]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
ebe22194 DSH |
5 | Changes between 1.0.1g and 1.0.1h [xx XXX xxxx] |
6 | ||
e622237d | 7 | *) Harmonize version and its documentation. -f flag is used to display |
8 | compilation flags. | |
9 | [mancha <mancha1@zoho.com>] | |
10 | ||
f0816174 | 11 | *) Fix eckey_priv_encode so it immediately returns an error upon a failure |
12 | in i2d_ECPrivateKey. | |
13 | [mancha <mancha1@zoho.com>] | |
14 | ||
9c8dc84a BL |
15 | *) Fix some double frees. These are not thought to be exploitable. |
16 | [mancha <mancha1@zoho.com>] | |
ebe22194 | 17 | |
b2d951e4 | 18 | Changes between 1.0.1f and 1.0.1g [7 Apr 2014] |
a7304e4b | 19 | |
96db9023 DSH |
20 | *) A missing bounds check in the handling of the TLS heartbeat extension |
21 | can be used to reveal up to 64k of memory to a connected client or | |
22 | server. | |
23 | ||
24 | Thanks for Neel Mehta of Google Security for discovering this bug and to | |
25 | Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for | |
26 | preparing the fix (CVE-2014-0160) | |
27 | [Adam Langley, Bodo Moeller] | |
28 | ||
4b7a4ba2 DSH |
29 | *) Fix for the attack described in the paper "Recovering OpenSSL |
30 | ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" | |
31 | by Yuval Yarom and Naomi Benger. Details can be obtained from: | |
32 | http://eprint.iacr.org/2014/140 | |
33 | ||
34 | Thanks to Yuval Yarom and Naomi Benger for discovering this | |
35 | flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076) | |
36 | [Yuval Yarom and Naomi Benger] | |
37 | ||
51624dbd | 38 | *) TLS pad extension: draft-agl-tls-padding-03 |
4a55631e DSH |
39 | |
40 | Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the | |
41 | TLS client Hello record length value would otherwise be > 255 and | |
42 | less that 512 pad with a dummy extension containing zeroes so it | |
43 | is at least 512 bytes long. | |
44 | ||
4a55631e | 45 | [Adam Langley, Steve Henson] |
a7304e4b | 46 | |
0d877634 | 47 | Changes between 1.0.1e and 1.0.1f [6 Jan 2014] |
3151e328 | 48 | |
197e0ea8 DSH |
49 | *) Fix for TLS record tampering bug. A carefully crafted invalid |
50 | handshake could crash OpenSSL with a NULL pointer exception. | |
51 | Thanks to Anton Johansson for reporting this issues. | |
52 | (CVE-2013-4353) | |
53 | ||
34628967 DSH |
54 | *) Keep original DTLS digest and encryption contexts in retransmission |
55 | structures so we can use the previous session parameters if they need | |
56 | to be resent. (CVE-2013-6450) | |
57 | [Steve Henson] | |
58 | ||
13bca90a RS |
59 | *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which |
60 | avoids preferring ECDHE-ECDSA ciphers when the client appears to be | |
61 | Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for | |
62 | several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug | |
63 | is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing | |
64 | 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer. | |
65 | [Rob Stradling, Adam Langley] | |
3151e328 | 66 | |
f66db68e | 67 | Changes between 1.0.1d and 1.0.1e [11 Feb 2013] |
41cf07f0 | 68 | |
625a5532 DSH |
69 | *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI |
70 | supporting platforms or when small records were transferred. | |
71 | [Andy Polyakov, Steve Henson] | |
41cf07f0 | 72 | |
df0d9356 | 73 | Changes between 1.0.1c and 1.0.1d [5 Feb 2013] |
d9c34505 | 74 | |
df0d9356 | 75 | *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time. |
f1ca56a6 DSH |
76 | |
77 | This addresses the flaw in CBC record processing discovered by | |
78 | Nadhem Alfardan and Kenny Paterson. Details of this attack can be found | |
79 | at: http://www.isg.rhul.ac.uk/tls/ | |
80 | ||
81 | Thanks go to Nadhem Alfardan and Kenny Paterson of the Information | |
82 | Security Group at Royal Holloway, University of London | |
83 | (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and | |
84 |