[web] master update

Matt Caswell matt at openssl.org
Tue Dec 8 14:45:43 UTC 2020 

The branch master has been updated
       via  0689c523b599d89f0ce5caedab4f7d66bee1efb6 (commit)
      from  f0a6320b5394fb6be437d7ea800aa75bb9eabbbe (commit)


- Log -----------------------------------------------------------------
commit 0689c523b599d89f0ce5caedab4f7d66bee1efb6
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Dec 8 13:45:19 2020 +0000

    Commits for new releases
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 news/newsflash.txt       |  1 +
 news/secadv/20201208.txt | 73 ++++++++++++++++++++++++++++++++++++++++++
 news/vulnerabilities.xml | 82 +++++++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 155 insertions(+), 1 deletion(-)
 create mode 100644 news/secadv/20201208.txt

diff --git a/news/newsflash.txt b/news/newsflash.txt
index c945172..6b39413 100644
--- a/news/newsflash.txt
+++ b/news/newsflash.txt
@@ -5,6 +5,7 @@
 # headings.  URL paths must all be absolute.
 Date: Item
 
+08-Dec-2020: OpenSSL 1.1.1i is now available, including bug and security fixes
 26-Nov-2020: Alpha 9 of OpenSSL 3.0 is now available: please download and test it
 05-Nov-2020: Alpha 8 of OpenSSL 3.0 is now available: please download and test it
 21-Oct-2020: New Blog post: <a href="/blog/blog/2020/10/20/OpenSSL3.0Alpha7/">OpenSSL 3.0 Alpha7 Release</a>
diff --git a/news/secadv/20201208.txt b/news/secadv/20201208.txt
new file mode 100644
index 0000000..bda8317
--- /dev/null
+++ b/news/secadv/20201208.txt
@@ -0,0 +1,73 @@
+OpenSSL Security Advisory [08 December 2020]
+============================================
+
+EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
+======================================================
+
+Severity: High
+
+The X.509 GeneralName type is a generic type for representing different types
+of names. One of those name types is known as EDIPartyName. OpenSSL provides a
+function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME
+to see if they are equal or not. This function behaves incorrectly when both
+GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash
+may occur leading to a possible denial of service attack.
+
+OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes:
+1) Comparing CRL distribution point names between an available CRL and a CRL
+   distribution point embedded in an X509 certificate
+2) When verifying that a timestamp response token signer matches the timestamp
+   authority name (exposed via the API functions TS_RESP_verify_response and
+   TS_RESP_verify_token)
+
+If an attacker can control both items being compared then that attacker could
+trigger a crash. For example if the attacker can trick a client or server into
+checking a malicious certificate against a malicious CRL then this may occur.
+Note that some applications automatically download CRLs based on a URL embedded
+in a certificate. This checking happens prior to the signatures on the
+certificate and CRL being verified. OpenSSL's s_server, s_client and verify
+tools have support for the "-crl_download" option which implements automatic
+CRL downloading and this attack has been demonstrated to work against those
+tools.
+
+Note that an unrelated bug means that affected versions of OpenSSL cannot parse
+or construct correct encodings of EDIPARTYNAME. However it is possible to
+construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence
+trigger this attack.
+
+All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL
+releases are out of support and have not been checked.
+
+OpenSSL 1.1.1 users should upgrade to 1.1.1i.
+
+OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium
+support customers of OpenSSL 1.0.2 should upgrade to 1.0.2x. Other users should
+upgrade to OpenSSL 1.1.1i.
+
+This issue was reported to OpenSSL on 9th November 2020 by David Benjamin
+(Google). Initial analysis was performed by David Benjamin with additional
+analysis by Matt Caswell (OpenSSL). The fix was developed by Matt Caswell.
+
+Note
+====
+
+OpenSSL 1.0.2 is out of support and no longer receiving public updates. Extended
+support is available for premium support customers:
+https://www.openssl.org/support/contracts.html
+
+OpenSSL 1.1.0 is out of support and no longer receiving updates of any kind.
+The impact of this issue on OpenSSL 1.1.0 has not been analysed.
+
+Users of these versions should upgrade to OpenSSL 1.1.1.
+
+References
+==========
+
+URL for this Security Advisory:
+https://www.openssl.org/news/secadv/20201208.txt
+
+Note: the online version of the advisory may be updated with additional details
+over time.
+
+For details of OpenSSL severity classifications please see:
+https://www.openssl.org/policies/secpolicy.html
diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index 9b7dcb6..93543ac 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -7,7 +7,87 @@
 
 <!-- The updated attribute should be the same as the first public issue,
      unless an old entry was updated. -->
-<security updated="20200909">
+<security updated="20201208">
+  <issue public="20201208">
+    <impact severity="High"/>
+    <cve name="2020-1971"/>
+    <affects base="1.1.1" version="1.1.1"/>
+    <affects base="1.1.1" version="1.1.1a"/>
+    <affects base="1.1.1" version="1.1.1b"/>
+    <affects base="1.1.1" version="1.1.1c"/>
+    <affects base="1.1.1" version="1.1.1d"/>
+    <affects base="1.1.1" version="1.1.1e"/>
+    <affects base="1.1.1" version="1.1.1f"/>
+    <affects base="1.1.1" version="1.1.1g"/>
+    <affects base="1.1.1" version="1.1.1h"/>
+    <affects base="1.0.2" version="1.0.2"/>
+    <affects base="1.0.2" version="1.0.2a"/>
+    <affects base="1.0.2" version="1.0.2b"/>
+    <affects base="1.0.2" version="1.0.2c"/>
+    <affects base="1.0.2" version="1.0.2d"/>
+    <affects base="1.0.2" version="1.0.2e"/>
+    <affects base="1.0.2" version="1.0.2f"/>
+    <affects base="1.0.2" version="1.0.2g"/>
+    <affects base="1.0.2" version="1.0.2h"/>
+    <affects base="1.0.2" version="1.0.2i"/>
+    <affects base="1.0.2" version="1.0.2j"/>
+    <affects base="1.0.2" version="1.0.2k"/>
+    <affects base="1.0.2" version="1.0.2l"/>
+    <affects base="1.0.2" version="1.0.2m"/>
+    <affects base="1.0.2" version="1.0.2n"/>
+    <affects base="1.0.2" version="1.0.2o"/>
+    <affects base="1.0.2" version="1.0.2p"/>
+    <affects base="1.0.2" version="1.0.2q"/>
+    <affects base="1.0.2" version="1.0.2r"/>
+    <affects base="1.0.2" version="1.0.2s"/>
+    <affects base="1.0.2" version="1.0.2t"/>
+    <affects base="1.0.2" version="1.0.2u"/>
+    <affects base="1.0.2" version="1.0.2v"/>
+    <affects base="1.0.2" version="1.0.2w"/>
+    <fixed base="1.1.1" version="1.1.1i" date="20201208">
+      <git hash="f960d81215ebf3f65e03d4d5d857fb9b666d6920"/>
+    </fixed>
+    <fixed base="1.0.2" version="1.0.2x" date="20201208">
+      <git hash="2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e"/>
+    </fixed>
+    <problemtype>NULL pointer dereference</problemtype>
+    <title>EDIPARTYNAME NULL pointer dereference</title>
+    <description>
+The X.509 GeneralName type is a generic type for representing different types
+of names. One of those name types is known as EDIPartyName. OpenSSL provides a
+function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME
+to see if they are equal or not. This function behaves incorrectly when both
+GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash
+may occur leading to a possible denial of service attack.
+
+OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes:
+1) Comparing CRL distribution point names between an available CRL and a CRL
+   distribution point embedded in an X509 certificate
+2) When verifying that a timestamp response token signer matches the timestamp
+   authority name (exposed via the API functions TS_RESP_verify_response and
+   TS_RESP_verify_token)
+
+If an attacker can control both items being compared then that attacker could
+trigger a crash. For example if the attacker can trick a client or server into
+checking a malicious certificate against a malicious CRL then this may occur.
+Note that some applications automatically download CRLs based on a URL embedded
+in a certificate. This checking happens prior to the signatures on the
+certificate and CRL being verified. OpenSSL's s_server, s_client and verify
+tools have support for the "-crl_download" option which implements automatic
+CRL downloading and this attack has been demonstrated to work against those
+tools.
+
+Note that an unrelated bug means that affected versions of OpenSSL cannot parse
+or construct correct encodings of EDIPARTYNAME. However it is possible to
+construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence
+trigger this attack.
+
+All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL
+releases are out of support and have not been checked.
+    </description>
+    <advisory url="/news/secadv/20201208.txt"/>
+    <reported source="David Benjamin (Google)"/>
+  </issue>
   <issue public="20200909">
     <impact severity="Low"/>
     <cve name="2020-1968"/>

More information about the openssl-commits mailing list