From 6e4929fcdb30eb5842b5df27daec38f2de5a258b Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 6 Aug 2014 21:22:27 +0100 Subject: [PATCH] Updates to CHANGES and NEWS Reviewed-by: Kurt Roeckx --- CHANGES | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ NEWS | 7 ++++++- 2 files changed, 55 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 8d590ed3a7..a2da232e63 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,55 @@ Changes between 1.0.0m and 1.0.0n [xx XXX xxxx] + *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject + to a denial of service attack. A malicious server can crash the client + with a null pointer dereference (read) by specifying an anonymous (EC)DH + ciphersuite and sending carefully crafted handshake messages. + + Thanks to Felix Gröbert (Google) for discovering and researching this + issue. + (CVE-2014-3510) + [Emilia Käsper] + + *) By sending carefully crafted DTLS packets an attacker could cause openssl + to leak memory. This can be exploited through a Denial of Service attack. + Thanks to Adam Langley for discovering and researching this issue. + (CVE-2014-3507) + [Adam Langley] + + *) An attacker can force openssl to consume large amounts of memory whilst + processing DTLS handshake messages. This can be exploited through a + Denial of Service attack. + Thanks to Adam Langley for discovering and researching this issue. + (CVE-2014-3506) + [Adam Langley] + + *) An attacker can force an error condition which causes openssl to crash + whilst processing DTLS packets due to memory being freed twice. This + can be exploited through a Denial of Service attack. + Thanks to Adam Langley and Wan-Teh Chang for discovering and researching + this issue. + (CVE-2014-3505) + [Adam Langley] + + *) If a multithreaded client connects to a malicious server using a resumed + session and the server sends an ec point format extension it could write + up to 255 bytes to freed memory. + + Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this + issue. + (CVE-2014-3509) + [Gabor Tyukasz] + + *) A flaw in OBJ_obj2txt may cause pretty printing functions such as + X509_name_oneline, X509_name_print_ex et al. to leak some information + from the stack. Applications may be affected if they echo pretty printing + output to the attacker. + + Thanks to Ivan Fratric (Google) for discovering this issue. + (CVE-2014-3508) + [Emilia Käsper, and Steve Henson] + *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.) for corner cases. (Certain input points at infinity could lead to bogus results, with non-infinity inputs mapped to infinity too.) diff --git a/NEWS b/NEWS index 2085e3a607..f363c03989 100644 --- a/NEWS +++ b/NEWS @@ -7,7 +7,12 @@ Major changes between OpenSSL 1.0.0m and OpenSSL 1.0.0n [under development] - o + o Fix for CVE-2014-3510 + o Fix for CVE-2014-3507 + o Fix for CVE-2014-3506 + o Fix for CVE-2014-3505 + o Fix for CVE-2014-3509 + o Fix for CVE-2014-3508 Known issues in OpenSSL 1.0.0m: -- 2.25.1