From: Matt Caswell Date: Wed, 6 Dec 2017 14:09:11 +0000 (+0000) Subject: Update CHANGES and NEWS for new release X-Git-Tag: OpenSSL_1_1_1-pre1~363 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f47270e10b7ec18e5719bb2260a7d6460af387ac;p=oweals%2Fopenssl.git Update CHANGES and NEWS for new release Reviewed-by: Rich Salz --- diff --git a/CHANGES b/CHANGES index 3ae8b4d0bd..cbae96d62e 100644 --- a/CHANGES +++ b/CHANGES @@ -190,6 +190,28 @@ issues, has been replaced to always returns NULL. [Rich Salz] + Changes between 1.1.0g and 1.1.0h [xx XXX xxxx] + + *) rsaz_1024_mul_avx2 overflow bug on x86_64 + + There is an overflow bug in the AVX2 Montgomery multiplication procedure + used in exponentiation with 1024-bit moduli. No EC algorithms are affected. + Analysis suggests that attacks against RSA and DSA as a result of this + defect would be very difficult to perform and are not believed likely. + Attacks against DH1024 are considered just feasible, because most of the + work necessary to deduce information about a private key may be performed + offline. The amount of resources required for such an attack would be + significant. However, for an attack on TLS to be meaningful, the server + would have to share the DH1024 private key among multiple clients, which is + no longer an option since CVE-2016-0701. + + This only affects processors that support the AVX2 but not ADX extensions + like Intel Haswell (4th generation). + + This issue was reported to OpenSSL by David Benjamin (Google). The issue + was originally found via the OSS-Fuzz project. + (CVE-2017-3738) + [Andy Polyakov] Changes between 1.1.0f and 1.1.0g [2 Nov 2017] diff --git a/NEWS b/NEWS index d102cb73bd..73a5a253b8 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,10 @@ o Add a STORE module (OSSL_STORE) o Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes + Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [under development] + + o rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) + Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017] o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)