[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Thu Nov 2 14:55:12 UTC 2017
The branch OpenSSL_1_0_2-stable has been updated
via 95aec441c0a8d4caa4590f9ba2827a131134e8d1 (commit)
via 8b1549a153a62e9878327d05aa3b6622b416ec10 (commit)
via c7a906bb6aa2dff81c44832f576d7ecde7fa9f70 (commit)
via 64c46a982288b734a0e22156fdea735ff9b6e3e3 (commit)
via 38d600147331d36e74174ebbd4008b63188b321b (commit)
from 23f7e974d59a576ad7d8cfd9f7ac957a883e361f (commit)
- Log -----------------------------------------------------------------
commit 95aec441c0a8d4caa4590f9ba2827a131134e8d1
Author: Matt Caswell <matt at openssl.org>
Date: Thu Nov 2 14:34:50 2017 +0000
Prepare for 1.0.2n-dev
Reviewed-by: Andy Polyakov <appro at openssl.org>
commit 8b1549a153a62e9878327d05aa3b6622b416ec10
Author: Matt Caswell <matt at openssl.org>
Date: Thu Nov 2 14:33:44 2017 +0000
Prepare for 1.0.2m release
Reviewed-by: Andy Polyakov <appro at openssl.org>
commit c7a906bb6aa2dff81c44832f576d7ecde7fa9f70
Author: Matt Caswell <matt at openssl.org>
Date: Thu Nov 2 14:33:44 2017 +0000
make update
Reviewed-by: Andy Polyakov <appro at openssl.org>
commit 64c46a982288b734a0e22156fdea735ff9b6e3e3
Author: Matt Caswell <matt at openssl.org>
Date: Thu Nov 2 11:23:17 2017 +0000
Update CHANGES and NEWS for new release
Reviewed-by: Andy Polyakov <appro at openssl.org>
commit 38d600147331d36e74174ebbd4008b63188b321b
Author: Andy Polyakov <appro at openssl.org>
Date: Thu Aug 17 21:08:57 2017 +0200
bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal.
Credit to OSS-Fuzz for finding this.
CVE-2017-3736
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 35 ++++++++++++++++++++++++++++++++++-
NEWS | 7 ++++++-
README | 2 +-
crypto/asn1/Makefile | 4 ++--
crypto/bn/asm/x86_64-mont5.pl | 12 ++++++++++--
crypto/dh/Makefile | 2 +-
crypto/opensslv.h | 6 +++---
openssl.spec | 2 +-
8 files changed, 58 insertions(+), 12 deletions(-)
diff --git a/CHANGES b/CHANGES
index ff430c7..7a2e91b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,10 +7,43 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
- Changes between 1.0.2l and 1.0.2m [xx XXX xxxx]
+ Changes between 1.0.2m and 1.0.2n [xx XXX xxxx]
*)
+ Changes between 1.0.2l and 1.0.2m [2 Nov 2017]
+
+ *) bn_sqrx8x_internal carry bug on x86_64
+
+ There is a carry propagating bug in the x86_64 Montgomery squaring
+ procedure. No EC algorithms are affected. Analysis suggests that attacks
+ against RSA and DSA as a result of this defect would be very difficult to
+ perform and are not believed likely. Attacks against DH are considered just
+ feasible (although very difficult) because most of the work necessary to
+ deduce information about a private key may be performed offline. The amount
+ of resources required for such an attack would be very significant and
+ likely only accessible to a limited number of attackers. An attacker would
+ additionally need online access to an unpatched system using the target
+ private key in a scenario with persistent DH parameters and a private
+ key that is shared between multiple clients.
+
+ This only affects processors that support the BMI1, BMI2 and ADX extensions
+ like Intel Broadwell (5th generation) and later or AMD Ryzen.
+
+ This issue was reported to OpenSSL by the OSS-Fuzz project.
+ (CVE-2017-3736)
+ [Andy Polyakov]
+
+ *) Malformed X.509 IPAddressFamily could cause OOB read
+
+ If an X.509 certificate has a malformed IPAddressFamily extension,
+ OpenSSL could do a one-byte buffer overread. The most likely result
+ would be an erroneous display of the certificate in text format.
+
+ This issue was reported to OpenSSL by the OSS-Fuzz project.
+ (CVE-2017-3735)
+ [Rich Salz]
+
Changes between 1.0.2k and 1.0.2l [25 May 2017]
*) Have 'config' recognise 64-bit mingw and choose 'mingw64' as the target
diff --git a/NEWS b/NEWS
index 2d865f2..4cb7db2 100644
--- a/NEWS
+++ b/NEWS
@@ -5,10 +5,15 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [under development]
+ Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [under development]
o
+ Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [2 Nov 2017]
+
+ o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
+ o Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
+
Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017]
o config now recognises 64-bit mingw and chooses mingw64 instead of mingw
diff --git a/README b/README
index a0a9e6f..ce3c001 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
- OpenSSL 1.0.2m-dev
+ OpenSSL 1.0.2n-dev
Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/crypto/asn1/Makefile b/crypto/asn1/Makefile
index 330fe81..fb3140c 100644
--- a/crypto/asn1/Makefile
+++ b/crypto/asn1/Makefile
@@ -680,7 +680,7 @@ tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
+tasn_fre.o: ../../include/openssl/symhacks.h asn1_int.h tasn_fre.c
tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -688,7 +688,7 @@ tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
+tasn_new.o: ../../include/openssl/symhacks.h asn1_int.h tasn_new.c
tasn_prn.o: ../../e_os.h ../../include/openssl/asn1.h
tasn_prn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
tasn_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index 3bb0cdf..42178e4 100755
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -3090,11 +3090,19 @@ $code.=<<___;
.align 32
.Lsqrx8x_break:
- sub 16+8(%rsp),%r8 # consume last carry
+ xor $zero,$zero
+ sub 16+8(%rsp),%rbx # mov 16(%rsp),%cf
+ adcx $zero,%r8
mov 24+8(%rsp),$carry # initial $tptr, borrow $carry
+ adcx $zero,%r9
mov 0*8($aptr),%rdx # a[8], modulo-scheduled
- xor %ebp,%ebp # xor $zero,$zero
+ adc \$0,%r10
mov %r8,0*8($tptr)
+ adc \$0,%r11
+ adc \$0,%r12
+ adc \$0,%r13
+ adc \$0,%r14
+ adc \$0,%r15
cmp $carry,$tptr # cf=0, of=0
je .Lsqrx8x_outer_loop
diff --git a/crypto/dh/Makefile b/crypto/dh/Makefile
index 46fa5ac..cc366ec 100644
--- a/crypto/dh/Makefile
+++ b/crypto/dh/Makefile
@@ -134,7 +134,7 @@ dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
dh_gen.o: ../cryptlib.h dh_gen.c
-dh_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_kdf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
dh_kdf.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
dh_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
dh_kdf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 2ea34cc..bc9e86c 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x100020d0L
+# define OPENSSL_VERSION_NUMBER 0x100020e0L
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2m-fips-dev xx XXX xxxx"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n-fips-dev xx XXX xxxx"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2m-dev xx XXX xxxx"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n-dev xx XXX xxxx"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/openssl.spec b/openssl.spec
index 18e23ac..b5cb87e 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -7,7 +7,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
-Version: 1.0.2m
+Version: 1.0.2n
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries
More information about the openssl-commits
mailing list