]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
0d6d10d9 MC |
5 | Changes between 1.0.2a and 1.0.2b [xx XXX xxxx] |
6 | ||
7 | *) | |
8 | ||
3df69d3a | 9 | Changes between 1.0.2 and 1.0.2a [19 Mar 2015] |
06aab268 | 10 | |
da947c97 MC |
11 | *) ClientHello sigalgs DoS fix |
12 | ||
13 | If a client connects to an OpenSSL 1.0.2 server and renegotiates with an | |
14 | invalid signature algorithms extension a NULL pointer dereference will | |
15 | occur. This can be exploited in a DoS attack against the server. | |
16 | ||
17 | This issue was was reported to OpenSSL by David Ramos of Stanford | |
18 | University. | |
19 | (CVE-2015-0291) | |
20 | [Stephen Henson and Matt Caswell] | |
21 | ||
22 | *) Multiblock corrupted pointer fix | |
23 | ||
24 | OpenSSL 1.0.2 introduced the "multiblock" performance improvement. This | |
25 | feature only applies on 64 bit x86 architecture platforms that support AES | |
26 | NI instructions. A defect in the implementation of "multiblock" can cause | |
27 | OpenSSL's internal write buffer to become incorrectly set to NULL when | |
28 | using non-blocking IO. Typically, when the user application is using a | |
29 | socket BIO for writing, this will only result in a failed connection. | |
30 | However if some other BIO is used then it is likely that a segmentation | |
31 | fault will be triggered, thus enabling a potential DoS attack. | |
32 | ||
33 | This issue was reported to OpenSSL by Daniel Danner and Rainer Mueller. | |
34 | (CVE-2015-0290) | |
35 | [Matt Caswell] | |
36 | ||
37 | *) Segmentation fault in DTLSv1_listen fix | |
38 | ||
39 | The DTLSv1_listen function is intended to be stateless and processes the | |
40 | initial ClientHello from many peers. It is common for user code to loop | |
41 | over the call to DTLSv1_listen until a valid ClientHello is received with | |
42 | an associated cookie. A defect in the implementation of DTLSv1_listen means | |
43 | that state is preserved in the SSL object from one invocation to the next | |
44 | that can lead to a segmentation fault. Errors processing the initial | |
45 | ClientHello can trigger this scenario. An example of such an error could be | |
46 | that a DTLS1.0 only client is attempting to connect to a DTLS1.2 only | |
47 | server. | |
48 | ||
49 | This issue was reported to OpenSSL by Per Allansson. | |
50 | (CVE-2015-0207) | |
51 | [Matt Caswell] | |
52 | ||
53 | *) Segmentation fault in ASN1_TYPE_cmp fix | |
54 | ||
55 | The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is | |
56 | made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check | |
57 | certificate signature algorithm consistency this can be used to crash any | |
58 | certificate verification operation and exploited in a DoS attack. Any | |
59 | application which performs certificate verification is vulnerable including | |
60 | OpenSSL clients and servers which enable client authentication. | |
61 | (CVE-2015-0286) | |
62 | [Stephen Henson] | |
63 | ||
64 | *) Segmentation fault for invalid PSS parameters fix | |
65 | ||
66 | The signature verification routines will crash with a NULL pointer | |
67 | dereference if presented with an ASN.1 signature using the RSA PSS | |
68 | algorithm and invalid parameters. Since these routines are used to verify | |
69 | certificate signature algorithms this can be used to crash any | |
70 | certificate verification operation and exploited in a DoS attack. Any | |
71 | application which performs certificate verification is vulnerable including | |
72 | OpenSSL clients and servers which enable client authentication. | |
73 | ||
74 | This issue was was reported to OpenSSL by Brian Carpenter. | |
75 | (CVE-2015-0208) | |
76 | [Stephen Henson] | |
77 | ||
78 | *) ASN.1 structure reuse memory corruption fix | |
79 | ||
80 | Reusing a structure in ASN.1 parsing may allow an attacker to cause | |
81 | memory corruption via an invalid write. Such reuse is and has been | |
82 | strongly discouraged and is believed to be rare. | |
83 | ||
84 | Applications that parse structures containing CHOICE or ANY DEFINED BY | |
85 | components may be affected. Certificate parsing (d2i_X509 and related | |
86 | functions) are however not affected. OpenSSL clients and servers are | |
87 | not affected. | |
88 | (CVE-2015-0287) | |
89 | [Stephen Henson] | |
90 | ||
91 | *) PKCS7 NULL pointer dereferences fix | |
92 | ||
93 | The PKCS#7 parsing code does not handle missing outer ContentInfo | |
94 | correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with | |
95 | missing content and trigger a NULL pointer dereference on parsing. | |
96 | ||
97 | Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or | |
98 | otherwise parse PKCS#7 structures from untrusted sources are | |
99 | affected. OpenSSL clients and servers are not affected. | |
100 | ||
101 | This issue was reported to OpenSSL by Michal Zalewski (Google). | |
102 | (CVE-2015-0289) | |
103 |