[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Thu Dec 3 15:35:04 UTC 2015
The branch OpenSSL_1_0_1-stable has been updated
via d82626caec9cb3f8da346125434f17eb180d4ef1 (commit)
via 55615e8d48a4ddd684fcbfc7ba6523ed6414c8fc (commit)
via 56edb20184ac7ea5fec1636a4cae3b8ba5c0d5d1 (commit)
via ac3dd9b7e6e2182ae3d1a8dc6c522cef9385f511 (commit)
via d8541d7e9e63bf5f343af24644046c8d96498c17 (commit)
via b29ffa392e839d05171206523e84909146f7a77c (commit)
from 005f4893dc770d77eb07a098da32e0fca87f07b6 (commit)
- Log -----------------------------------------------------------------
commit d82626caec9cb3f8da346125434f17eb180d4ef1
Author: Matt Caswell <matt at openssl.org>
Date: Thu Dec 3 14:51:13 2015 +0000
Prepare for 1.0.1r-dev
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 55615e8d48a4ddd684fcbfc7ba6523ed6414c8fc
Author: Matt Caswell <matt at openssl.org>
Date: Thu Dec 3 14:50:26 2015 +0000
Prepare for 1.0.1q release
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 56edb20184ac7ea5fec1636a4cae3b8ba5c0d5d1
Author: Matt Caswell <matt at openssl.org>
Date: Thu Dec 3 14:50:26 2015 +0000
make update
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit ac3dd9b7e6e2182ae3d1a8dc6c522cef9385f511
Author: Matt Caswell <matt at openssl.org>
Date: Tue Dec 1 14:39:47 2015 +0000
Update CHANGES and NEWS
Update the CHANGES and NEWS files for the new release.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit d8541d7e9e63bf5f343af24644046c8d96498c17
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Fri Oct 2 13:10:29 2015 +0100
Add PSS parameter check.
Avoid seg fault by checking mgf1 parameter is not NULL. This can be
triggered during certificate verification so could be a DoS attack
against a client or a server enabling client authentication.
Thanks to Loïc Jonas Etienne (Qnective AG) for discovering this bug.
CVE-2015-3194
Reviewed-by: Matt Caswell <matt at openssl.org>
commit b29ffa392e839d05171206523e84909146f7a77c
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Nov 10 19:03:07 2015 +0000
Fix leak with ASN.1 combine.
When parsing a combined structure pass a flag to the decode routine
so on error a pointer to the parent structure is not zeroed as
this will leak any additional components in the parent.
This can leak memory in any application parsing PKCS#7 or CMS structures.
CVE-2015-3195.
Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
libFuzzer.
PR#4131
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 47 ++++++++++++++++++++++++++++++++++++++++++-----
NEWS | 11 ++++++++++-
README | 2 +-
crypto/asn1/tasn_dec.c | 7 +++++--
crypto/opensslv.h | 6 +++---
crypto/rsa/rsa_ameth.c | 2 +-
openssl.spec | 2 +-
test/Makefile | 7 ++++---
8 files changed, 67 insertions(+), 17 deletions(-)
diff --git a/CHANGES b/CHANGES
index 178d010..915b1f6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,38 @@
OpenSSL CHANGES
_______________
- Changes between 1.0.1p and 1.0.1q [xx XXX xxxx]
+ Changes between 1.0.1q and 1.0.1r [xx XXX xxxx]
+
+ *)
+
+ Changes between 1.0.1p and 1.0.1q [3 Dec 2015]
+
+ *) Certificate verify crash with missing PSS parameter
+
+ The signature verification routines will crash with a NULL pointer
+ dereference if presented with an ASN.1 signature using the RSA PSS
+ algorithm and absent mask generation function parameter. Since these
+ routines are used to verify certificate signature algorithms this can be
+ used to crash any certificate verification operation and exploited in a
+ DoS attack. Any application which performs certificate verification is
+ vulnerable including OpenSSL clients and servers which enable client
+ authentication.
+
+ This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG).
+ (CVE-2015-3194)
+ [Stephen Henson]
+
+ *) X509_ATTRIBUTE memory leak
+
+ When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
+ memory. This structure is used by the PKCS#7 and CMS routines so any
+ application which reads PKCS#7 or CMS data from untrusted sources is
+ affected. SSL/TLS is not affected.
+
+ This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
+ libFuzzer.
+ (CVE-2015-3195)
+ [Stephen Henson]
*) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
This changes the decoding behaviour for some invalid messages,
@@ -14,9 +45,6 @@
return an error
[Rich Salz and Ismo Puustinen <ismo.puustinen at intel.com>]
- *) Rewrite PSK to support ECDHE_PSK, DHE_PSK and RSA_PSK. Add ciphersuites
- from RFC4279, RFC4785, RFC5487, RFC5489.
-
Changes between 1.0.1o and 1.0.1p [9 Jul 2015]
*) Alternate chains certificate forgery
@@ -30,10 +58,19 @@
This issue was reported to OpenSSL by Adam Langley/David Benjamin
(Google/BoringSSL).
+ (CVE-2015-1793)
[Matt Caswell]
- Changes between 1.0.1n and 1.0.1o [12 Jun 2015]
+ *) Race condition handling PSK identify hint
+ If PSK identity hints are received by a multi-threaded client then
+ the values are wrongly updated in the parent SSL_CTX structure. This can
+ result in a race condition potentially leading to a double free of the
+ identify hint data.
+ (CVE-2015-3196)
+ [Stephen Henson]
+
+ Changes between 1.0.1n and 1.0.1o [12 Jun 2015]
*) Fix HMAC ABI incompatibility. The previous version introduced an ABI
incompatibility in the handling of HMAC. The previous ABI has now been
restored.
diff --git a/NEWS b/NEWS
index ea0c716..e712f14 100644
--- a/NEWS
+++ b/NEWS
@@ -5,13 +5,22 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [under development]
+ Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [under development]
o
+ Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015]
+
+ o Certificate verify crash with missing PSS parameter (CVE-2015-3194)
+ o X509_ATTRIBUTE memory leak (CVE-2015-3195)
+ o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
+ o In DSA_generate_parameters_ex, if the provided seed is too short,
+ return an error
+
Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015]
o Alternate chains certificate forgery (CVE-2015-1793)
+ o Race condition handling PSK identify hint (CVE-2015-3196)
Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015]
diff --git a/README b/README
index edf5138..ad7a748 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
- OpenSSL 1.0.1q-dev
+ OpenSSL 1.0.1r-dev
Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index febf605..9256049 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -180,6 +180,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
int otag;
int ret = 0;
ASN1_VALUE **pchptr, *ptmpval;
+ int combine = aclass & ASN1_TFLG_COMBINE;
+ aclass &= ~ASN1_TFLG_COMBINE;
if (!pval)
return 0;
if (aux && aux->asn1_cb)
@@ -500,7 +502,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
auxerr:
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
err:
- ASN1_item_ex_free(pval, it);
+ if (combine == 0)
+ ASN1_item_ex_free(pval, it);
if (errtt)
ERR_add_error_data(4, "Field=", errtt->field_name,
", Type=", it->sname);
@@ -689,7 +692,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
} else {
/* Nothing special */
ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
- -1, 0, opt, ctx);
+ -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 78eef03..0bb1bc1 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x10001110L
+# define OPENSSL_VERSION_NUMBER 0x10001120L
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1q-fips-dev xx XXX xxxx"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1r-fips-dev xx XXX xxxx"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1q-dev xx XXX xxxx"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1r-dev xx XXX xxxx"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 93e071d..c7f1148 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -279,7 +279,7 @@ static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
if (pss->maskGenAlgorithm) {
ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1
- && param->type == V_ASN1_SEQUENCE) {
+ && param && param->type == V_ASN1_SEQUENCE) {
p = param->value.sequence->data;
plen = param->value.sequence->length;
*pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
diff --git a/openssl.spec b/openssl.spec
index 7ceb322..386f9f6 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -7,7 +7,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
#Version: %{libmaj}.%{libmin}.%{librel}
-Version: 1.0.1q
+Version: 1.0.1r
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries
diff --git a/test/Makefile b/test/Makefile
index 522af50..0afae14 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -572,9 +572,10 @@ clienthellotest.o: ../include/openssl/buffer.h ../include/openssl/comp.h
clienthellotest.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
clienthellotest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
clienthellotest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-clienthellotest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-clienthellotest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-clienthellotest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+clienthellotest.o: ../include/openssl/err.h ../include/openssl/evp.h
+clienthellotest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+clienthellotest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+clienthellotest.o: ../include/openssl/objects.h
clienthellotest.o: ../include/openssl/opensslconf.h
clienthellotest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
clienthellotest.o: ../include/openssl/pem.h ../include/openssl/pem2.h
More information about the openssl-commits
mailing list