]>
Commit | Line | Data |
---|---|---|
81a6c781 | 1 | |
f1c236f8 | 2 | OpenSSL CHANGES |
651d0aff RE |
3 | _______________ |
4 | ||
db8334be | 5 | Changes between 0.9.8ze and 0.9.8zf [19 Mar 2015] |
ba442a7e | 6 | |
d53f9203 MC |
7 | *) Segmentation fault in ASN1_TYPE_cmp fix |
8 | ||
9 | The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is | |
10 | made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check | |
11 | certificate signature algorithm consistency this can be used to crash any | |
12 | certificate verification operation and exploited in a DoS attack. Any | |
13 | application which performs certificate verification is vulnerable including | |
14 | OpenSSL clients and servers which enable client authentication. | |
15 | (CVE-2015-0286) | |
16 | [Stephen Henson] | |
17 | ||
18 | *) ASN.1 structure reuse memory corruption fix | |
19 | ||
20 | Reusing a structure in ASN.1 parsing may allow an attacker to cause | |
21 | memory corruption via an invalid write. Such reuse is and has been | |
22 | strongly discouraged and is believed to be rare. | |
23 | ||
24 | Applications that parse structures containing CHOICE or ANY DEFINED BY | |
25 | components may be affected. Certificate parsing (d2i_X509 and related | |
26 | functions) are however not affected. OpenSSL clients and servers are | |
27 | not affected. | |
28 | (CVE-2015-0287) | |
29 | [Stephen Henson] | |
30 | ||
31 | *) PKCS7 NULL pointer dereferences fix | |
32 | ||
33 | The PKCS#7 parsing code does not handle missing outer ContentInfo | |
34 | correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with | |
35 | missing content and trigger a NULL pointer dereference on parsing. | |
36 | ||
37 | Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or | |
38 | otherwise parse PKCS#7 structures from untrusted sources are | |
39 | affected. OpenSSL clients and servers are not affected. | |
40 | ||
41 | This issue was reported to OpenSSL by Michal Zalewski (Google). | |
42 | (CVE-2015-0289) | |
43 |