ELSA-2015-2617

Описание

[1.0.1e-51.1]

• fix CVE-2015-3194 - certificate verify crash with missing PSS parameter
• fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
• fix CVE-2015-3196 - race condition when handling PSK identity hint

[1.0.1e-51]

• fix the CVE-2015-1791 fix (broken server side renegotiation)

[1.0.1e-50]

• improved fix for CVE-2015-1791
• add missing parts of CVE-2015-0209 fix for corectness although unexploitable

[1.0.1e-49]

• fix CVE-2014-8176 - invalid free in DTLS buffering code
• fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time
• fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent
• fix CVE-2015-1791 - race condition handling NewSessionTicket
• fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function

[1.0.1e-48]

• fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on read in multithreaded applications

[1.0.1e-47]

• fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future)

[1.0.1e-46]

• drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field)

[1.0.1e-45]

• update fix for CVE-2015-0287 to what was released upstream

[1.0.1e-44]

• fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
• fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
• fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
• fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference
• fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
• fix CVE-2015-0292 - integer underflow in base64 decoder
• fix CVE-2015-0293 - triggerable assert in SSLv2 server

[1.0.1e-43]

• fix broken error detection when unwrapping unpadded key

[1.0.1e-42.1]

• fix the RFC 5649 for key material that does not need padding