[openssl] OpenSSL_1_1_0-stable update

Matt Caswell matt at openssl.org
Tue Sep 10 11:09:21 UTC 2019


The branch OpenSSL_1_1_0-stable has been updated
       via  68dc4faeb395fb66448e310db6279e47dd879d23 (commit)
      from  631f94db0065c78181ca9ba5546ebc8bb3884b97 (commit)


- Log -----------------------------------------------------------------
commit 68dc4faeb395fb66448e310db6279e47dd879d23
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Sep 10 11:55:41 2019 +0100

    Remove duplicate CHANGES entry (1.1.0)
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/9845)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES | 13 +------------
 NEWS    |  2 +-
 2 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/CHANGES b/CHANGES
index b12cf3ae07..4f3e51a0b0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,18 +9,6 @@
 
  Changes between 1.1.0k and 1.1.0l [xx XXX xxxx]
 
-  *) Fixed a padding oracle in PKCS7_decrypt() and CMS_decrypt(). In situations
-     where an attacker receives automated notification of the success or failure
-     of a decryption attempt an attacker, after sending a very large number of
-     messages to be decrypted, can recover a CMS/PKCS7 transported encryption
-     key or decrypt any RSA encrypted message that was encrypted with the public
-     RSA key, using a Bleichenbacher padding oracle attack. Applications are not
-     affected if they use a certificate together with the private RSA key to the
-     CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info
-     to decrypt.
-     (CVE-2019-1563)
-     [Bernd Edlinger]
-
   *) For built-in EC curves, ensure an EC_GROUP built from the curve name is
      used even when parsing explicit parameters, when loading a serialized key
      or calling `EC_GROUP_new_from_ecpkparameters()`/
@@ -51,6 +39,7 @@
      certifiate is not given and all recipientInfo are tried out.
      The old behaviour can be re-enabled in the CMS code by setting the
      CMS_DEBUG_DECRYPT flag.
+     (CVE-2019-1563)
      [Bernd Edlinger]
 
   *) Use Windows installation paths in the mingw builds
diff --git a/NEWS b/NEWS
index 3d6d5a6f23..6218a9fc1b 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,7 @@
 
   Major changes between OpenSSL 1.1.0k and OpenSSL 1.1.0l [under development]
 
-      o Fixed a padding oracle in PKCS7_decrypt() and CMS_decrypt()
+      o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
         (CVE-2019-1563)
       o For built-in EC curves, ensure an EC_GROUP built from the curve name is
         used even when parsing explicit parameters


More information about the openssl-commits mailing list