From: Dr. Stephen Henson <steve@openssl.org>
Date: Thu, 5 Jun 2014 08:08:27 +0000 (+0100)
Subject: Update CHANGES and NEWS
X-Git-Tag: OpenSSL_0_9_8za~1
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=bb598893057e4b5fd789b36005b31dfd57011aa8;p=oweals%2Fopenssl.git

Update CHANGES and NEWS
---

diff --git a/CHANGES b/CHANGES
index 27c65984c1..0d90991cc2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,37 @@
 
  Changes between 0.9.8y and 0.9.8za [xx XXX xxxx]
 
+  *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
+     handshake can force the use of weak keying material in OpenSSL
+     SSL/TLS clients and servers.
+
+     Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
+     researching this issue. (CVE-2014-0224)
+     [KIKUCHI Masashi, Steve Henson]
+
+  *) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
+     OpenSSL DTLS client the code can be made to recurse eventually crashing
+     in a DoS attack.
+
+     Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
+     (CVE-2014-0221)
+     [Imre Rad, Steve Henson]
+
+  *) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
+     be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
+     client or server. This is potentially exploitable to run arbitrary
+     code on a vulnerable client or server.
+
+     Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
+     [Jüri Aedla, Steve Henson]
+
+  *) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
+     are subject to a denial of service attack.
+
+     Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
+     this issue. (CVE-2014-3470)
+     [Felix Gröbert, Ivan Fratric, Steve Henson]
+
   *) Fix for the attack described in the paper "Recovering OpenSSL
      ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
      by Yuval Yarom and Naomi Benger. Details can be obtained from:
diff --git a/NEWS b/NEWS
index 9a214b8988..37d54e4933 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,12 @@
 
   Major changes between OpenSSL 0.9.8y and OpenSSL 0.9.8za [under development]:
 
+      o Fix for CVE-2014-0224
+      o Fix for CVE-2014-0221
+      o Fix for CVE-2014-0195
+      o Fix for CVE-2014-3470
       o Fix for CVE-2014-0076
+      o Fix for CVE-2010-5298
       o Fix to TLS alert handling.
 
   Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]: