformed ECParameters causes infinite loop |
26 | ||
27 | When processing an ECParameters structure OpenSSL enters an infinite loop | |
28 | if the curve specified is over a specially malformed binary polynomial | |
29 | field. | |
30 | ||
31 | This can be used to perform denial of service against any | |
32 | system which processes public keys, certificate requests or | |
33 | certificates. This includes TLS clients and TLS servers with | |
34 | client authentication enabled. | |
35 | ||
36 | This issue was reported to OpenSSL by Joseph Barr-Pixton. | |
37 | (CVE-2015-1788) | |
38 | [Andy Polyakov] | |
39 | ||
40 | *) Exploitable out-of-bounds read in X509_cmp_time | |
41 | ||
42 | X509_cmp_time does not properly check the length of the ASN1_TIME | |
43 | string and can read a few bytes out of bounds. In addition, | |
44 | X509_cmp_time accepts an arbitrary number of fractional seconds in the | |
45 | time string. | |
46 | ||
47 | An attacker can use this to craft malformed certificates and CRLs of | |
48 | various sizes and potentially cause a segmentation fault, resulting in | |
49 | a DoS on applications that verify certificates or CRLs. TLS clients | |
50 | that verify CRLs are affected. TLS clients and servers with client | |
51 | authentication enabled may be affected if they use custom verification | |
52 | callbacks. | |
53 | ||
54 | This issue was reported to OpenSSL by Robert Swiecki (Google), and | |
55 |