]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
33dd0832 | 5 | Changes between 1.0.2c and 1.0.2d [9 Jul 2015] |
54ae378c | 6 | |
5627e0f7 MC |
7 | *) Alternate chains certificate forgery |
8 | ||
9 | During certificate verfification, OpenSSL will attempt to find an | |
10 | alternative certificate chain if the first attempt to build such a chain | |
11 | fails. An error in the implementation of this logic can mean that an | |
12 | attacker could cause certain checks on untrusted certificates to be | |
13 | bypassed, such as the CA flag, enabling them to use a valid leaf | |
14 | certificate to act as a CA and "issue" an invalid certificate. | |
15 | ||
16 | This issue was reported to OpenSSL by Adam Langley/David Benjamin | |
17 | (Google/BoringSSL). | |
18 | [Matt Caswell] | |
54ae378c | 19 | |
0ee5fcde | 20 | Changes between 1.0.2b and 1.0.2c [12 Jun 2015] |
b6ed9917 | 21 | |
d4c17638 MC |
22 | *) Fix HMAC ABI incompatibility. The previous version introduced an ABI |
23 | incompatibility in the handling of HMAC. The previous ABI has now been | |
24 | restored. | |
b6ed9917 | 25 | |
7b560c17 | 26 | Changes between 1.0.2a and 1.0.2b [11 Jun 2015] |
0d6d10d9 | 27 | |
ab17f6b7 MC |
28 | *) Malformed ECParameters causes infinite loop |
29 | ||
30 | When processing an ECParameters structure OpenSSL enters an infinite loop | |
31 | if the curve specified is over a specially malformed binary polynomial | |
32 | field. | |
33 | ||
34 | This can be used to perform denial of service against any | |
35 | system which processes public keys, certificate requests or | |
36 | certificates. This includes TLS clients and TLS servers with | |
37 | client authentication enabled. | |
38 | ||
39 | This issue was reported to OpenSSL by Joseph Barr-Pixton. | |
40 | (CVE-2015-1788) | |
41 | [Andy Polyakov] | |
42 | ||
43 | *) Exploitable out-of-bounds read in X509_cmp_time | |
44 | ||
45 | X509_cmp_time does not properly check the length of the ASN1_TIME | |
46 | string and can read a few bytes out of bounds. In addition, | |
47 | X509_cmp_time accepts an arbitrary number of fractional seconds in the | |
48 | time string. | |
49 | ||
50 | An attacker can use this to craft malformed certificates and CRLs of | |
51 | various sizes and potentially cause a segmentation fault, resulting in | |
52 | a DoS on applications that verify certificates or CRLs. TLS clients | |
53 | that verify CRLs are affected. TLS clients and servers with client | |
54 | authentication enabled may be affected if they use custom verification | |
55 | callbacks. | |
56 | ||
57 | This issue was reported to OpenSSL by Robert Swiecki (Google), and | |
58 |