[openssl-commits] [web] master update

Matt Caswell matt at openssl.org
Thu Jun 11 14:39:07 UTC 2015


The branch master has been updated
       via  ad1b4eeeeb7c92e089bb0e7db0ef9041433f5a28 (commit)
      from  f7dd814fc51f0d7968805efb5f0df4ffbe546ab3 (commit)


- Log -----------------------------------------------------------------
commit ad1b4eeeeb7c92e089bb0e7db0ef9041433f5a28
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Jun 11 15:33:28 2015 +0100

    Updates for new release

-----------------------------------------------------------------------

Summary of changes:
 news/newsflash.txt       |   5 +
 news/secadv_20150611.txt | 186 +++++++++++++++++++
 news/vulnerabilities.xml | 467 ++++++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 657 insertions(+), 1 deletion(-)
 create mode 100644 news/secadv_20150611.txt

diff --git a/news/newsflash.txt b/news/newsflash.txt
index 889b480..72c9804 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -1,3 +1,8 @@
+11-Jun-2015: <a href="ROOT/news/secadv_20150611.txt">Security Advisory</a>: five security fixes
+11-Jun-2015: OpenSSL 1.0.2b is now <a href="ROOT/source/">available</a>, including bug and security fixes
+11-Jun-2015: OpenSSL 1.0.1n is now <a href="ROOT/source/">available</a>, including bug and security fixes
+11-Jun-2015: OpenSSL 1.0.0s is now <a href="ROOT/source/">available</a>, including bug and security fixes
+11-Jun-2015: OpenSSL 0.9.8zg is now <a href="ROOT/source/">available</a>, including bug and security fixes
 19-Mar-2015: <a href="ROOT/news/secadv_20150319.txt">Security Advisory</a>: twelve security fixes
 19-Mar-2015: OpenSSL 1.0.2a is now <a href="ROOT/source/">available</a>, including bug and security fixes
 19-Mar-2015: OpenSSL 1.0.1m is now <a href="ROOT/source/">available</a>, including bug and security fixes
diff --git a/news/secadv_20150611.txt b/news/secadv_20150611.txt
new file mode 100644
index 0000000..2b23648
--- /dev/null
+++ b/news/secadv_20150611.txt
@@ -0,0 +1,186 @@
+OpenSSL Security Advisory [11 Jun 2015]
+=======================================
+
+DHE man-in-the-middle protection (Logjam)
+====================================================================
+
+A vulnerability in the TLS protocol allows a man-in-the-middle
+attacker to downgrade vulnerable TLS connections using ephemeral
+Diffie-Hellman key exchange to 512-bit export-grade cryptography. This
+vulnerability is known as Logjam (CVE-2015-4000).
+
+OpenSSL has added protection for TLS clients by rejecting handshakes
+with DH parameters shorter than 768 bits. This limit will be increased
+to 1024 bits in a future release.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+
+Fixes for this issue were developed by Emilia Käsper and Kurt Roeckx
+of the OpenSSL development team.
+
+Malformed ECParameters causes infinite loop (CVE-2015-1788)
+===========================================================
+
+Severity: Moderate
+
+When processing an ECParameters structure OpenSSL enters an infinite loop if
+the curve specified is over a specially malformed binary polynomial field.
+
+This can be used to perform denial of service against any
+system which processes public keys, certificate requests or
+certificates.  This includes TLS clients and TLS servers with
+client authentication enabled.
+
+This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent
+1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are
+affected.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s
+OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The
+fix was developed by Andy Polyakov of the OpenSSL development team.
+
+Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
+===============================================================
+
+Severity: Moderate
+
+X509_cmp_time does not properly check the length of the ASN1_TIME
+string and can read a few bytes out of bounds. In addition,
+X509_cmp_time accepts an arbitrary number of fractional seconds in the
+time string.
+
+An attacker can use this to craft malformed certificates and CRLs of
+various sizes and potentially cause a segmentation fault, resulting in
+a DoS on applications that verify certificates or CRLs. TLS clients
+that verify CRLs are affected. TLS clients and servers with client
+authentication enabled may be affected if they use custom verification
+callbacks.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki
+(Google), and independently on 11th April 2015 by Hanno Böck. The fix
+was developed by Emilia Käsper of the OpenSSL development team.
+
+PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
+=========================================================
+
+Severity: Moderate
+
+The PKCS#7 parsing code does not handle missing inner EncryptedContent
+correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
+with missing content and trigger a NULL pointer dereference on parsing.
+
+Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
+structures from untrusted sources are affected. OpenSSL clients and
+servers are not affected.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 18th April 2015 by  Michal
+Zalewski (Google). The fix was developed by Emilia Käsper of the
+OpenSSL development team.
+
+CMS verify infinite loop with unknown hash function (CVE-2015-1792)
+===================================================================
+
+Severity: Moderate
+
+When verifying a signedData message the CMS code can enter an infinite loop
+if presented with an unknown hash function OID.
+
+This can be used to perform denial of service against any system which
+verifies signedData messages using the CMS code.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The
+fix was developed by Dr. Stephen Henson of the OpenSSL development team.
+
+Race condition handling NewSessionTicket (CVE-2015-1791)
+========================================================
+
+Severity: Low
+
+If a NewSessionTicket is received by a multi-threaded client when attempting to
+reuse a previous ticket then a race condition can occur potentially leading to
+a double free of the ticket data.
+
+This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 1.0.2 users should upgrade to 1.0.2b
+OpenSSL 1.0.1 users should upgrade to 1.0.1n
+OpenSSL 1.0.0 users should upgrade to 1.0.0s
+OpenSSL 0.9.8 users should upgrade to 0.9.8zg
+
+This issue was discovered by Emilia Käsper of the OpenSSL development team. The
+fix was developed by Matt Caswell of the OpenSSL development team.
+
+Invalid free in DTLS (CVE-2014-8176)
+====================================
+
+Severity: Moderate
+
+This vulnerability does not affect current versions of OpenSSL. It
+existed in previous OpenSSL versions and was fixed in June 2014.
+
+If a DTLS peer receives application data between the ChangeCipherSpec
+and Finished messages, buffering of such data may cause an invalid
+free, resulting in a segmentation fault or potentially, memory
+corruption.
+
+This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8.
+
+OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
+OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m.
+OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
+
+This issue was originally reported on March 28th 2014 in
+https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen
+Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert
+(Google). A fix was developed by zhu qun-ying.
+
+The fix for this issue can be identified by commits bcc31166 (1.0.1),
+b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
+
+Note
+====
+
+As per our previous announcements and our Release Strategy
+(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions
+1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these
+releases will be provided after that date. Users of these releases are advised
+to upgrade.
+
+References
+==========
+
+URL for this Security Advisory:
+https://www.openssl.org/news/secadv_20150611.txt
+
+Note: the online version of the advisory may be updated with additional
+details over time.
+
+For details of OpenSSL severity classifications please see:
+https://www.openssl.org/about/secpolicy.html
+
diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index 2c907c9..a222fba 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -5,7 +5,472 @@
      1.0.0 on 20100329
 -->
 
-<security updated="20150319">
+<security updated="20150611">
+  <issue public="20150611">
+    <cve name="CVE-2015-1788"/>
+    <affects base="0.9.8" version="0.9.8"/>
+    <affects base="0.9.8" version="0.9.8a"/>
+    <affects base="0.9.8" version="0.9.8b"/>
+    <affects base="0.9.8" version="0.9.8c"/>
+    <affects base="0.9.8" version="0.9.8d"/>
+    <affects base="0.9.8" version="0.9.8e"/>
+    <affects base="0.9.8" version="0.9.8f"/>
+    <affects base="0.9.8" version="0.9.8g"/>
+    <affects base="0.9.8" version="0.9.8h"/>
+    <affects base="0.9.8" version="0.9.8i"/>
+    <affects base="0.9.8" version="0.9.8j"/>
+    <affects base="0.9.8" version="0.9.8k"/>
+    <affects base="0.9.8" version="0.9.8l"/>
+    <affects base="0.9.8" version="0.9.8m"/>
+    <affects base="0.9.8" version="0.9.8n"/>
+    <affects base="0.9.8" version="0.9.8o"/>
+    <affects base="0.9.8" version="0.9.8p"/>
+    <affects base="0.9.8" version="0.9.8q"/>
+    <affects base="0.9.8" version="0.9.8r"/>
+    <affects base="1.0.0" version="1.0.0"/>
+    <affects base="1.0.0" version="1.0.0a"/>
+    <affects base="1.0.0" version="1.0.0b"/>
+    <affects base="1.0.0" version="1.0.0c"/>
+    <affects base="1.0.0" version="1.0.0d"/>
+    <affects base="1.0.1" version="1.0.1"/>
+    <affects base="1.0.1" version="1.0.1a"/>
+    <affects base="1.0.1" version="1.0.1b"/>
+    <affects base="1.0.1" version="1.0.1c"/>
+    <affects base="1.0.1" version="1.0.1d"/>
+    <affects base="1.0.1" version="1.0.1e"/>
+    <affects base="1.0.1" version="1.0.1f"/>
+    <affects base="1.0.1" version="1.0.1g"/>
+    <affects base="1.0.1" version="1.0.1h"/>
+    <affects base="1.0.1" version="1.0.1i"/>
+    <affects base="1.0.1" version="1.0.1j"/>
+    <affects base="1.0.1" version="1.0.1k"/>
+    <affects base="1.0.1" version="1.0.1l"/>
+    <affects base="1.0.1" version="1.0.1m"/>
+    <affects base="1.0.2" version="1.0.2"/>
+    <affects base="1.0.2" version="1.0.2a"/>
+    <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+    <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+    <fixed base="1.0.0" version="1.0.0e" date="20110906"/>
+    <fixed base="0.9.8" version="0.9.8s" date="20120104"/>
+
+    <description>
+      When processing an ECParameters structure OpenSSL enters an infinite loop if
+      the curve specified is over a specially malformed binary polynomial field.
+
+      This can be used to perform denial of service against any
+      system which processes public keys, certificate requests or
+      certificates.  This includes TLS clients and TLS servers with
+      client authentication enabled.
+    </description>
+    <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+    <reported source="Joseph Birr-Pixton"/>
+  </issue>
+
+  <issue public="20150611">
+    <cve name="CVE-2015-1789"/>
+    <affects base="0.9.8" version="0.9.8"/>
+    <affects base="0.9.8" version="0.9.8a"/>
+    <affects base="0.9.8" version="0.9.8b"/>
+    <affects base="0.9.8" version="0.9.8c"/>
+    <affects base="0.9.8" version="0.9.8d"/>
+    <affects base="0.9.8" version="0.9.8e"/>
+    <affects base="0.9.8" version="0.9.8f"/>
+    <affects base="0.9.8" version="0.9.8g"/>
+    <affects base="0.9.8" version="0.9.8h"/>
+    <affects base="0.9.8" version="0.9.8i"/>
+    <affects base="0.9.8" version="0.9.8j"/>
+    <affects base="0.9.8" version="0.9.8k"/>
+    <affects base="0.9.8" version="0.9.8l"/>
+    <affects base="0.9.8" version="0.9.8m"/>
+    <affects base="0.9.8" version="0.9.8n"/>
+    <affects base="0.9.8" version="0.9.8o"/>
+    <affects base="0.9.8" version="0.9.8p"/>
+    <affects base="0.9.8" version="0.9.8q"/>
+    <affects base="0.9.8" version="0.9.8r"/>
+    <affects base="0.9.8" version="0.9.8s"/>
+    <affects base="0.9.8" version="0.9.8t"/>
+    <affects base="0.9.8" version="0.9.8u"/>
+    <affects base="0.9.8" version="0.9.8v"/>
+    <affects base="0.9.8" version="0.9.8w"/>
+    <affects base="0.9.8" version="0.9.8x"/>
+    <affects base="0.9.8" version="0.9.8y"/>
+    <affects base="0.9.8" version="0.9.8za"/>
+    <affects base="0.9.8" version="0.9.8zb"/>
+    <affects base="0.9.8" version="0.9.8zc"/>
+    <affects base="0.9.8" version="0.9.8zd"/>
+    <affects base="0.9.8" version="0.9.8ze"/>
+    <affects base="0.9.8" version="0.9.8zf"/>
+    <affects base="1.0.0" version="1.0.0"/>
+    <affects base="1.0.0" version="1.0.0a"/>
+    <affects base="1.0.0" version="1.0.0b"/>
+    <affects base="1.0.0" version="1.0.0c"/>
+    <affects base="1.0.0" version="1.0.0d"/>
+    <affects base="1.0.0" version="1.0.0e"/>
+    <affects base="1.0.0" version="1.0.0f"/>
+    <affects base="1.0.0" version="1.0.0g"/>
+    <affects base="1.0.0" version="1.0.0i"/>
+    <affects base="1.0.0" version="1.0.0j"/>
+    <affects base="1.0.0" version="1.0.0k"/>
+    <affects base="1.0.0" version="1.0.0l"/>
+    <affects base="1.0.0" version="1.0.0m"/>
+    <affects base="1.0.0" version="1.0.0n"/>
+    <affects base="1.0.0" version="1.0.0o"/>
+    <affects base="1.0.0" version="1.0.0p"/>
+    <affects base="1.0.0" version="1.0.0q"/>
+    <affects base="1.0.0" version="1.0.0r"/>
+    <affects base="1.0.1" version="1.0.1"/>
+    <affects base="1.0.1" version="1.0.1a"/>
+    <affects base="1.0.1" version="1.0.1b"/>
+    <affects base="1.0.1" version="1.0.1c"/>
+    <affects base="1.0.1" version="1.0.1d"/>
+    <affects base="1.0.1" version="1.0.1e"/>
+    <affects base="1.0.1" version="1.0.1f"/>
+    <affects base="1.0.1" version="1.0.1g"/>
+    <affects base="1.0.1" version="1.0.1h"/>
+    <affects base="1.0.1" version="1.0.1i"/>
+    <affects base="1.0.1" version="1.0.1j"/>
+    <affects base="1.0.1" version="1.0.1k"/>
+    <affects base="1.0.1" version="1.0.1l"/>
+    <affects base="1.0.1" version="1.0.1m"/>
+    <affects base="1.0.2" version="1.0.2"/>
+    <affects base="1.0.2" version="1.0.2a"/>
+    <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+    <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+    <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+    <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+    <description>
+      X509_cmp_time does not properly check the length of the ASN1_TIME
+      string and can read a few bytes out of bounds. In addition,
+      X509_cmp_time accepts an arbitrary number of fractional seconds in the
+      time string.
+
+      An attacker can use this to craft malformed certificates and CRLs of
+      various sizes and potentially cause a segmentation fault, resulting in
+      a DoS on applications that verify certificates or CRLs. TLS clients
+      that verify CRLs are affected. TLS clients and servers with client
+      authentication enabled may be affected if they use custom verification
+      callbacks.
+    </description>
+    <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+    <reported source="Robert Swiecki (Google) and (independently) Hanno Böck"/>
+  </issue>
+
+  <issue public="20150611">
+    <cve name="CVE-2015-1790"/>
+    <affects base="0.9.8" version="0.9.8"/>
+    <affects base="0.9.8" version="0.9.8a"/>
+    <affects base="0.9.8" version="0.9.8b"/>
+    <affects base="0.9.8" version="0.9.8c"/>
+    <affects base="0.9.8" version="0.9.8d"/>
+    <affects base="0.9.8" version="0.9.8e"/>
+    <affects base="0.9.8" version="0.9.8f"/>
+    <affects base="0.9.8" version="0.9.8g"/>
+    <affects base="0.9.8" version="0.9.8h"/>
+    <affects base="0.9.8" version="0.9.8i"/>
+    <affects base="0.9.8" version="0.9.8j"/>
+    <affects base="0.9.8" version="0.9.8k"/>
+    <affects base="0.9.8" version="0.9.8l"/>
+    <affects base="0.9.8" version="0.9.8m"/>
+    <affects base="0.9.8" version="0.9.8n"/>
+    <affects base="0.9.8" version="0.9.8o"/>
+    <affects base="0.9.8" version="0.9.8p"/>
+    <affects base="0.9.8" version="0.9.8q"/>
+    <affects base="0.9.8" version="0.9.8r"/>
+    <affects base="0.9.8" version="0.9.8s"/>
+    <affects base="0.9.8" version="0.9.8t"/>
+    <affects base="0.9.8" version="0.9.8u"/>
+    <affects base="0.9.8" version="0.9.8v"/>
+    <affects base="0.9.8" version="0.9.8w"/>
+    <affects base="0.9.8" version="0.9.8x"/>
+    <affects base="0.9.8" version="0.9.8y"/>
+    <affects base="0.9.8" version="0.9.8za"/>
+    <affects base="0.9.8" version="0.9.8zb"/>
+    <affects base="0.9.8" version="0.9.8zc"/>
+    <affects base="0.9.8" version="0.9.8zd"/>
+    <affects base="0.9.8" version="0.9.8ze"/>
+    <affects base="0.9.8" version="0.9.8zf"/>
+    <affects base="1.0.0" version="1.0.0"/>
+    <affects base="1.0.0" version="1.0.0a"/>
+    <affects base="1.0.0" version="1.0.0b"/>
+    <affects base="1.0.0" version="1.0.0c"/>
+    <affects base="1.0.0" version="1.0.0d"/>
+    <affects base="1.0.0" version="1.0.0e"/>
+    <affects base="1.0.0" version="1.0.0f"/>
+    <affects base="1.0.0" version="1.0.0g"/>
+    <affects base="1.0.0" version="1.0.0i"/>
+    <affects base="1.0.0" version="1.0.0j"/>
+    <affects base="1.0.0" version="1.0.0k"/>
+    <affects base="1.0.0" version="1.0.0l"/>
+    <affects base="1.0.0" version="1.0.0m"/>
+    <affects base="1.0.0" version="1.0.0n"/>
+    <affects base="1.0.0" version="1.0.0o"/>
+    <affects base="1.0.0" version="1.0.0p"/>
+    <affects base="1.0.0" version="1.0.0q"/>
+    <affects base="1.0.0" version="1.0.0r"/>
+    <affects base="1.0.1" version="1.0.1"/>
+    <affects base="1.0.1" version="1.0.1a"/>
+    <affects base="1.0.1" version="1.0.1b"/>
+    <affects base="1.0.1" version="1.0.1c"/>
+    <affects base="1.0.1" version="1.0.1d"/>
+    <affects base="1.0.1" version="1.0.1e"/>
+    <affects base="1.0.1" version="1.0.1f"/>
+    <affects base="1.0.1" version="1.0.1g"/>
+    <affects base="1.0.1" version="1.0.1h"/>
+    <affects base="1.0.1" version="1.0.1i"/>
+    <affects base="1.0.1" version="1.0.1j"/>
+    <affects base="1.0.1" version="1.0.1k"/>
+    <affects base="1.0.1" version="1.0.1l"/>
+    <affects base="1.0.1" version="1.0.1m"/>
+    <affects base="1.0.2" version="1.0.2"/>
+    <affects base="1.0.2" version="1.0.2a"/>
+    <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+    <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+    <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+    <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+    <description>
+      The PKCS#7 parsing code does not handle missing inner EncryptedContent
+      correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
+      with missing content and trigger a NULL pointer dereference on parsing.
+
+      Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
+      structures from untrusted sources are affected. OpenSSL clients and
+      servers are not affected.
+    </description>
+    <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+    <reported source="Michal Zalewski (Google)"/>
+  </issue>
+
+  <issue public="20150611">
+    <cve name="CVE-2015-1792"/>
+    <affects base="0.9.8" version="0.9.8"/>
+    <affects base="0.9.8" version="0.9.8a"/>
+    <affects base="0.9.8" version="0.9.8b"/>
+    <affects base="0.9.8" version="0.9.8c"/>
+    <affects base="0.9.8" version="0.9.8d"/>
+    <affects base="0.9.8" version="0.9.8e"/>
+    <affects base="0.9.8" version="0.9.8f"/>
+    <affects base="0.9.8" version="0.9.8g"/>
+    <affects base="0.9.8" version="0.9.8h"/>
+    <affects base="0.9.8" version="0.9.8i"/>
+    <affects base="0.9.8" version="0.9.8j"/>
+    <affects base="0.9.8" version="0.9.8k"/>
+    <affects base="0.9.8" version="0.9.8l"/>
+    <affects base="0.9.8" version="0.9.8m"/>
+    <affects base="0.9.8" version="0.9.8n"/>
+    <affects base="0.9.8" version="0.9.8o"/>
+    <affects base="0.9.8" version="0.9.8p"/>
+    <affects base="0.9.8" version="0.9.8q"/>
+    <affects base="0.9.8" version="0.9.8r"/>
+    <affects base="0.9.8" version="0.9.8s"/>
+    <affects base="0.9.8" version="0.9.8t"/>
+    <affects base="0.9.8" version="0.9.8u"/>
+    <affects base="0.9.8" version="0.9.8v"/>
+    <affects base="0.9.8" version="0.9.8w"/>
+    <affects base="0.9.8" version="0.9.8x"/>
+    <affects base="0.9.8" version="0.9.8y"/>
+    <affects base="0.9.8" version="0.9.8za"/>
+    <affects base="0.9.8" version="0.9.8zb"/>
+    <affects base="0.9.8" version="0.9.8zc"/>
+    <affects base="0.9.8" version="0.9.8zd"/>
+    <affects base="0.9.8" version="0.9.8ze"/>
+    <affects base="0.9.8" version="0.9.8zf"/>
+    <affects base="1.0.0" version="1.0.0"/>
+    <affects base="1.0.0" version="1.0.0a"/>
+    <affects base="1.0.0" version="1.0.0b"/>
+    <affects base="1.0.0" version="1.0.0c"/>
+    <affects base="1.0.0" version="1.0.0d"/>
+    <affects base="1.0.0" version="1.0.0e"/>
+    <affects base="1.0.0" version="1.0.0f"/>
+    <affects base="1.0.0" version="1.0.0g"/>
+    <affects base="1.0.0" version="1.0.0i"/>
+    <affects base="1.0.0" version="1.0.0j"/>
+    <affects base="1.0.0" version="1.0.0k"/>
+    <affects base="1.0.0" version="1.0.0l"/>
+    <affects base="1.0.0" version="1.0.0m"/>
+    <affects base="1.0.0" version="1.0.0n"/>
+    <affects base="1.0.0" version="1.0.0o"/>
+    <affects base="1.0.0" version="1.0.0p"/>
+    <affects base="1.0.0" version="1.0.0q"/>
+    <affects base="1.0.0" version="1.0.0r"/>
+    <affects base="1.0.1" version="1.0.1"/>
+    <affects base="1.0.1" version="1.0.1a"/>
+    <affects base="1.0.1" version="1.0.1b"/>
+    <affects base="1.0.1" version="1.0.1c"/>
+    <affects base="1.0.1" version="1.0.1d"/>
+    <affects base="1.0.1" version="1.0.1e"/>
+    <affects base="1.0.1" version="1.0.1f"/>
+    <affects base="1.0.1" version="1.0.1g"/>
+    <affects base="1.0.1" version="1.0.1h"/>
+    <affects base="1.0.1" version="1.0.1i"/>
+    <affects base="1.0.1" version="1.0.1j"/>
+    <affects base="1.0.1" version="1.0.1k"/>
+    <affects base="1.0.1" version="1.0.1l"/>
+    <affects base="1.0.1" version="1.0.1m"/>
+    <affects base="1.0.2" version="1.0.2"/>
+    <affects base="1.0.2" version="1.0.2a"/>
+    <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+    <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+    <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+    <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+    <description>
+      When verifying a signedData message the CMS code can enter an infinite loop
+      if presented with an unknown hash function OID.
+
+      This can be used to perform denial of service against any system which
+      verifies signedData messages using the CMS code.
+    </description>
+    <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+    <reported source="Johannes Bauer"/>
+  </issue>
+
+  <issue public="20150602">
+    <cve name="CVE-2015-1791"/>
+    <affects base="0.9.8" version="0.9.8"/>
+    <affects base="0.9.8" version="0.9.8a"/>
+    <affects base="0.9.8" version="0.9.8b"/>
+    <affects base="0.9.8" version="0.9.8c"/>
+    <affects base="0.9.8" version="0.9.8d"/>
+    <affects base="0.9.8" version="0.9.8e"/>
+    <affects base="0.9.8" version="0.9.8f"/>
+    <affects base="0.9.8" version="0.9.8g"/>
+    <affects base="0.9.8" version="0.9.8h"/>
+    <affects base="0.9.8" version="0.9.8i"/>
+    <affects base="0.9.8" version="0.9.8j"/>
+    <affects base="0.9.8" version="0.9.8k"/>
+    <affects base="0.9.8" version="0.9.8l"/>
+    <affects base="0.9.8" version="0.9.8m"/>
+    <affects base="0.9.8" version="0.9.8n"/>
+    <affects base="0.9.8" version="0.9.8o"/>
+    <affects base="0.9.8" version="0.9.8p"/>
+    <affects base="0.9.8" version="0.9.8q"/>
+    <affects base="0.9.8" version="0.9.8r"/>
+    <affects base="0.9.8" version="0.9.8s"/>
+    <affects base="0.9.8" version="0.9.8t"/>
+    <affects base="0.9.8" version="0.9.8u"/>
+    <affects base="0.9.8" version="0.9.8v"/>
+    <affects base="0.9.8" version="0.9.8w"/>
+    <affects base="0.9.8" version="0.9.8x"/>
+    <affects base="0.9.8" version="0.9.8y"/>
+    <affects base="0.9.8" version="0.9.8za"/>
+    <affects base="0.9.8" version="0.9.8zb"/>
+    <affects base="0.9.8" version="0.9.8zc"/>
+    <affects base="0.9.8" version="0.9.8zd"/>
+    <affects base="0.9.8" version="0.9.8ze"/>
+    <affects base="0.9.8" version="0.9.8zf"/>
+    <affects base="1.0.0" version="1.0.0"/>
+    <affects base="1.0.0" version="1.0.0a"/>
+    <affects base="1.0.0" version="1.0.0b"/>
+    <affects base="1.0.0" version="1.0.0c"/>
+    <affects base="1.0.0" version="1.0.0d"/>
+    <affects base="1.0.0" version="1.0.0e"/>
+    <affects base="1.0.0" version="1.0.0f"/>
+    <affects base="1.0.0" version="1.0.0g"/>
+    <affects base="1.0.0" version="1.0.0i"/>
+    <affects base="1.0.0" version="1.0.0j"/>
+    <affects base="1.0.0" version="1.0.0k"/>
+    <affects base="1.0.0" version="1.0.0l"/>
+    <affects base="1.0.0" version="1.0.0m"/>
+    <affects base="1.0.0" version="1.0.0n"/>
+    <affects base="1.0.0" version="1.0.0o"/>
+    <affects base="1.0.0" version="1.0.0p"/>
+    <affects base="1.0.0" version="1.0.0q"/>
+    <affects base="1.0.0" version="1.0.0r"/>
+    <affects base="1.0.1" version="1.0.1"/>
+    <affects base="1.0.1" version="1.0.1a"/>
+    <affects base="1.0.1" version="1.0.1b"/>
+    <affects base="1.0.1" version="1.0.1c"/>
+    <affects base="1.0.1" version="1.0.1d"/>
+    <affects base="1.0.1" version="1.0.1e"/>
+    <affects base="1.0.1" version="1.0.1f"/>
+    <affects base="1.0.1" version="1.0.1g"/>
+    <affects base="1.0.1" version="1.0.1h"/>
+    <affects base="1.0.1" version="1.0.1i"/>
+    <affects base="1.0.1" version="1.0.1j"/>
+    <affects base="1.0.1" version="1.0.1k"/>
+    <affects base="1.0.1" version="1.0.1l"/>
+    <affects base="1.0.1" version="1.0.1m"/>
+    <affects base="1.0.2" version="1.0.2"/>
+    <affects base="1.0.2" version="1.0.2a"/>
+    <fixed base="1.0.2" version="1.0.2a" date="20150611"/>
+    <fixed base="1.0.1" version="1.0.1n" date="20150611"/>
+    <fixed base="1.0.0" version="1.0.0s" date="20150611"/>
+    <fixed base="0.9.8" version="0.9.8zg" date="20150611"/>
+
+    <description>
+      If a NewSessionTicket is received by a multi-threaded client when attempting to
+      reuse a previous ticket then a race condition can occur potentially leading to
+      a double free of the ticket data.
+    </description>
+    <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+    <reported source="Emilia Käsper (OpenSSL)"/>
+  </issue>
+
+  <issue public="20150611">
+    <cve name="CVE-2014-8176"/>
+    <affects base="0.9.8" version="0.9.8"/>
+    <affects base="0.9.8" version="0.9.8a"/>
+    <affects base="0.9.8" version="0.9.8b"/>
+    <affects base="0.9.8" version="0.9.8c"/>
+    <affects base="0.9.8" version="0.9.8d"/>
+    <affects base="0.9.8" version="0.9.8e"/>
+    <affects base="0.9.8" version="0.9.8f"/>
+    <affects base="0.9.8" version="0.9.8g"/>
+    <affects base="0.9.8" version="0.9.8h"/>
+    <affects base="0.9.8" version="0.9.8i"/>
+    <affects base="0.9.8" version="0.9.8j"/>
+    <affects base="0.9.8" version="0.9.8k"/>
+    <affects base="0.9.8" version="0.9.8l"/>
+    <affects base="0.9.8" version="0.9.8m"/>
+    <affects base="0.9.8" version="0.9.8n"/>
+    <affects base="0.9.8" version="0.9.8o"/>
+    <affects base="0.9.8" version="0.9.8p"/>
+    <affects base="0.9.8" version="0.9.8q"/>
+    <affects base="0.9.8" version="0.9.8r"/>
+    <affects base="0.9.8" version="0.9.8s"/>
+    <affects base="0.9.8" version="0.9.8t"/>
+    <affects base="0.9.8" version="0.9.8u"/>
+    <affects base="0.9.8" version="0.9.8v"/>
+    <affects base="0.9.8" version="0.9.8w"/>
+    <affects base="0.9.8" version="0.9.8x"/>
+    <affects base="0.9.8" version="0.9.8y"/>
+    <affects base="1.0.0" version="1.0.0"/>
+    <affects base="1.0.0" version="1.0.0a"/>
+    <affects base="1.0.0" version="1.0.0b"/>
+    <affects base="1.0.0" version="1.0.0c"/>
+    <affects base="1.0.0" version="1.0.0d"/>
+    <affects base="1.0.0" version="1.0.0e"/>
+    <affects base="1.0.0" version="1.0.0f"/>
+    <affects base="1.0.0" version="1.0.0g"/>
+    <affects base="1.0.0" version="1.0.0i"/>
+    <affects base="1.0.0" version="1.0.0j"/>
+    <affects base="1.0.0" version="1.0.0k"/>
+    <affects base="1.0.0" version="1.0.0l"/>
+    <affects base="1.0.1" version="1.0.1"/>
+    <affects base="1.0.1" version="1.0.1a"/>
+    <affects base="1.0.1" version="1.0.1b"/>
+    <affects base="1.0.1" version="1.0.1c"/>
+    <affects base="1.0.1" version="1.0.1d"/>
+    <affects base="1.0.1" version="1.0.1e"/>
+    <affects base="1.0.1" version="1.0.1f"/>
+    <affects base="1.0.1" version="1.0.1g"/>
+    <fixed base="1.0.1" version="1.0.1h" date="20140605"/>
+    <fixed base="1.0.0" version="1.0.0m" date="20140605"/>
+    <fixed base="0.9.8" version="0.9.8za" date="20140605"/>
+    <description>
+      This vulnerability does not affect current versions of OpenSSL. It
+      existed in previous OpenSSL versions and was fixed in June 2014.
+
+      If a DTLS peer receives application data between the ChangeCipherSpec
+      and Finished messages, buffering of such data may cause an invalid
+      free, resulting in a segmentation fault or potentially, memory
+      corruption.
+    </description>
+    <advisory url="http://www.openssl.org/news/secadv_20150611.txt"/>
+    <reported source="Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google)"/>
+  </issue>
   <issue public="20150319">
     <impact severity="High"/>
     <cve name="2015-0291"/>


More information about the openssl-commits mailing list