TLS/SSL and crypto library
Révision | 6545372c249d287687bbb8dec80ee76b0e7cac43 (tree) |
---|---|
l'heure | 2011-02-09 02:10:53 |
Auteur | Bodo Möller <bodo@open...> |
Commiter | Bodo Möller |
OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
@@ -2,7 +2,10 @@ | ||
2 | 2 | OpenSSL CHANGES |
3 | 3 | _______________ |
4 | 4 | |
5 | - Changes between 1.0.0c and 1.0.0d [xx XXX xxxx] | |
5 | + Changes between 1.0.0c and 1.0.0d [8 Feb 2011] | |
6 | + | |
7 | + *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014 | |
8 | + [Neel Mehta, Adam Langley, Bodo Moeller (Google)] | |
6 | 9 | |
7 | 10 | *) Fix bug in string printing code: if *any* escaping is enabled we must |
8 | 11 | escape the escape character (backslash) or the resulting string is |
@@ -879,11 +882,34 @@ | ||
879 | 882 | *) Change 'Configure' script to enable Camellia by default. |
880 | 883 | [NTT] |
881 | 884 | |
882 | - Changes between 0.9.8o and 0.9.8p [xx XXX xxxx] | |
885 | + Changes between 0.9.8q and 0.9.8r [8 Feb 2011] | |
886 | + | |
887 | + *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014 | |
888 | + [Neel Mehta, Adam Langley, Bodo Moeller (Google)] | |
889 | + | |
890 | + *) Fix bug in string printing code: if *any* escaping is enabled we must | |
891 | + escape the escape character (backslash) or the resulting string is | |
892 | + ambiguous. | |
893 | + [Steve Henson] | |
894 | + | |
895 | + Changes between 0.9.8p and 0.9.8q [2 Dec 2010] | |
896 | + | |
897 | + *) Disable code workaround for ancient and obsolete Netscape browsers | |
898 | + and servers: an attacker can use it in a ciphersuite downgrade attack. | |
899 | + Thanks to Martin Rex for discovering this bug. CVE-2010-4180 | |
900 | + [Steve Henson] | |
901 | + | |
902 | + *) Fixed J-PAKE implementation error, originally discovered by | |
903 | + Sebastien Martini, further info and confirmation from Stefan | |
904 | + Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252 | |
905 | + [Ben Laurie] | |
906 | + | |
907 | + Changes between 0.9.8o and 0.9.8p [16 Nov 2010] | |
883 | 908 | |
884 | 909 | *) Fix extension code to avoid race conditions which can result in a buffer |
885 | 910 | overrun vulnerability: resumed sessions must not be modified as they can |
886 | 911 | be shared by multiple threads. CVE-2010-3864 |
912 | + [Steve Henson] | |
887 | 913 | |
888 | 914 | *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939 |
889 | 915 | [Steve Henson] |
@@ -82,7 +82,7 @@ OpenSSL - Frequently Asked Questions | ||
82 | 82 | * Which is the current version of OpenSSL? |
83 | 83 | |
84 | 84 | The current version is available from <URL: http://www.openssl.org>. |
85 | -OpenSSL 1.0.0c was released on Dec 2nd, 2010. | |
85 | +OpenSSL 1.0.0d was released on Feb 8th, 2011. | |
86 | 86 | |
87 | 87 | In addition to the current stable release, you can also access daily |
88 | 88 | snapshots of the OpenSSL development version at <URL: |
@@ -12,7 +12,7 @@ | ||
12 | 12 | --------------- |
13 | 13 | |
14 | 14 | /* ==================================================================== |
15 | - * Copyright (c) 1998-2008 The OpenSSL Project. All rights reserved. | |
15 | + * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. | |
16 | 16 | * |
17 | 17 | * Redistribution and use in source and binary forms, with or without |
18 | 18 | * modification, are permitted provided that the following conditions |
@@ -5,6 +5,10 @@ | ||
5 | 5 | This file gives a brief overview of the major changes between each OpenSSL |
6 | 6 | release. For more details please read the CHANGES file. |
7 | 7 | |
8 | + Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d: | |
9 | + | |
10 | + o Fix for security issue CVE-2011-0014 | |
11 | + | |
8 | 12 | Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c: |
9 | 13 | |
10 | 14 | o Fix for security issue CVE-2010-4180 |
@@ -47,6 +51,10 @@ | ||
47 | 51 | o Opaque PRF Input TLS extension support. |
48 | 52 | o Updated time routines to avoid OS limitations. |
49 | 53 | |
54 | + Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r: | |
55 | + | |
56 | + o Fix for security issue CVE-2011-0014 | |
57 | + | |
50 | 58 | Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q: |
51 | 59 | |
52 | 60 | o Fix for security issue CVE-2010-4180 |
@@ -1,7 +1,7 @@ | ||
1 | 1 | |
2 | - OpenSSL 1.0.0d-dev | |
2 | + OpenSSL 1.0.0d | |
3 | 3 | |
4 | - Copyright (c) 1998-2010 The OpenSSL Project | |
4 | + Copyright (c) 1998-2011 The OpenSSL Project | |
5 | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
6 | 6 | All rights reserved. |
7 | 7 |
@@ -1,14 +1,20 @@ | ||
1 | 1 | |
2 | 2 | OpenSSL STATUS Last modified at |
3 | - ______________ $Date: 2010/12/02 18:29:03 $ | |
3 | + ______________ $Date: 2011/02/08 17:10:52 $ | |
4 | 4 | |
5 | 5 | DEVELOPMENT STATE |
6 | 6 | |
7 | 7 | o OpenSSL 1.1.0: Under development... |
8 | + o OpenSSL 1.0.1: Under development... | |
9 | + o OpenSSL 1.0.0d: Released on February 8nd, 2011 | |
8 | 10 | o OpenSSL 1.0.0c: Released on December 2nd, 2010 |
9 | 11 | o OpenSSL 1.0.0b: Released on November 16th, 2010 |
10 | 12 | o OpenSSL 1.0.0a: Released on June 1st, 2010 |
11 | 13 | o OpenSSL 1.0.0: Released on March 29th, 2010 |
14 | + o OpenSSL 0.9.8r: Released on February 8nd, 2011 | |
15 | + o OpenSSL 0.9.8q: Released on December 2nd, 2010 | |
16 | + o OpenSSL 0.9.8p: Released on November 16th, 2010 | |
17 | + o OpenSSL 0.9.8o: Released on June 1st, 2010 | |
12 | 18 | o OpenSSL 0.9.8n: Released on March 24th, 2010 |
13 | 19 | o OpenSSL 0.9.8m: Released on February 25th, 2010 |
14 | 20 | o OpenSSL 0.9.8l: Released on November 5th, 2009 |
@@ -25,11 +25,11 @@ | ||
25 | 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
26 | 26 | * major minor fix final patch/beta) |
27 | 27 | */ |
28 | -#define OPENSSL_VERSION_NUMBER 0x10000040L | |
28 | +#define OPENSSL_VERSION_NUMBER 0x1000004fL | |
29 | 29 | #ifdef OPENSSL_FIPS |
30 | -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0d-fips-dev xx XXX xxxx" | |
30 | +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0d-fips 8 Feb 2011" | |
31 | 31 | #else |
32 | -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0d-dev xx XXX xxxx" | |
32 | +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0d 8 Feb 2011" | |
33 | 33 | #endif |
34 | 34 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
35 | 35 |
@@ -9,8 +9,8 @@ Release: 1 | ||
9 | 9 | |
10 | 10 | Summary: Secure Sockets Layer and cryptography libraries and tools |
11 | 11 | Name: openssl |
12 | -Version: %{libmaj}.%{libmin}.%{librel} | |
13 | -#Version: %{libmaj}.%{libmin}.%{librel}%{librev} | |
12 | +#Version: %{libmaj}.%{libmin}.%{librel} | |
13 | +Version: %{libmaj}.%{libmin}.%{librel}%{librev} | |
14 | 14 | Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz |
15 | 15 | Copyright: Freely distributable |
16 | 16 | Group: System Environment/Libraries |
@@ -917,6 +917,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in | ||
917 | 917 | } |
918 | 918 | n2s(data, idsize); |
919 | 919 | dsize -= 2 + idsize; |
920 | + size -= 2 + idsize; | |
920 | 921 | if (dsize < 0) |
921 | 922 | { |
922 | 923 | *al = SSL_AD_DECODE_ERROR; |
@@ -955,9 +956,14 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in | ||
955 | 956 | } |
956 | 957 | |
957 | 958 | /* Read in request_extensions */ |
959 | + if (size < 2) | |
960 | + { | |
961 | + *al = SSL_AD_DECODE_ERROR; | |
962 | + return 0; | |
963 | + } | |
958 | 964 | n2s(data,dsize); |
959 | 965 | size -= 2; |
960 | - if (dsize > size) | |
966 | + if (dsize != size) | |
961 | 967 | { |
962 | 968 | *al = SSL_AD_DECODE_ERROR; |
963 | 969 | return 0; |
@@ -391,7 +391,7 @@ foreach $lib (keys %csrc) | ||
391 | 391 | } else { |
392 | 392 | push @out, |
393 | 393 | "/* ====================================================================\n", |
394 | -" * Copyright (c) 2001-2010 The OpenSSL Project. All rights reserved.\n", | |
394 | +" * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.\n", | |
395 | 395 | " *\n", |
396 | 396 | " * Redistribution and use in source and binary forms, with or without\n", |
397 | 397 | " * modification, are permitted provided that the following conditions\n", |