Fix for "Record of death" vulnerability CVE-2010-0740.
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010), and further harmonize this version of CHANGES with the versions in the current branches.
This commit is contained in:
Bodo Möller
parent
f2e8488b85
commit
3e8b6485b3
2 changed files with 20 additions and 11 deletions
25
CHANGES
25
CHANGES
|
|
@ -99,7 +99,7 @@
|
|||
whose return value is often ignored.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 0.9.8m and 1.0.0 [25 Feb 2010]
|
||||
Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]
|
||||
|
||||
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
|
||||
context. The operation can be customised via the ctrl mechanism in
|
||||
|
|
@ -118,10 +118,6 @@
|
|||
it from client hello again. Don't allow server to change algorithm.
|
||||
[Steve Henson]
|
||||
|
||||
*) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
|
||||
change when encrypting or decrypting.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Add load_crls() function to apps tidying load_certs() too. Add option
|
||||
to verify utility to allow additional CRLs to be included.
|
||||
[Steve Henson]
|
||||
|
|
@ -944,13 +940,22 @@
|
|||
*) Change 'Configure' script to enable Camellia by default.
|
||||
[NTT]
|
||||
|
||||
Changes between 0.9.8m and 0.9.8n [xx XXX xxxx]
|
||||
|
||||
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
|
||||
|
||||
*) When rejecting SSL/TLS records due to an incorrect version number, never
|
||||
update s->server with a new major version number. As of
|
||||
- OpenSSL 0.9.8m if 'short' is a 16-bit type,
|
||||
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
|
||||
the previous behavior could result in a read attempt at NULL when
|
||||
receiving specific incorrect SSL/TLS records once record payload
|
||||
protection is active. (CVE-2010-####)
|
||||
[Bodo Moeller, Adam Langley]
|
||||
|
||||
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
|
||||
could be crashed if the relevant tables were not present (e.g. chrooted).
|
||||
[Tomas Hoger <thoger@redhat.com>]
|
||||
|
||||
Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
|
||||
Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
|
||||
|
||||
*) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
|
||||
[Martin Olsson, Neel Mehta]
|
||||
|
|
@ -986,6 +991,10 @@
|
|||
CVE-2009-4355.
|
||||
[Steve Henson]
|
||||
|
||||
*) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
|
||||
change when encrypting or decrypting.
|
||||
[Bodo Moeller]
|
||||
|
||||
*) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
|
||||
connect and renegotiate with servers which do not support RI.
|
||||
Until RI is more widely deployed this option is enabled by default.
|
||||
|
|
|
|||
|
|
@ -337,9 +337,9 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
|
|||
if (version != s->version)
|
||||
{
|
||||
SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
|
||||
/* Send back error using their
|
||||
* version number :-) */
|
||||
s->version=version;
|
||||
if ((s->version & 0xFF00) == (version & 0xFF00))
|
||||
/* Send back error using their minor version number :-) */
|
||||
s->version = (unsigned short)version;
|
||||
al=SSL_AD_PROTOCOL_VERSION;
|
||||
goto f_err;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue