[openssl-commits] [web] master update
Matt Caswell
matt at openssl.org
Thu Jun 11 14:39:07 UTC 2015
The branch master has been updated
via ad1b4eeeeb7c92e089bb0e7db0ef9041433f5a28 (commit)
from f7dd814fc51f0d7968805efb5f0df4ffbe546ab3 (commit)
- Log -----------------------------------------------------------------
commit ad1b4eeeeb7c92e089bb0e7db0ef9041433f5a28
Author: Matt Caswell <matt at openssl.org>
Date: Thu Jun 11 15:33:28 2015 +0100
Updates for new release
-----------------------------------------------------------------------
Summary of changes:
news/newsflash.txt | 5 +
news/secadv_20150611.txt | 186 +++++++++++++++++++
news/vulnerabilities.xml | 467 ++++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 657 insertions(+), 1 deletion(-)
create mode 100644 news/secadv_20150611.txt
diff --git a/news/newsflash.txt b/news/newsflash.txt
index 889b480..72c9804 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -1,3 +1,8 @@
+11-Jun-2015: <a href="ROOT/news/secadv_20150611.txt">Security Advisory</a>: five security fixes
+11-Jun-2015: OpenSSL 1.0.2b is now <a href="ROOT/source/">available</a>, including bug and security fixes
+11-Jun-2015: OpenSSL 1.0.1n is now <a href="ROOT/source/">available</a>, including bug and security fixes
+11-Jun-2015: OpenSSL 1.0.0s is now <a href="ROOT/source/">available</a>, including bug and security fixes
+11-Jun-2015: OpenSSL 0.9.8zg is now <a href="ROOT/source/">available</a>, including bug and security fixes
19-Mar-2015: <a href="ROOT/news/secadv_20150319.txt">Security Advisory</a>: twelve security fixes
19-Mar-2015: OpenSSL 1.0.2a is now <a href="ROOT/source/">available</a>, including bug and security fixes
19-Mar-2015: OpenSSL 1.0.1m is now <a href="ROOT/source/">available</a>, including bug and security fixes
diff --git a/news/secadv_20150611.txt b/news/secadv_20150611.txt
new file mode 100644
index 0000000..2b23648
--- /dev/null
+++ b/news/secadv_20150611.txt
@@ -0,0 +1,186 @@
+OpenSSL Security Advisory [11 Jun 2015]
+=======================================
+
+DHE man-in-the-middle protection (Logjam)
+====================================================================
+
+A vulnerability in the TLS protocol allows a man-in-the-middle
+attacker to downgrade vulnerable TLS connections using ephemeral
+Diffie-Hellman key exchange to 512-bit export-grade cryptography. This
+vulnerability is known as Logjam (CVE-2015-4000).
+
+OpenSSL has added protection for TLS clients by rejecting handshakes
+with DH parameters shorter than 768 bits. This limit will be increased
+to 1024 bits in a future release.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+
+Fixes for this issue were developed by Emilia Käsper and Kurt Roeckx
+of the OpenSSL development team.
+
+Malformed ECParameters causes infinite loop (CVE-2015-1788)
+===========================================================
+
+Severity: Moderate
+
+When processing an ECParameters structure OpenSSL enters an infinite loop if
+the curve specified is over a specially malformed binary polynomial field.
+
+This can be used to perform denial of service against any
+system which processes public keys, certificate requests or
+certificates. This includes TLS clients and TLS servers with
+client authentication enabled.
+
+This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent
+1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are
+affected.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s
+OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The
+fix was developed by Andy Polyakov of the OpenSSL development team.
+
+Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
+===============================================================
+
+Severity: Moderate
+
+X509_cmp_time does not properly check the length of the ASN1_TIME
+string and can read a few bytes out of bounds. In addition,
+X509_cmp_time accepts an arbitrary number of fractional seconds in the
+time string.
+
+An attacker can use this to craft malformed certificates and CRLs of
+various sizes and potentially cause a segmentation fault, resulting in
+a DoS on applications that verify certificates or CRLs. TLS clients
+that verify CRLs are affected. TLS clients and servers with client
+authentication enabled may be affected if they use custom verification
+callbacks.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki
+(Google), and independently on 11th April 2015 by Hanno Böck. The fix
+was developed by Emilia Käsper of the OpenSSL development team.
+
+PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
+=========================================================
+
+Severity: Moderate
+
+The PKCS#7 parsing code does not handle missing inner EncryptedContent
+correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
+with missing content and trigger a NULL pointer dereference on parsing.
+
+Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
+structures from untrusted sources are affected. OpenSSL clients and
+servers are not affected.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 18th April 2015 by Michal
+Zalewski (Google). The fix was developed by Emilia Käsper of the
+OpenSSL development team.
+
+CMS verify infinite loop with unknown hash function (CVE-2015-1792)
+===================================================================
+
+Severity: Moderate
+
+When verifying a signedData message the CMS code can enter an infinite loop
+if presented with an unknown hash function OID.
+
+This can be used to perform denial of service against any system which
+verifies signedData messages using the CMS code.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The
+fix was developed by Dr. Stephen Henson of the OpenSSL development team.
+
+Race condition handling NewSessionTicket (CVE-2015-1791)
+========================================================
+
+Severity: Low
+
+If a NewSessionTicket is received by a multi-threaded client when attempting to
+reuse a previous ticket then a race condition can occur potentially leading to
+a double free of the ticket data.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was discovered by Emilia Käsper of the OpenSSL development team. The
+fix was developed by Matt Caswell of the OpenSSL development team.
+
+Invalid free in DTLS (CVE-2014-8176)
+====================================
+
+Severity: Moderate
+
+This vulnerability does not affect current versions of OpenSSL. It
+existed in previous OpenSSL versions and was fixed in June 2014.
+
+If a DTLS peer receives application data between the ChangeCipherSpec
+and Finished messages, buffering of such data may cause an invalid
+free, resulting in a segmentation fault or potentially, memory
+corruption.
+
+This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
+OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m.
+OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
+
+This issue was originally reported on March 28th 2014 in
+https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen
+Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert
+(Google). A fix was developed by zhu qun-ying.
+
+The fix for this issue can be identified by commits bcc31166 (1.0.1),
+b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
+
+Note
+====
+
+As per our previous announcements and our Release Strategy
+(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions
+1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these
+releases will be provided after that date. Users of these releases are advised
+to upgrade.
+
+References
+==========
+
+URL for this Security Advisory:
+https://www.openssl.org/news/secadv_20150611.txt
+
+Note: the online version of the advisory may be updated with additional
+details over time.
+
+For details of OpenSSL severity classifications please see:
+https://www.openssl.org/about/secpolicy.html
+
diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index 2c907c9..a222fba 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -5,7 +5,472 @@
1.0.0 on 20100329
-->
-<security updated="20150319">
+<security updated="20150611">
+ <issue public="20150611">
+ <cve name="CVE-2015-1788"/>
+ <affects base="0.9.8" version="0.9.8"/>
+ <affects base="0.9.8" version="0.9.8a"/>
+ <affects base="0.9.8" version="0.9.8b"/>
+ <affects base="0.9.8" version="0.9.8c"/>
+ <affects base="0.9.8" version="0.9.8d"/>
+ <affects base="0.9.8" version="0.9.8e"/>
+ <affects base="0.9.8" version="0.9.8f"/>
+ <affects base="0.9.8" version="0.9.8g"/>
+ <affects base="0.9.8" version="0.9.8h"/>
+ <affects base="0.9.8" version="0.9.8i"/>
+ <affects base="0.9.8" version="0.9.8j"/>
+ <affects base="0.9.8" version="0.9.8k"/>
+ <affects base="0.9.8" version="0.9.8l"/>
+ <affects base="0.9.8" version="0.9.8m"/>
+ <affects base="0.9.8" version="0.9.8n"/>
+ <affects base="0.9.8" version="0.9.8o"/>
+ <affects base="0.9.8" version="0.9.8p"/>
+ <affects base="0.9.8" version="0.9.8q"/>
+ <affects base="0.9.8" version="0.9.8r"/>
+ <affects base="1.0.0" version="1.0.0"/>
+ <affects base="1.0.0" version="1.0.0a"/>
+ <affects base="1.0.0" version="1.0.0b"/>
+ <affects base="1.0.0" version="1.0.0c"/>
+ <affects base="1.0.0" version="1.0.0d"/>
+ <affects base="1.0.1" version="1.0.1"/>
+ <affects base="1.0.1" version="1.0.1a"/>
+ <affects base="1.0.1" version="1.0.1b"/>
+ <affects base="1.0.1" version="1.0.1c"/>
+ <affects base="1.0.1" version="1.0.1d"/>
+ <affects base="1.0.1" version="1.0.1e"/>
+ <affects base="1.0.1" version="1.0.1f"/>
+ <affects base="1.0.1" version="1.0.1g"/>
+ <affects base="1.0.1" version="1.0.1h"/>
+ <affects base="1.0.1" version="1.0.1i"/>
+ <affects base="1.0.1" version="1.0.1j"/>
+ <affects base="1.0.1" version="1.0.1k"/>
+ <affects base="1.0.1" version="1.0.1l"/>
+ <affects base="1.0.1" version="1.0.1m"/>
+ <affects base="1.0.2" version="1.0.2"/>
+ <affects base="1.0.2" version="1.0.2a"/>
+ <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+ <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+ <fixed base="1.0.0" version="1.0.0e" date="20110906"/>
+ <fixed base="0.9.8" version="0.9.8s" date="20120104"/>
+
+ <description>
+ When processing an ECParameters structure OpenSSL enters an infinite loop if
+ the curve specified is over a specially malformed binary polynomial field.
+
+ This can be used to perform denial of service against any
+ system which processes public keys, certificate requests or
+ certificates. This includes TLS clients and TLS servers with
+ client authentication enabled.
+ </description>
+ <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+ <reported source="Joseph Birr-Pixton"/>
+ </issue>
+
+ <issue public="20150611">
+ <cve name="CVE-2015-1789"/>
+ <affects base="0.9.8" version="0.9.8"/>
+ <affects base="0.9.8" version="0.9.8a"/>
+ <affects base="0.9.8" version="0.9.8b"/>
+ <affects base="0.9.8" version="0.9.8c"/>
+ <affects base="0.9.8" version="0.9.8d"/>
+ <affects base="0.9.8" version="0.9.8e"/>
+ <affects base="0.9.8" version="0.9.8f"/>
+ <affects base="0.9.8" version="0.9.8g"/>
+ <affects base="0.9.8" version="0.9.8h"/>
+ <affects base="0.9.8" version="0.9.8i"/>
+ <affects base="0.9.8" version="0.9.8j"/>
+ <affects base="0.9.8" version="0.9.8k"/>
+ <affects base="0.9.8" version="0.9.8l"/>
+ <affects base="0.9.8" version="0.9.8m"/>
+ <affects base="0.9.8" version="0.9.8n"/>
+ <affects base="0.9.8" version="0.9.8o"/>
+ <affects base="0.9.8" version="0.9.8p"/>
+ <affects base="0.9.8" version="0.9.8q"/>
+ <affects base="0.9.8" version="0.9.8r"/>
+ <affects base="0.9.8" version="0.9.8s"/>
+ <affects base="0.9.8" version="0.9.8t"/>
+ <affects base="0.9.8" version="0.9.8u"/>
+ <affects base="0.9.8" version="0.9.8v"/>
+ <affects base="0.9.8" version="0.9.8w"/>
+ <affects base="0.9.8" version="0.9.8x"/>
+ <affects base="0.9.8" version="0.9.8y"/>
+ <affects base="0.9.8" version="0.9.8za"/>
+ <affects base="0.9.8" version="0.9.8zb"/>
+ <affects base="0.9.8" version="0.9.8zc"/>
+ <affects base="0.9.8" version="0.9.8zd"/>
+ <affects base="0.9.8" version="0.9.8ze"/>
+ <affects base="0.9.8" version="0.9.8zf"/>
+ <affects base="1.0.0" version="1.0.0"/>
+ <affects base="1.0.0" version="1.0.0a"/>
+ <affects base="1.0.0" version="1.0.0b"/>
+ <affects base="1.0.0" version="1.0.0c"/>
+ <affects base="1.0.0" version="1.0.0d"/>
+ <affects base="1.0.0" version="1.0.0e"/>
+ <affects base="1.0.0" version="1.0.0f"/>
+ <affects base="1.0.0" version="1.0.0g"/>
+ <affects base="1.0.0" version="1.0.0i"/>
+ <affects base="1.0.0" version="1.0.0j"/>
+ <affects base="1.0.0" version="1.0.0k"/>
+ <affects base="1.0.0" version="1.0.0l"/>
+ <affects base="1.0.0" version="1.0.0m"/>
+ <affects base="1.0.0" version="1.0.0n"/>
+ <affects base="1.0.0" version="1.0.0o"/>
+ <affects base="1.0.0" version="1.0.0p"/>
+ <affects base="1.0.0" version="1.0.0q"/>
+ <affects base="1.0.0" version="1.0.0r"/>
+ <affects base="1.0.1" version="1.0.1"/>
+ <affects base="1.0.1" version="1.0.1a"/>
+ <affects base="1.0.1" version="1.0.1b"/>
+ <affects base="1.0.1" version="1.0.1c"/>
+ <affects base="1.0.1" version="1.0.1d"/>
+ <affects base="1.0.1" version="1.0.1e"/>
+ <affects base="1.0.1" version="1.0.1f"/>
+ <affects base="1.0.1" version="1.0.1g"/>
+ <affects base="1.0.1" version="1.0.1h"/>
+ <affects base="1.0.1" version="1.0.1i"/>
+ <affects base="1.0.1" version="1.0.1j"/>
+ <affects base="1.0.1" version="1.0.1k"/>
+ <affects base="1.0.1" version="1.0.1l"/>
+ <affects base="1.0.1" version="1.0.1m"/>
+ <affects base="1.0.2" version="1.0.2"/>
+ <affects base="1.0.2" version="1.0.2a"/>
+ <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+ <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+ <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+ <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+ <description>
+ X509_cmp_time does not properly check the length of the ASN1_TIME
+ string and can read a few bytes out of bounds. In addition,
+ X509_cmp_time accepts an arbitrary number of fractional seconds in the
+ time string.
+
+ An attacker can use this to craft malformed certificates and CRLs of
+ various sizes and potentially cause a segmentation fault, resulting in
+ a DoS on applications that verify certificates or CRLs. TLS clients
+ that verify CRLs are affected. TLS clients and servers with client
+ authentication enabled may be affected if they use custom verification
+ callbacks.
+ </description>
+ <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+ <reported source="Robert Swiecki (Google) and (independently) Hanno Böck"/>
+ </issue>
+
+ <issue public="20150611">
+ <cve name="CVE-2015-1790"/>
+ <affects base="0.9.8" version="0.9.8"/>
+ <affects base="0.9.8" version="0.9.8a"/>
+ <affects base="0.9.8" version="0.9.8b"/>
+ <affects base="0.9.8" version="0.9.8c"/>
+ <affects base="0.9.8" version="0.9.8d"/>
+ <affects base="0.9.8" version="0.9.8e"/>
+ <affects base="0.9.8" version="0.9.8f"/>
+ <affects base="0.9.8" version="0.9.8g"/>
+ <affects base="0.9.8" version="0.9.8h"/>
+ <affects base="0.9.8" version="0.9.8i"/>
+ <affects base="0.9.8" version="0.9.8j"/>
+ <affects base="0.9.8" version="0.9.8k"/>
+ <affects base="0.9.8" version="0.9.8l"/>
+ <affects base="0.9.8" version="0.9.8m"/>
+ <affects base="0.9.8" version="0.9.8n"/>
+ <affects base="0.9.8" version="0.9.8o"/>
+ <affects base="0.9.8" version="0.9.8p"/>
+ <affects base="0.9.8" version="0.9.8q"/>
+ <affects base="0.9.8" version="0.9.8r"/>
+ <affects base="0.9.8" version="0.9.8s"/>
+ <affects base="0.9.8" version="0.9.8t"/>
+ <affects base="0.9.8" version="0.9.8u"/>
+ <affects base="0.9.8" version="0.9.8v"/>
+ <affects base="0.9.8" version="0.9.8w"/>
+ <affects base="0.9.8" version="0.9.8x"/>
+ <affects base="0.9.8" version="0.9.8y"/>
+ <affects base="0.9.8" version="0.9.8za"/>
+ <affects base="0.9.8" version="0.9.8zb"/>
+ <affects base="0.9.8" version="0.9.8zc"/>
+ <affects base="0.9.8" version="0.9.8zd"/>
+ <affects base="0.9.8" version="0.9.8ze"/>
+ <affects base="0.9.8" version="0.9.8zf"/>
+ <affects base="1.0.0" version="1.0.0"/>
+ <affects base="1.0.0" version="1.0.0a"/>
+ <affects base="1.0.0" version="1.0.0b"/>
+ <affects base="1.0.0" version="1.0.0c"/>
+ <affects base="1.0.0" version="1.0.0d"/>
+ <affects base="1.0.0" version="1.0.0e"/>
+ <affects base="1.0.0" version="1.0.0f"/>
+ <affects base="1.0.0" version="1.0.0g"/>
+ <affects base="1.0.0" version="1.0.0i"/>
+ <affects base="1.0.0" version="1.0.0j"/>
+ <affects base="1.0.0" version="1.0.0k"/>
+ <affects base="1.0.0" version="1.0.0l"/>
+ <affects base="1.0.0" version="1.0.0m"/>
+ <affects base="1.0.0" version="1.0.0n"/>
+ <affects base="1.0.0" version="1.0.0o"/>
+ <affects base="1.0.0" version="1.0.0p"/>
+ <affects base="1.0.0" version="1.0.0q"/>
+ <affects base="1.0.0" version="1.0.0r"/>
+ <affects base="1.0.1" version="1.0.1"/>
+ <affects base="1.0.1" version="1.0.1a"/>
+ <affects base="1.0.1" version="1.0.1b"/>
+ <affects base="1.0.1" version="1.0.1c"/>
+ <affects base="1.0.1" version="1.0.1d"/>
+ <affects base="1.0.1" version="1.0.1e"/>
+ <affects base="1.0.1" version="1.0.1f"/>
+ <affects base="1.0.1" version="1.0.1g"/>
+ <affects base="1.0.1" version="1.0.1h"/>
+ <affects base="1.0.1" version="1.0.1i"/>
+ <affects base="1.0.1" version="1.0.1j"/>
+ <affects base="1.0.1" version="1.0.1k"/>
+ <affects base="1.0.1" version="1.0.1l"/>
+ <affects base="1.0.1" version="1.0.1m"/>
+ <affects base="1.0.2" version="1.0.2"/>
+ <affects base="1.0.2" version="1.0.2a"/>
+ <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+ <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+ <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+ <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+ <description>
+ The PKCS#7 parsing code does not handle missing inner EncryptedContent
+ correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
+ with missing content and trigger a NULL pointer dereference on parsing.
+
+ Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
+ structures from untrusted sources are affected. OpenSSL clients and
+ servers are not affected.
+ </description>
+ <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+ <reported source="Michal Zalewski (Google)"/>
+ </issue>
+
+ <issue public="20150611">
+ <cve name="CVE-2015-1792"/>
+ <affects base="0.9.8" version="0.9.8"/>
+ <affects base="0.9.8" version="0.9.8a"/>
+ <affects base="0.9.8" version="0.9.8b"/>
+ <affects base="0.9.8" version="0.9.8c"/>
+ <affects base="0.9.8" version="0.9.8d"/>
+ <affects base="0.9.8" version="0.9.8e"/>
+ <affects base="0.9.8" version="0.9.8f"/>
+ <affects base="0.9.8" version="0.9.8g"/>
+ <affects base="0.9.8" version="0.9.8h"/>
+ <affects base="0.9.8" version="0.9.8i"/>
+ <affects base="0.9.8" version="0.9.8j"/>
+ <affects base="0.9.8" version="0.9.8k"/>
+ <affects base="0.9.8" version="0.9.8l"/>
+ <affects base="0.9.8" version="0.9.8m"/>
+ <affects base="0.9.8" version="0.9.8n"/>
+ <affects base="0.9.8" version="0.9.8o"/>
+ <affects base="0.9.8" version="0.9.8p"/>
+ <affects base="0.9.8" version="0.9.8q"/>
+ <affects base="0.9.8" version="0.9.8r"/>
+ <affects base="0.9.8" version="0.9.8s"/>
+ <affects base="0.9.8" version="0.9.8t"/>
+ <affects base="0.9.8" version="0.9.8u"/>
+ <affects base="0.9.8" version="0.9.8v"/>
+ <affects base="0.9.8" version="0.9.8w"/>
+ <affects base="0.9.8" version="0.9.8x"/>
+ <affects base="0.9.8" version="0.9.8y"/>
+ <affects base="0.9.8" version="0.9.8za"/>
+ <affects base="0.9.8" version="0.9.8zb"/>
+ <affects base="0.9.8" version="0.9.8zc"/>
+ <affects base="0.9.8" version="0.9.8zd"/>
+ <affects base="0.9.8" version="0.9.8ze"/>
+ <affects base="0.9.8" version="0.9.8zf"/>
+ <affects base="1.0.0" version="1.0.0"/>
+ <affects base="1.0.0" version="1.0.0a"/>
+ <affects base="1.0.0" version="1.0.0b"/>
+ <affects base="1.0.0" version="1.0.0c"/>
+ <affects base="1.0.0" version="1.0.0d"/>
+ <affects base="1.0.0" version="1.0.0e"/>
+ <affects base="1.0.0" version="1.0.0f"/>
+ <affects base="1.0.0" version="1.0.0g"/>
+ <affects base="1.0.0" version="1.0.0i"/>
+ <affects base="1.0.0" version="1.0.0j"/>
+ <affects base="1.0.0" version="1.0.0k"/>
+ <affects base="1.0.0" version="1.0.0l"/>
+ <affects base="1.0.0" version="1.0.0m"/>
+ <affects base="1.0.0" version="1.0.0n"/>
+ <affects base="1.0.0" version="1.0.0o"/>
+ <affects base="1.0.0" version="1.0.0p"/>
+ <affects base="1.0.0" version="1.0.0q"/>
+ <affects base="1.0.0" version="1.0.0r"/>
+ <affects base="1.0.1" version="1.0.1"/>
+ <affects base="1.0.1" version="1.0.1a"/>
+ <affects base="1.0.1" version="1.0.1b"/>
+ <affects base="1.0.1" version="1.0.1c"/>
+ <affects base="1.0.1" version="1.0.1d"/>
+ <affects base="1.0.1" version="1.0.1e"/>
+ <affects base="1.0.1" version="1.0.1f"/>
+ <affects base="1.0.1" version="1.0.1g"/>
+ <affects base="1.0.1" version="1.0.1h"/>
+ <affects base="1.0.1" version="1.0.1i"/>
+ <affects base="1.0.1" version="1.0.1j"/>
+ <affects base="1.0.1" version="1.0.1k"/>
+ <affects base="1.0.1" version="1.0.1l"/>
+ <affects base="1.0.1" version="1.0.1m"/>
+ <affects base="1.0.2" version="1.0.2"/>
+ <affects base="1.0.2" version="1.0.2a"/>
+ <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+ <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+ <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+ <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+ <description>
+ When verifying a signedData message the CMS code can enter an infinite loop
+ if presented with an unknown hash function OID.
+
+ This can be used to perform denial of service against any system which
+ verifies signedData messages using the CMS code.
+ </description>
+ <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+ <reported source="Johannes Bauer"/>
+ </issue>
+
+ <issue public="20150602">
+ <cve name="CVE-2015-1791"/>
+ <affects base="0.9.8" version="0.9.8"/>
+ <affects base="0.9.8" version="0.9.8a"/>
+ <affects base="0.9.8" version="0.9.8b"/>
+ <affects base="0.9.8" version="0.9.8c"/>
+ <affects base="0.9.8" version="0.9.8d"/>
+ <affects base="0.9.8" version="0.9.8e"/>
+ <affects base="0.9.8" version="0.9.8f"/>
+ <affects base="0.9.8" version="0.9.8g"/>
+ <affects base="0.9.8" version="0.9.8h"/>
+ <affects base="0.9.8" version="0.9.8i"/>
+ <affects base="0.9.8" version="0.9.8j"/>
+ <affects base="0.9.8" version="0.9.8k"/>
+ <affects base="0.9.8" version="0.9.8l"/>
+ <affects base="0.9.8" version="0.9.8m"/>
+ <affects base="0.9.8" version="0.9.8n"/>
+ <affects base="0.9.8" version="0.9.8o"/>
+ <affects base="0.9.8" version="0.9.8p"/>
+ <affects base="0.9.8" version="0.9.8q"/>
+ <affects base="0.9.8" version="0.9.8r"/>
+ <affects base="0.9.8" version="0.9.8s"/>
+ <affects base="0.9.8" version="0.9.8t"/>
+ <affects base="0.9.8" version="0.9.8u"/>
+ <affects base="0.9.8" version="0.9.8v"/>
+ <affects base="0.9.8" version="0.9.8w"/>
+ <affects base="0.9.8" version="0.9.8x"/>
+ <affects base="0.9.8" version="0.9.8y"/>
+ <affects base="0.9.8" version="0.9.8za"/>
+ <affects base="0.9.8" version="0.9.8zb"/>
+ <affects base="0.9.8" version="0.9.8zc"/>
+ <affects base="0.9.8" version="0.9.8zd"/>
+ <affects base="0.9.8" version="0.9.8ze"/>
+ <affects base="0.9.8" version="0.9.8zf"/>
+ <affects base="1.0.0" version="1.0.0"/>
+ <affects base="1.0.0" version="1.0.0a"/>
+ <affects base="1.0.0" version="1.0.0b"/>
+ <affects base="1.0.0" version="1.0.0c"/>
+ <affects base="1.0.0" version="1.0.0d"/>
+ <affects base="1.0.0" version="1.0.0e"/>
+ <affects base="1.0.0" version="1.0.0f"/>
+ <affects base="1.0.0" version="1.0.0g"/>
+ <affects base="1.0.0" version="1.0.0i"/>
+ <affects base="1.0.0" version="1.0.0j"/>
+ <affects base="1.0.0" version="1.0.0k"/>
+ <affects base="1.0.0" version="1.0.0l"/>
+ <affects base="1.0.0" version="1.0.0m"/>
+ <affects base="1.0.0" version="1.0.0n"/>
+ <affects base="1.0.0" version="1.0.0o"/>
+ <affects base="1.0.0" version="1.0.0p"/>
+ <affects base="1.0.0" version="1.0.0q"/>
+ <affects base="1.0.0" version="1.0.0r"/>
+ <affects base="1.0.1" version="1.0.1"/>
+ <affects base="1.0.1" version="1.0.1a"/>
+ <affects base="1.0.1" version="1.0.1b"/>
+ <affects base="1.0.1" version="1.0.1c"/>
+ <affects base="1.0.1" version="1.0.1d"/>
+ <affects base="1.0.1" version="1.0.1e"/>
+ <affects base="1.0.1" version="1.0.1f"/>
+ <affects base="1.0.1" version="1.0.1g"/>
+ <affects base="1.0.1" version="1.0.1h"/>
+ <affects base="1.0.1" version="1.0.1i"/>
+ <affects base="1.0.1" version="1.0.1j"/>
+ <affects base="1.0.1" version="1.0.1k"/>
+ <affects base="1.0.1" version="1.0.1l"/>
+ <affects base="1.0.1" version="1.0.1m"/>
+ <affects base="1.0.2" version="1.0.2"/>
+ <affects base="1.0.2" version="1.0.2a"/>
+ <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+ <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+ <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+ <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+ <description>
+ If a NewSessionTicket is received by a multi-threaded client when attempting to
+ reuse a previous ticket then a race condition can occur potentially leading to
+ a double free of the ticket data.
+ </description>
+ <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+ <reported source="Emilia Käsper (OpenSSL)"/>
+ </issue>
+
+ <issue public="20150611">
+ <cve name="CVE-2014-8176"/>
+ <affects base="0.9.8" version="0.9.8"/>
+ <affects base="0.9.8" version="0.9.8a"/>
+ <affects base="0.9.8" version="0.9.8b"/>
+ <affects base="0.9.8" version="0.9.8c"/>
+ <affects base="0.9.8" version="0.9.8d"/>
+ <affects base="0.9.8" version="0.9.8e"/>
+ <affects base="0.9.8" version="0.9.8f"/>
+ <affects base="0.9.8" version="0.9.8g"/>
+ <affects base="0.9.8" version="0.9.8h"/>
+ <affects base="0.9.8" version="0.9.8i"/>
+ <affects base="0.9.8" version="0.9.8j"/>
+ <affects base="0.9.8" version="0.9.8k"/>
+ <affects base="0.9.8" version="0.9.8l"/>
+ <affects base="0.9.8" version="0.9.8m"/>
+ <affects base="0.9.8" version="0.9.8n"/>
+ <affects base="0.9.8" version="0.9.8o"/>
+ <affects base="0.9.8" version="0.9.8p"/>
+ <affects base="0.9.8" version="0.9.8q"/>
+ <affects base="0.9.8" version="0.9.8r"/>
+ <affects base="0.9.8" version="0.9.8s"/>
+ <affects base="0.9.8" version="0.9.8t"/>
+ <affects base="0.9.8" version="0.9.8u"/>
+ <affects base="0.9.8" version="0.9.8v"/>
+ <affects base="0.9.8" version="0.9.8w"/>
+ <affects base="0.9.8" version="0.9.8x"/>
+ <affects base="0.9.8" version="0.9.8y"/>
+ <affects base="1.0.0" version="1.0.0"/>
+ <affects base="1.0.0" version="1.0.0a"/>
+ <affects base="1.0.0" version="1.0.0b"/>
+ <affects base="1.0.0" version="1.0.0c"/>
+ <affects base="1.0.0" version="1.0.0d"/>
+ <affects base="1.0.0" version="1.0.0e"/>
+ <affects base="1.0.0" version="1.0.0f"/>
+ <affects base="1.0.0" version="1.0.0g"/>
+ <affects base="1.0.0" version="1.0.0i"/>
+ <affects base="1.0.0" version="1.0.0j"/>
+ <affects base="1.0.0" version="1.0.0k"/>
+ <affects base="1.0.0" version="1.0.0l"/>
+ <affects base="1.0.1" version="1.0.1"/>
+ <affects base="1.0.1" version="1.0.1a"/>
+ <affects base="1.0.1" version="1.0.1b"/>
+ <affects base="1.0.1" version="1.0.1c"/>
+ <affects base="1.0.1" version="1.0.1d"/>
+ <affects base="1.0.1" version="1.0.1e"/>
+ <affects base="1.0.1" version="1.0.1f"/>
+ <affects base="1.0.1" version="1.0.1g"/>
+ <fixed base="1.0.1" version="1.0.1h" date="20140605"/>
+ <fixed base="1.0.0" version="1.0.0m" date="20140605"/>
+ <fixed base="0.9.8" version="0.9.8za" date="20140605"/>
+ <description>
+ This vulnerability does not affect current versions of OpenSSL. It
+ existed in previous OpenSSL versions and was fixed in June 2014.
+
+ If a DTLS peer receives application data between the ChangeCipherSpec
+ and Finished messages, buffering of such data may cause an invalid
+ free, resulting in a segmentation fault or potentially, memory
+ corruption.
+ </description>
+ <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+ <reported source="Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google)"/>
+ </issue>
<issue public="20150319">
<impact severity="High"/>
<cve name="2015-0291"/>
More information about the openssl-commits
mailing list