From 6190960c263af2533cba8660580b71849ad6699b Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 2 Nov 2017 11:23:17 +0000 Subject: [PATCH] Update CHANGES and NEWS for new release Reviewed-by: Andy Polyakov --- CHANGES | 32 ++++++++++++++++++++++++++++++++ NEWS | 3 ++- 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index b237273348..17969d1f85 100644 --- a/CHANGES +++ b/CHANGES @@ -9,9 +9,41 @@ Changes between 1.1.0f and 1.1.0g [xx XXX xxxx] + *) bn_sqrx8x_internal carry bug on x86_64 + + There is a carry propagating bug in the x86_64 Montgomery squaring + procedure. No EC algorithms are affected. Analysis suggests that attacks + against RSA and DSA as a result of this defect would be very difficult to + perform and are not believed likely. Attacks against DH are considered just + feasible (although very difficult) because most of the work necessary to + deduce information about a private key may be performed offline. The amount + of resources required for such an attack would be very significant and + likely only accessible to a limited number of attackers. An attacker would + additionally need online access to an unpatched system using the target + private key in a scenario with persistent DH parameters and a private + key that is shared between multiple clients. + + This only affects processors that support the BMI1, BMI2 and ADX extensions + like Intel Broadwell (5th generation) and later or AMD Ryzen. + + This issue was reported to OpenSSL by the OSS-Fuzz project. + (CVE-2017-3736) + [Andy Polyakov] + + *) Malformed X.509 IPAddressFamily could cause OOB read + + If an X.509 certificate has a malformed IPAddressFamily extension, + OpenSSL could do a one-byte buffer overread. The most likely result + would be an erroneous display of the certificate in text format. + + This issue was reported to OpenSSL by the OSS-Fuzz project. + (CVE-2017-3735) + [Rich Salz] + *) Ignore the '-named_curve auto' value for compatibility of applications with OpenSSL 1.0.2. [Tomas Mraz ] + *) Support for SSL_OP_NO_ENCRYPT_THEN_MAC in SSL_CONF_cmd. [Emilia Käsper] diff --git a/NEWS b/NEWS index 0332a0c3c3..72b0bc649e 100644 --- a/NEWS +++ b/NEWS @@ -7,7 +7,8 @@ Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [under development] - o + o bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) + o Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017] -- 2.25.1