]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ebd24b3)
Update CHANGES.md and NEWS.md for new release
authorMatt Caswell <matt@openssl.org>
Mon, 29 Jan 2024 16:19:24 +0000 (16:19 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 30 Jan 2024 12:59:06 +0000 (12:59 +0000)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
(Merged from https://github.com/openssl/openssl/pull/23423)

(cherry picked from commit 6782406c069c3146cf7b5026811e3935e84e3ab8)

CHANGES.md patch | blob | blame | history
NEWS.md patch | blob | blame | history

diff --git a/CHANGES.md b/CHANGES.md
index 2ba6c9807722dd44a0cdb30c641e0a78579358e0..4cef2556fd23ee5e44526a23e282af81f40dfc3a 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,6 +30,26 @@ breaking changes, and mappings for the large list of deprecated functions.
 
 ### Changes between 3.0.12 and 3.0.13 [xx XXX xxxx]
 
+ * A file in PKCS12 format can contain certificates and keys and may come from
+   an untrusted source. The PKCS12 specification allows certain fields to be
+   NULL, but OpenSSL did not correctly check for this case. A fix has been
+   applied to prevent a NULL pointer dereference that results in OpenSSL
+   crashing. If an application processes PKCS12 files from an untrusted source
+   using the OpenSSL APIs then that application will be vulnerable to this
+   issue prior to this fix.
+
+   OpenSSL APIs that were vulnerable to this are: PKCS12_parse(),
+   PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()
+   and PKCS12_newpass().
+
+   We have also fixed a similar issue in SMIME_write_PKCS7(). However since this
+   function is related to writing data we do not consider it security
+   significant.
+
+   ([CVE-2024-0727])
+
+   *Matt Caswell*
+
  * When function EVP_PKEY_public_check() is called on RSA public keys,
    a computation is done to confirm that the RSA modulus, n, is composite.
    For valid RSA keys, n is a product of two or more large primes and this
@@ -19804,6 +19824,7 @@ ndif
 
 <!-- Links -->
 
+[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
 [CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
 [CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
diff --git a/NEWS.md b/NEWS.md
index 550464a4114a8feb65a01f37670b23604ba58660..6acb0a073c3e096f8b6c9b38044f9c08988f1588 100644 (file)
--- a/NEWS.md
+++ b/NEWS.md
@@ -20,6 +20,8 @@ OpenSSL 3.0
 
 ### Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [under development]
 
+  * Fixed PKCS12 Decoding crashes
+    ([CVE-2024-0727])
   * Fixed Excessive time spent checking invalid RSA public keys
     ([CVE-2023-6237])
   * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
@@ -1468,6 +1470,7 @@ OpenSSL 0.9.x
 
 <!-- Links -->
 
+[CVE-2024-0727]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-0727
 [CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
 [CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
Mirror of https://github.com/openssl/openssl.git