[openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Tue Sep 10 09:53:51 UTC 2019
The branch OpenSSL_1_1_0-stable has been updated
via d38234550ec4cdf10048dd26539d629cca7d6bcf (commit)
from 78617373f2af1b735e66501a799969248251c54b (commit)
- Log -----------------------------------------------------------------
commit d38234550ec4cdf10048dd26539d629cca7d6bcf
Author: Matt Caswell <matt at openssl.org>
Date: Tue Sep 10 10:26:07 2019 +0100
Update CHANGES and NEWS for the new release
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9842)
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 12 ++++++++++++
NEWS | 8 +++++++-
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/CHANGES b/CHANGES
index 3277a0dbd4..b4400d20cc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,18 @@
Changes between 1.1.0k and 1.1.0l [xx XXX xxxx]
+ *) Fixed a padding oracle in PKCS7_decrypt() and CMS_decrypt(). In situations
+ where an attacker receives automated notification of the success or failure
+ of a decryption attempt an attacker, after sending a very large number of
+ messages to be decrypted, can recover a CMS/PKCS7 transported encryption
+ key or decrypt any RSA encrypted message that was encrypted with the public
+ RSA key, using a Bleichenbacher padding oracle attack. Applications are not
+ affected if they use a certificate together with the private RSA key to the
+ CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info
+ to decrypt.
+ (CVE-2019-1563)
+ [Bernd Edlinger]
+
*) For built-in EC curves, ensure an EC_GROUP built from the curve name is
used even when parsing explicit parameters, when loading a serialized key
or calling `EC_GROUP_new_from_ecpkparameters()`/
diff --git a/NEWS b/NEWS
index a27090521b..3d6d5a6f23 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,13 @@
Major changes between OpenSSL 1.1.0k and OpenSSL 1.1.0l [under development]
- o
+ o Fixed a padding oracle in PKCS7_decrypt() and CMS_decrypt()
+ (CVE-2019-1563)
+ o For built-in EC curves, ensure an EC_GROUP built from the curve name is
+ used even when parsing explicit parameters
+ o Compute ECC cofactors if not provided during EC_GROUP construction
+ (CVE-2019-1547)
+ o Use Windows installation paths in the mingw builds (CVE-2019-1552)
Major changes between OpenSSL 1.1.0j and OpenSSL 1.1.0k [28 May 2019]
More information about the openssl-commits
mailing list