|
|
|
@ -86,7 +86,7 @@ OpenSSL 1.1.1 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020] |
|
|
|
|
|
|
|
* Fixed segmentation fault in SSL_check_chain() ([CVE-2020-1967][]) |
|
|
|
* Fixed segmentation fault in SSL_check_chain() ([CVE-2020-1967]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020] |
|
|
|
|
|
|
|
@ -95,28 +95,28 @@ OpenSSL 1.1.1 |
|
|
|
### Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020] |
|
|
|
|
|
|
|
* Fixed an overflow bug in the x64_64 Montgomery squaring procedure |
|
|
|
used in exponentiation with 512-bit moduli ([CVE-2019-1551][]) |
|
|
|
used in exponentiation with 512-bit moduli ([CVE-2019-1551]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019] |
|
|
|
|
|
|
|
* Fixed a fork protection issue ([CVE-2019-1549][]) |
|
|
|
* Fixed a fork protection issue ([CVE-2019-1549]) |
|
|
|
* Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey |
|
|
|
([CVE-2019-1563][]) |
|
|
|
([CVE-2019-1563]) |
|
|
|
* For built-in EC curves, ensure an EC_GROUP built from the curve name is |
|
|
|
used even when parsing explicit parameters |
|
|
|
* Compute ECC cofactors if not provided during EC_GROUP construction |
|
|
|
([CVE-2019-1547][]) |
|
|
|
([CVE-2019-1547]) |
|
|
|
* Early start up entropy quality from the DEVRANDOM seed source has been |
|
|
|
improved for older Linux systems |
|
|
|
* Correct the extended master secret constant on EBCDIC systems |
|
|
|
* Use Windows installation paths in the mingw builds ([CVE-2019-1552][]) |
|
|
|
* Use Windows installation paths in the mingw builds ([CVE-2019-1552]) |
|
|
|
* Changed DH_check to accept parameters with order q and 2q subgroups |
|
|
|
* Significantly reduce secure memory usage by the randomness pools |
|
|
|
* Revert the DEVRANDOM_WAIT feature for Linux systems |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019] |
|
|
|
|
|
|
|
* Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543][]) |
|
|
|
* Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.1a and OpenSSL 1.1.1b [26 Feb 2019] |
|
|
|
|
|
|
|
@ -127,8 +127,8 @@ OpenSSL 1.1.1 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018] |
|
|
|
|
|
|
|
* Timing vulnerability in DSA signature generation ([CVE-2018-0734][]) |
|
|
|
* Timing vulnerability in ECDSA signature generation ([CVE-2018-0735][]) |
|
|
|
* Timing vulnerability in DSA signature generation ([CVE-2018-0734]) |
|
|
|
* Timing vulnerability in ECDSA signature generation ([CVE-2018-0735]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018] |
|
|
|
|
|
|
|
@ -186,38 +186,38 @@ OpenSSL 1.1.0 |
|
|
|
### Major changes between OpenSSL 1.1.0k and OpenSSL 1.1.0l [10 Sep 2019] |
|
|
|
|
|
|
|
* Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey |
|
|
|
([CVE-2019-1563][]) |
|
|
|
([CVE-2019-1563]) |
|
|
|
* For built-in EC curves, ensure an EC_GROUP built from the curve name is |
|
|
|
used even when parsing explicit parameters |
|
|
|
* Compute ECC cofactors if not provided during EC_GROUP construction |
|
|
|
([CVE-2019-1547][]) |
|
|
|
* Use Windows installation paths in the mingw builds ([CVE-2019-1552][]) |
|
|
|
([CVE-2019-1547]) |
|
|
|
* Use Windows installation paths in the mingw builds ([CVE-2019-1552]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0j and OpenSSL 1.1.0k [28 May 2019] |
|
|
|
|
|
|
|
* Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543][]) |
|
|
|
* Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.0j [20 Nov 2018] |
|
|
|
|
|
|
|
* Timing vulnerability in DSA signature generation ([CVE-2018-0734][]) |
|
|
|
* Timing vulnerability in ECDSA signature generation ([CVE-2018-0735][]) |
|
|
|
* Timing vulnerability in DSA signature generation ([CVE-2018-0734]) |
|
|
|
* Timing vulnerability in ECDSA signature generation ([CVE-2018-0735]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [14 Aug 2018] |
|
|
|
|
|
|
|
* Client DoS due to large DH parameter ([CVE-2018-0732][]) |
|
|
|
* Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737][]) |
|
|
|
* Client DoS due to large DH parameter ([CVE-2018-0732]) |
|
|
|
* Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [27 Mar 2018] |
|
|
|
|
|
|
|
* Constructed ASN.1 types with a recursive definition could exceed the |
|
|
|
stack ([CVE-2018-0739][]) |
|
|
|
* Incorrect CRYPTO_memcmp on HP-UX PA-RISC ([CVE-2018-0733][]) |
|
|
|
* rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738][]) |
|
|
|
stack ([CVE-2018-0739]) |
|
|
|
* Incorrect CRYPTO_memcmp on HP-UX PA-RISC ([CVE-2018-0733]) |
|
|
|
* rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017] |
|
|
|
|
|
|
|
* bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736][]) |
|
|
|
* Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735][]) |
|
|
|
* bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736]) |
|
|
|
* Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017] |
|
|
|
|
|
|
|
@ -225,32 +225,32 @@ OpenSSL 1.1.0 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0d and OpenSSL 1.1.0e [16 Feb 2017] |
|
|
|
|
|
|
|
* Encrypt-Then-Mac renegotiation crash ([CVE-2017-3733][]) |
|
|
|
* Encrypt-Then-Mac renegotiation crash ([CVE-2017-3733]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017] |
|
|
|
|
|
|
|
* Truncated packet could crash via OOB read ([CVE-2017-3731][]) |
|
|
|
* Bad (EC)DHE parameters cause a client crash ([CVE-2017-3730][]) |
|
|
|
* BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732][]) |
|
|
|
* Truncated packet could crash via OOB read ([CVE-2017-3731]) |
|
|
|
* Bad (EC)DHE parameters cause a client crash ([CVE-2017-3730]) |
|
|
|
* BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016] |
|
|
|
|
|
|
|
* ChaCha20/Poly1305 heap-buffer-overflow ([CVE-2016-7054][]) |
|
|
|
* CMS Null dereference ([CVE-2016-7053][]) |
|
|
|
* Montgomery multiplication may produce incorrect results ([CVE-2016-7055][]) |
|
|
|
* ChaCha20/Poly1305 heap-buffer-overflow ([CVE-2016-7054]) |
|
|
|
* CMS Null dereference ([CVE-2016-7053]) |
|
|
|
* Montgomery multiplication may produce incorrect results ([CVE-2016-7055]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016] |
|
|
|
|
|
|
|
* Fix Use After Free for large message sizes ([CVE-2016-6309][]) |
|
|
|
* Fix Use After Free for large message sizes ([CVE-2016-6309]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016] |
|
|
|
|
|
|
|
* OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][]) |
|
|
|
* SSL_peek() hang on empty record ([CVE-2016-6305][]) |
|
|
|
* OCSP Status Request extension unbounded memory growth ([CVE-2016-6304]) |
|
|
|
* SSL_peek() hang on empty record ([CVE-2016-6305]) |
|
|
|
* Excessive allocation of memory in tls_get_message_header() |
|
|
|
([CVE-2016-6307][]) |
|
|
|
([CVE-2016-6307]) |
|
|
|
* Excessive allocation of memory in dtls1_preprocess_fragment() |
|
|
|
([CVE-2016-6308][]) |
|
|
|
([CVE-2016-6308]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016] |
|
|
|
|
|
|
|
@ -306,13 +306,13 @@ OpenSSL 1.0.2 |
|
|
|
### Major changes between OpenSSL 1.0.2s and OpenSSL 1.0.2t [10 Sep 2019] |
|
|
|
|
|
|
|
* Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey |
|
|
|
([CVE-2019-1563][]) |
|
|
|
([CVE-2019-1563]) |
|
|
|
* For built-in EC curves, ensure an EC_GROUP built from the curve name is |
|
|
|
used even when parsing explicit parameters |
|
|
|
* Compute ECC cofactors if not provided during EC_GROUP construction |
|
|
|
([CVE-2019-1547][]) |
|
|
|
([CVE-2019-1547]) |
|
|
|
* Document issue with installation paths in diverse Windows builds |
|
|
|
([CVE-2019-1552][]) |
|
|
|
([CVE-2019-1552]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2r and OpenSSL 1.0.2s [28 May 2019] |
|
|
|
|
|
|
|
@ -320,32 +320,32 @@ OpenSSL 1.0.2 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2q and OpenSSL 1.0.2r [26 Feb 2019] |
|
|
|
|
|
|
|
* 0-byte record padding oracle ([CVE-2019-1559][]) |
|
|
|
* 0-byte record padding oracle ([CVE-2019-1559]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2p and OpenSSL 1.0.2q [20 Nov 2018] |
|
|
|
|
|
|
|
* Microarchitecture timing vulnerability in ECC scalar multiplication ([CVE-2018-5407][]) |
|
|
|
* Timing vulnerability in DSA signature generation ([CVE-2018-0734][]) |
|
|
|
* Microarchitecture timing vulnerability in ECC scalar multiplication ([CVE-2018-5407]) |
|
|
|
* Timing vulnerability in DSA signature generation ([CVE-2018-0734]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2o and OpenSSL 1.0.2p [14 Aug 2018] |
|
|
|
|
|
|
|
* Client DoS due to large DH parameter ([CVE-2018-0732][]) |
|
|
|
* Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737][]) |
|
|
|
* Client DoS due to large DH parameter ([CVE-2018-0732]) |
|
|
|
* Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018] |
|
|
|
|
|
|
|
* Constructed ASN.1 types with a recursive definition could exceed the |
|
|
|
stack ([CVE-2018-0739][]) |
|
|
|
stack ([CVE-2018-0739]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017] |
|
|
|
|
|
|
|
* Read/write after SSL object in error state ([CVE-2017-3737][]) |
|
|
|
* rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738][]) |
|
|
|
* Read/write after SSL object in error state ([CVE-2017-3737]) |
|
|
|
* rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [2 Nov 2017] |
|
|
|
|
|
|
|
* bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736][]) |
|
|
|
* Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735][]) |
|
|
|
* bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736]) |
|
|
|
* Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017] |
|
|
|
|
|
|
|
@ -353,35 +353,35 @@ OpenSSL 1.0.2 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017] |
|
|
|
|
|
|
|
* Truncated packet could crash via OOB read ([CVE-2017-3731][]) |
|
|
|
* BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732][]) |
|
|
|
* Montgomery multiplication may produce incorrect results ([CVE-2016-7055][]) |
|
|
|
* Truncated packet could crash via OOB read ([CVE-2017-3731]) |
|
|
|
* BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732]) |
|
|
|
* Montgomery multiplication may produce incorrect results ([CVE-2016-7055]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016] |
|
|
|
|
|
|
|
* Missing CRL sanity check ([CVE-2016-7052][]) |
|
|
|
* Missing CRL sanity check ([CVE-2016-7052]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016] |
|
|
|
|
|
|
|
* OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][]) |
|
|
|
* SWEET32 Mitigation ([CVE-2016-2183][]) |
|
|
|
* OOB write in MDC2_Update() ([CVE-2016-6303][]) |
|
|
|
* Malformed SHA512 ticket DoS ([CVE-2016-6302][]) |
|
|
|
* OOB write in BN_bn2dec() ([CVE-2016-2182][]) |
|
|
|
* OOB read in TS_OBJ_print_bio() ([CVE-2016-2180][]) |
|
|
|
* Pointer arithmetic undefined behaviour ([CVE-2016-2177][]) |
|
|
|
* Constant time flag not preserved in DSA signing ([CVE-2016-2178][]) |
|
|
|
* DTLS buffered message DoS ([CVE-2016-2179][]) |
|
|
|
* DTLS replay protection DoS ([CVE-2016-2181][]) |
|
|
|
* Certificate message OOB reads ([CVE-2016-6306][]) |
|
|
|
* OCSP Status Request extension unbounded memory growth ([CVE-2016-6304]) |
|
|
|
* SWEET32 Mitigation ([CVE-2016-2183]) |
|
|
|
* OOB write in MDC2_Update() ([CVE-2016-6303]) |
|
|
|
* Malformed SHA512 ticket DoS ([CVE-2016-6302]) |
|
|
|
* OOB write in BN_bn2dec() ([CVE-2016-2182]) |
|
|
|
* OOB read in TS_OBJ_print_bio() ([CVE-2016-2180]) |
|
|
|
* Pointer arithmetic undefined behaviour ([CVE-2016-2177]) |
|
|
|
* Constant time flag not preserved in DSA signing ([CVE-2016-2178]) |
|
|
|
* DTLS buffered message DoS ([CVE-2016-2179]) |
|
|
|
* DTLS replay protection DoS ([CVE-2016-2181]) |
|
|
|
* Certificate message OOB reads ([CVE-2016-6306]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] |
|
|
|
|
|
|
|
* Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107][]) |
|
|
|
* Fix EVP_EncodeUpdate overflow ([CVE-2016-2105][]) |
|
|
|
* Fix EVP_EncryptUpdate overflow ([CVE-2016-2106][]) |
|
|
|
* Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109][]) |
|
|
|
* EBCDIC overread ([CVE-2016-2176][]) |
|
|
|
* Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107]) |
|
|
|
* Fix EVP_EncodeUpdate overflow ([CVE-2016-2105]) |
|
|
|
* Fix EVP_EncryptUpdate overflow ([CVE-2016-2106]) |
|
|
|
* Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109]) |
|
|
|
* EBCDIC overread ([CVE-2016-2176]) |
|
|
|
* Modify behavior of ALPN to invoke callback after SNI/servername |
|
|
|
callback, such that updates to the SSL_CTX affect ALPN. |
|
|
|
* Remove LOW from the DEFAULT cipher list. This removes singles DES from |
|
|
|
@ -392,33 +392,33 @@ OpenSSL 1.0.2 |
|
|
|
|
|
|
|
* Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. |
|
|
|
* Disable SSLv2 default build, default negotiation and weak ciphers |
|
|
|
([CVE-2016-0800][]) |
|
|
|
* Fix a double-free in DSA code ([CVE-2016-0705][]) |
|
|
|
([CVE-2016-0800]) |
|
|
|
* Fix a double-free in DSA code ([CVE-2016-0705]) |
|
|
|
* Disable SRP fake user seed to address a server memory leak |
|
|
|
([CVE-2016-0798][]) |
|
|
|
([CVE-2016-0798]) |
|
|
|
* Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption |
|
|
|
([CVE-2016-0797][]) |
|
|
|
* Fix memory issues in BIO_*printf functions ([CVE-2016-0799][]) |
|
|
|
* Fix side channel attack on modular exponentiation ([CVE-2016-0702][]) |
|
|
|
([CVE-2016-0797]) |
|
|
|
* Fix memory issues in BIO_*printf functions ([CVE-2016-0799]) |
|
|
|
* Fix side channel attack on modular exponentiation ([CVE-2016-0702]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016] |
|
|
|
|
|
|
|
* DH small subgroups ([CVE-2016-0701][]) |
|
|
|
* SSLv2 doesn't block disabled ciphers ([CVE-2015-3197][]) |
|
|
|
* DH small subgroups ([CVE-2016-0701]) |
|
|
|
* SSLv2 doesn't block disabled ciphers ([CVE-2015-3197]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] |
|
|
|
|
|
|
|
* BN_mod_exp may produce incorrect results on x86_64 ([CVE-2015-3193][]) |
|
|
|
* Certificate verify crash with missing PSS parameter ([CVE-2015-3194][]) |
|
|
|
* X509_ATTRIBUTE memory leak ([CVE-2015-3195][]) |
|
|
|
* BN_mod_exp may produce incorrect results on x86_64 ([CVE-2015-3193]) |
|
|
|
* Certificate verify crash with missing PSS parameter ([CVE-2015-3194]) |
|
|
|
* X509_ATTRIBUTE memory leak ([CVE-2015-3195]) |
|
|
|
* Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs |
|
|
|
* In DSA_generate_parameters_ex, if the provided seed is too short, |
|
|
|
return an error |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015] |
|
|
|
|
|
|
|
* Alternate chains certificate forgery ([CVE-2015-1793][]) |
|
|
|
* Race condition handling PSK identify hint ([CVE-2015-3196][]) |
|
|
|
* Alternate chains certificate forgery ([CVE-2015-1793]) |
|
|
|
* Race condition handling PSK identify hint ([CVE-2015-3196]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] |
|
|
|
|
|
|
|
@ -426,26 +426,26 @@ OpenSSL 1.0.2 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] |
|
|
|
|
|
|
|
* Malformed ECParameters causes infinite loop ([CVE-2015-1788][]) |
|
|
|
* Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][]) |
|
|
|
* PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][]) |
|
|
|
* CMS verify infinite loop with unknown hash function ([CVE-2015-1792][]) |
|
|
|
* Race condition handling NewSessionTicket ([CVE-2015-1791][]) |
|
|
|
* Malformed ECParameters causes infinite loop ([CVE-2015-1788]) |
|
|
|
* Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789]) |
|
|
|
* PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790]) |
|
|
|
* CMS verify infinite loop with unknown hash function ([CVE-2015-1792]) |
|
|
|
* Race condition handling NewSessionTicket ([CVE-2015-1791]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] |
|
|
|
|
|
|
|
* OpenSSL 1.0.2 ClientHello sigalgs DoS fix ([CVE-2015-0291][]) |
|
|
|
* Multiblock corrupted pointer fix ([CVE-2015-0290][]) |
|
|
|
* Segmentation fault in DTLSv1_listen fix ([CVE-2015-0207][]) |
|
|
|
* Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][]) |
|
|
|
* Segmentation fault for invalid PSS parameters fix ([CVE-2015-0208][]) |
|
|
|
* ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][]) |
|
|
|
* PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][]) |
|
|
|
* DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][]) |
|
|
|
* Empty CKE with client auth and DHE fix ([CVE-2015-1787][]) |
|
|
|
* Handshake with unseeded PRNG fix ([CVE-2015-0285][]) |
|
|
|
* Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][]) |
|
|
|
* X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][]) |
|
|
|
* OpenSSL 1.0.2 ClientHello sigalgs DoS fix ([CVE-2015-0291]) |
|
|
|
* Multiblock corrupted pointer fix ([CVE-2015-0290]) |
|
|
|
* Segmentation fault in DTLSv1_listen fix ([CVE-2015-0207]) |
|
|
|
* Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286]) |
|
|
|
* Segmentation fault for invalid PSS parameters fix ([CVE-2015-0208]) |
|
|
|
* ASN.1 structure reuse memory corruption fix ([CVE-2015-0287]) |
|
|
|
* PKCS7 NULL pointer dereferences fix ([CVE-2015-0289]) |
|
|
|
* DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293]) |
|
|
|
* Empty CKE with client auth and DHE fix ([CVE-2015-1787]) |
|
|
|
* Handshake with unseeded PRNG fix ([CVE-2015-0285]) |
|
|
|
* Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209]) |
|
|
|
* X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288]) |
|
|
|
* Removed the export ciphers from the DEFAULT ciphers |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015] |
|
|
|
@ -464,25 +464,25 @@ OpenSSL 1.0.1 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1t and OpenSSL 1.0.1u [22 Sep 2016] |
|
|
|
|
|
|
|
* OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][]) |
|
|
|
* SWEET32 Mitigation ([CVE-2016-2183][]) |
|
|
|
* OOB write in MDC2_Update() ([CVE-2016-6303][]) |
|
|
|
* Malformed SHA512 ticket DoS ([CVE-2016-6302][]) |
|
|
|
* OOB write in BN_bn2dec() ([CVE-2016-2182][]) |
|
|
|
* OOB read in TS_OBJ_print_bio() ([CVE-2016-2180][]) |
|
|
|
* Pointer arithmetic undefined behaviour ([CVE-2016-2177][]) |
|
|
|
* Constant time flag not preserved in DSA signing ([CVE-2016-2178][]) |
|
|
|
* DTLS buffered message DoS ([CVE-2016-2179][]) |
|
|
|
* DTLS replay protection DoS ([CVE-2016-2181][]) |
|
|
|
* Certificate message OOB reads ([CVE-2016-6306][]) |
|
|
|
* OCSP Status Request extension unbounded memory growth ([CVE-2016-6304]) |
|
|
|
* SWEET32 Mitigation ([CVE-2016-2183]) |
|
|
|
* OOB write in MDC2_Update() ([CVE-2016-6303]) |
|
|
|
* Malformed SHA512 ticket DoS ([CVE-2016-6302]) |
|
|
|
* OOB write in BN_bn2dec() ([CVE-2016-2182]) |
|
|
|
* OOB read in TS_OBJ_print_bio() ([CVE-2016-2180]) |
|
|
|
* Pointer arithmetic undefined behaviour ([CVE-2016-2177]) |
|
|
|
* Constant time flag not preserved in DSA signing ([CVE-2016-2178]) |
|
|
|
* DTLS buffered message DoS ([CVE-2016-2179]) |
|
|
|
* DTLS replay protection DoS ([CVE-2016-2181]) |
|
|
|
* Certificate message OOB reads ([CVE-2016-6306]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016] |
|
|
|
|
|
|
|
* Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107][]) |
|
|
|
* Fix EVP_EncodeUpdate overflow ([CVE-2016-2105][]) |
|
|
|
* Fix EVP_EncryptUpdate overflow ([CVE-2016-2106][]) |
|
|
|
* Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109][]) |
|
|
|
* EBCDIC overread ([CVE-2016-2176][]) |
|
|
|
* Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107]) |
|
|
|
* Fix EVP_EncodeUpdate overflow ([CVE-2016-2105]) |
|
|
|
* Fix EVP_EncryptUpdate overflow ([CVE-2016-2106]) |
|
|
|
* Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109]) |
|
|
|
* EBCDIC overread ([CVE-2016-2176]) |
|
|
|
* Modify behavior of ALPN to invoke callback after SNI/servername |
|
|
|
callback, such that updates to the SSL_CTX affect ALPN. |
|
|
|
* Remove LOW from the DEFAULT cipher list. This removes singles DES from |
|
|
|
@ -493,32 +493,32 @@ OpenSSL 1.0.1 |
|
|
|
|
|
|
|
* Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. |
|
|
|
* Disable SSLv2 default build, default negotiation and weak ciphers |
|
|
|
([CVE-2016-0800][]) |
|
|
|
* Fix a double-free in DSA code ([CVE-2016-0705][]) |
|
|
|
([CVE-2016-0800]) |
|
|
|
* Fix a double-free in DSA code ([CVE-2016-0705]) |
|
|
|
* Disable SRP fake user seed to address a server memory leak |
|
|
|
([CVE-2016-0798][]) |
|
|
|
([CVE-2016-0798]) |
|
|
|
* Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption |
|
|
|
([CVE-2016-0797][]) |
|
|
|
* Fix memory issues in BIO_*printf functions ([CVE-2016-0799][]) |
|
|
|
* Fix side channel attack on modular exponentiation ([CVE-2016-0702][]) |
|
|
|
([CVE-2016-0797]) |
|
|
|
* Fix memory issues in BIO_*printf functions ([CVE-2016-0799]) |
|
|
|
* Fix side channel attack on modular exponentiation ([CVE-2016-0702]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016] |
|
|
|
|
|
|
|
* Protection for DH small subgroup attacks |
|
|
|
* SSLv2 doesn't block disabled ciphers ([CVE-2015-3197][]) |
|
|
|
* SSLv2 doesn't block disabled ciphers ([CVE-2015-3197]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] |
|
|
|
|
|
|
|
* Certificate verify crash with missing PSS parameter ([CVE-2015-3194][]) |
|
|
|
* X509_ATTRIBUTE memory leak ([CVE-2015-3195][]) |
|
|
|
* Certificate verify crash with missing PSS parameter ([CVE-2015-3194]) |
|
|
|
* X509_ATTRIBUTE memory leak ([CVE-2015-3195]) |
|
|
|
* Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs |
|
|
|
* In DSA_generate_parameters_ex, if the provided seed is too short, |
|
|
|
return an error |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015] |
|
|
|
|
|
|
|
* Alternate chains certificate forgery ([CVE-2015-1793][]) |
|
|
|
* Race condition handling PSK identify hint ([CVE-2015-3196][]) |
|
|
|
* Alternate chains certificate forgery ([CVE-2015-1793]) |
|
|
|
* Race condition handling PSK identify hint ([CVE-2015-3196]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015] |
|
|
|
|
|
|
|
@ -526,20 +526,20 @@ OpenSSL 1.0.1 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015] |
|
|
|
|
|
|
|
* Malformed ECParameters causes infinite loop ([CVE-2015-1788][]) |
|
|
|
* Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][]) |
|
|
|
* PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][]) |
|
|
|
* CMS verify infinite loop with unknown hash function ([CVE-2015-1792][]) |
|
|
|
* Race condition handling NewSessionTicket ([CVE-2015-1791][]) |
|
|
|
* Malformed ECParameters causes infinite loop ([CVE-2015-1788]) |
|
|
|
* Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789]) |
|
|
|
* PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790]) |
|
|
|
* CMS verify infinite loop with unknown hash function ([CVE-2015-1792]) |
|
|
|
* Race condition handling NewSessionTicket ([CVE-2015-1791]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015] |
|
|
|
|
|
|
|
* Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][]) |
|
|
|
* ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][]) |
|
|
|
* PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][]) |
|
|
|
* DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][]) |
|
|
|
* Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][]) |
|
|
|
* X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][]) |
|
|
|
* Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286]) |
|
|
|
* ASN.1 structure reuse memory corruption fix ([CVE-2015-0287]) |
|
|
|
* PKCS7 NULL pointer dereferences fix ([CVE-2015-0289]) |
|
|
|
* DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293]) |
|
|
|
* Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209]) |
|
|
|
* X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288]) |
|
|
|
* Removed the export ciphers from the DEFAULT ciphers |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] |
|
|
|
@ -548,71 +548,71 @@ OpenSSL 1.0.1 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-3571][] |
|
|
|
* Fix for [CVE-2015-0206][] |
|
|
|
* Fix for [CVE-2014-3569][] |
|
|
|
* Fix for [CVE-2014-3572][] |
|
|
|
* Fix for [CVE-2015-0204][] |
|
|
|
* Fix for [CVE-2015-0205][] |
|
|
|
* Fix for [CVE-2014-8275][] |
|
|
|
* Fix for [CVE-2014-3570][] |
|
|
|
* Fix for [CVE-2014-3571] |
|
|
|
* Fix for [CVE-2015-0206] |
|
|
|
* Fix for [CVE-2014-3569] |
|
|
|
* Fix for [CVE-2014-3572] |
|
|
|
* Fix for [CVE-2015-0204] |
|
|
|
* Fix for [CVE-2015-0205] |
|
|
|
* Fix for [CVE-2014-8275] |
|
|
|
* Fix for [CVE-2014-3570] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-3513][] |
|
|
|
* Fix for [CVE-2014-3567][] |
|
|
|
* Mitigation for [CVE-2014-3566][] (SSL protocol vulnerability) |
|
|
|
* Fix for [CVE-2014-3568][] |
|
|
|
* Fix for [CVE-2014-3513] |
|
|
|
* Fix for [CVE-2014-3567] |
|
|
|
* Mitigation for [CVE-2014-3566] (SSL protocol vulnerability) |
|
|
|
* Fix for [CVE-2014-3568] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-3512][] |
|
|
|
* Fix for [CVE-2014-3511][] |
|
|
|
* Fix for [CVE-2014-3510][] |
|
|
|
* Fix for [CVE-2014-3507][] |
|
|
|
* Fix for [CVE-2014-3506][] |
|
|
|
* Fix for [CVE-2014-3505][] |
|
|
|
* Fix for [CVE-2014-3509][] |
|
|
|
* Fix for [CVE-2014-5139][] |
|
|
|
* Fix for [CVE-2014-3508][] |
|
|
|
* Fix for [CVE-2014-3512] |
|
|
|
* Fix for [CVE-2014-3511] |
|
|
|
* Fix for [CVE-2014-3510] |
|
|
|
* Fix for [CVE-2014-3507] |
|
|
|
* Fix for [CVE-2014-3506] |
|
|
|
* Fix for [CVE-2014-3505] |
|
|
|
* Fix for [CVE-2014-3509] |
|
|
|
* Fix for [CVE-2014-5139] |
|
|
|
* Fix for [CVE-2014-3508] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-0224][] |
|
|
|
* Fix for [CVE-2014-0221][] |
|
|
|
* Fix for [CVE-2014-0198][] |
|
|
|
* Fix for [CVE-2014-0195][] |
|
|
|
* Fix for [CVE-2014-3470][] |
|
|
|
* Fix for [CVE-2010-5298][] |
|
|
|
* Fix for [CVE-2014-0224] |
|
|
|
* Fix for [CVE-2014-0221] |
|
|
|
* Fix for [CVE-2014-0198] |
|
|
|
* Fix for [CVE-2014-0195] |
|
|
|
* Fix for [CVE-2014-3470] |
|
|
|
* Fix for [CVE-2010-5298] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-0160][] |
|
|
|
* Fix for [CVE-2014-0160] |
|
|
|
* Add TLS padding extension workaround for broken servers. |
|
|
|
* Fix for [CVE-2014-0076][] |
|
|
|
* Fix for [CVE-2014-0076] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] |
|
|
|
|
|
|
|
* Don't include gmt_unix_time in TLS server and client random values |
|
|
|
* Fix for TLS record tampering bug [CVE-2013-4353][] |
|
|
|
* Fix for TLS version checking bug [CVE-2013-6449][] |
|
|
|
* Fix for DTLS retransmission bug [CVE-2013-6450][] |
|
|
|
* Fix for TLS record tampering bug ([CVE-2013-4353]) |
|
|
|
* Fix for TLS version checking bug ([CVE-2013-6449]) |
|
|
|
* Fix for DTLS retransmission bug ([CVE-2013-6450]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013] |
|
|
|
|
|
|
|
* Corrected fix for [CVE-2013-0169][] |
|
|
|
* Corrected fix for ([CVE-2013-0169]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013] |
|
|
|
|
|
|
|
* Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. |
|
|
|
* Include the fips configuration module. |
|
|
|
* Fix OCSP bad key DoS attack [CVE-2013-0166][] |
|
|
|
* Fix for SSL/TLS/DTLS CBC plaintext recovery attack [CVE-2013-0169][] |
|
|
|
* Fix for TLS AESNI record handling flaw [CVE-2012-2686][] |
|
|
|
* Fix OCSP bad key DoS attack ([CVE-2013-0166]) |
|
|
|
* Fix for SSL/TLS/DTLS CBC plaintext recovery attack ([CVE-2013-0169]) |
|
|
|
* Fix for TLS AESNI record handling flaw ([CVE-2012-2686]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012] |
|
|
|
|
|
|
|
* Fix TLS/DTLS record length checking bug [CVE-2012-2333][] |
|
|
|
* Fix TLS/DTLS record length checking bug ([CVE-2012-2333]) |
|
|
|
* Don't attempt to use non-FIPS composite ciphers in FIPS mode. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012] |
|
|
|
@ -623,7 +623,7 @@ OpenSSL 1.0.1 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012] |
|
|
|
|
|
|
|
* Fix for ASN1 overflow bug [CVE-2012-2110][] |
|
|
|
* Fix for ASN1 overflow bug ([CVE-2012-2110]) |
|
|
|
* Workarounds for some servers that hang on long client hellos. |
|
|
|
* Fix SEGV in AES code. |
|
|
|
|
|
|
|
@ -645,25 +645,25 @@ OpenSSL 1.0.0 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0s and OpenSSL 1.0.0t [3 Dec 2015] |
|
|
|
|
|
|
|
* X509_ATTRIBUTE memory leak ([CVE-2015-3195][]) |
|
|
|
* Race condition handling PSK identify hint ([CVE-2015-3196][]) |
|
|
|
* X509_ATTRIBUTE memory leak (([CVE-2015-3195])) |
|
|
|
* Race condition handling PSK identify hint ([CVE-2015-3196]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0r and OpenSSL 1.0.0s [11 Jun 2015] |
|
|
|
|
|
|
|
* Malformed ECParameters causes infinite loop ([CVE-2015-1788][]) |
|
|
|
* Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][]) |
|
|
|
* PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][]) |
|
|
|
* CMS verify infinite loop with unknown hash function ([CVE-2015-1792][]) |
|
|
|
* Race condition handling NewSessionTicket ([CVE-2015-1791][]) |
|
|
|
* Malformed ECParameters causes infinite loop ([CVE-2015-1788]) |
|
|
|
* Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789]) |
|
|
|
* PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790]) |
|
|
|
* CMS verify infinite loop with unknown hash function ([CVE-2015-1792]) |
|
|
|
* Race condition handling NewSessionTicket ([CVE-2015-1791]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0q and OpenSSL 1.0.0r [19 Mar 2015] |
|
|
|
|
|
|
|
* Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][]) |
|
|
|
* ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][]) |
|
|
|
* PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][]) |
|
|
|
* DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][]) |
|
|
|
* Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][]) |
|
|
|
* X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][]) |
|
|
|
* Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286]) |
|
|
|
* ASN.1 structure reuse memory corruption fix ([CVE-2015-0287]) |
|
|
|
* PKCS7 NULL pointer dereferences fix ([CVE-2015-0289]) |
|
|
|
* DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293]) |
|
|
|
* Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209]) |
|
|
|
* X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288]) |
|
|
|
* Removed the export ciphers from the DEFAULT ciphers |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0p and OpenSSL 1.0.0q [15 Jan 2015] |
|
|
|
@ -672,30 +672,30 @@ OpenSSL 1.0.0 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0o and OpenSSL 1.0.0p [8 Jan 2015] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-3571][] |
|
|
|
* Fix for [CVE-2015-0206][] |
|
|
|
* Fix for [CVE-2014-3569][] |
|
|
|
* Fix for [CVE-2014-3572][] |
|
|
|
* Fix for [CVE-2015-0204][] |
|
|
|
* Fix for [CVE-2015-0205][] |
|
|
|
* Fix for [CVE-2014-8275][] |
|
|
|
* Fix for [CVE-2014-3570][] |
|
|
|
* Fix for [CVE-2014-3571] |
|
|
|
* Fix for [CVE-2015-0206] |
|
|
|
* Fix for [CVE-2014-3569] |
|
|
|
* Fix for [CVE-2014-3572] |
|
|
|
* Fix for [CVE-2015-0204] |
|
|
|
* Fix for [CVE-2015-0205] |
|
|
|
* Fix for [CVE-2014-8275] |
|
|
|
* Fix for [CVE-2014-3570] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0n and OpenSSL 1.0.0o [15 Oct 2014] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-3513][] |
|
|
|
* Fix for [CVE-2014-3567][] |
|
|
|
* Mitigation for [CVE-2014-3566][] (SSL protocol vulnerability) |
|
|
|
* Fix for [CVE-2014-3568][] |
|
|
|
* Fix for [CVE-2014-3513] |
|
|
|
* Fix for [CVE-2014-3567] |
|
|
|
* Mitigation for [CVE-2014-3566] (SSL protocol vulnerability) |
|
|
|
* Fix for [CVE-2014-3568] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0m and OpenSSL 1.0.0n [6 Aug 2014] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-3510][] |
|
|
|
* Fix for [CVE-2014-3507][] |
|
|
|
* Fix for [CVE-2014-3506][] |
|
|
|
* Fix for [CVE-2014-3505][] |
|
|
|
* Fix for [CVE-2014-3509][] |
|
|
|
* Fix for [CVE-2014-3508][] |
|
|
|
* Fix for [CVE-2014-3510] |
|
|
|
* Fix for [CVE-2014-3507] |
|
|
|
* Fix for [CVE-2014-3506] |
|
|
|
* Fix for [CVE-2014-3505] |
|
|
|
* Fix for [CVE-2014-3509] |
|
|
|
* Fix for [CVE-2014-3508] |
|
|
|
|
|
|
|
Known issues in OpenSSL 1.0.0m: |
|
|
|
|
|
|
|
@ -706,78 +706,78 @@ OpenSSL 1.0.0 |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0l and OpenSSL 1.0.0m [5 Jun 2014] |
|
|
|
|
|
|
|
* Fix for [CVE-2014-0224][] |
|
|
|
* Fix for [CVE-2014-0221][] |
|
|
|
* Fix for [CVE-2014-0198][] |
|
|
|
* Fix for [CVE-2014-0195][] |
|
|
|
* Fix for [CVE-2014-3470][] |
|
|
|
* Fix for [CVE-2014-0076][] |
|
|
|
* Fix for [CVE-2010-5298][] |
|
|
|
* Fix for [CVE-2014-0224] |
|
|
|
* Fix for [CVE-2014-0221] |
|
|
|
* Fix for [CVE-2014-0198] |
|
|
|
* Fix for [CVE-2014-0195] |
|
|
|
* Fix for [CVE-2014-3470] |
|
|
|
* Fix for [CVE-2014-0076] |
|
|
|
* Fix for [CVE-2010-5298] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0k and OpenSSL 1.0.0l [6 Jan 2014] |
|
|
|
|
|
|
|
* Fix for DTLS retransmission bug [CVE-2013-6450][] |
|
|
|
* Fix for DTLS retransmission bug ([CVE-2013-6450]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013] |
|
|
|
|
|
|
|
* Fix for SSL/TLS/DTLS CBC plaintext recovery attack [CVE-2013-0169][] |
|
|
|
* Fix OCSP bad key DoS attack [CVE-2013-0166][] |
|
|
|
* Fix for SSL/TLS/DTLS CBC plaintext recovery attack ([CVE-2013-0169]) |
|
|
|
* Fix OCSP bad key DoS attack ([CVE-2013-0166]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012] |
|
|
|
|
|
|
|
* Fix DTLS record length checking bug [CVE-2012-2333][] |
|
|
|
* Fix DTLS record length checking bug ([CVE-2012-2333]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012] |
|
|
|
|
|
|
|
* Fix for ASN1 overflow bug [CVE-2012-2110][] |
|
|
|
* Fix for ASN1 overflow bug ([CVE-2012-2110]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012] |
|
|
|
|
|
|
|
* Fix for CMS/PKCS#7 MMA [CVE-2012-0884][] |
|
|
|
* Corrected fix for [CVE-2011-4619][] |
|
|
|
* Fix for CMS/PKCS#7 MMA ([CVE-2012-0884]) |
|
|
|
* Corrected fix for ([CVE-2011-4619]) |
|
|
|
* Various DTLS fixes. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012] |
|
|
|
|
|
|
|
* Fix for DTLS DoS issue [CVE-2012-0050][] |
|
|
|
* Fix for DTLS DoS issue ([CVE-2012-0050]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012] |
|
|
|
|
|
|
|
* Fix for DTLS plaintext recovery attack [CVE-2011-4108][] |
|
|
|
* Clear block padding bytes of SSL 3.0 records [CVE-2011-4576][] |
|
|
|
* Only allow one SGC handshake restart for SSL/TLS [CVE-2011-4619][] |
|
|
|
* Check parameters are not NULL in GOST ENGINE [CVE-2012-0027][] |
|
|
|
* Check for malformed RFC3779 data [CVE-2011-4577][] |
|
|
|
* Fix for DTLS plaintext recovery attack ([CVE-2011-4108]) |
|
|
|
* Clear block padding bytes of SSL 3.0 records ([CVE-2011-4576]) |
|
|
|
* Only allow one SGC handshake restart for SSL/TLS ([CVE-2011-4619]) |
|
|
|
* Check parameters are not NULL in GOST ENGINE ([CVE-2012-0027]) |
|
|
|
* Check for malformed RFC3779 data ([CVE-2011-4577]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011] |
|
|
|
|
|
|
|
* Fix for CRL vulnerability issue [CVE-2011-3207][] |
|
|
|
* Fix for ECDH crashes [CVE-2011-3210][] |
|
|
|
* Fix for CRL vulnerability issue ([CVE-2011-3207]) |
|
|
|
* Fix for ECDH crashes ([CVE-2011-3210]) |
|
|
|
* Protection against EC timing attacks. |
|
|
|
* Support ECDH ciphersuites for certificates using SHA2 algorithms. |
|
|
|
* Various DTLS fixes. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011] |
|
|
|
|
|
|
|
* Fix for security issue [CVE-2011-0014][] |
|
|
|
* Fix for security issue ([CVE-2011-0014]) |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010] |
|
|
|
|
|
|
|
* Fix for security issue [CVE-2010-4180][] |
|
|
|
* Fix for [CVE-2010-4252][] |
|
|
|
* Fix for security issue ([CVE-2010-4180]) |
|
|
|
* Fix for ([CVE-2010-4252]) |
|
|
|
* Fix mishandling of absent EC point format extension. |
|
|
|
* Fix various platform compilation issues. |
|
|
|
* Corrected fix for security issue [CVE-2010-3864][]. |
|
|
|
* Corrected fix for security issue ([CVE-2010-3864]). |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010] |
|
|
|
|
|
|
|
* Fix for security issue [CVE-2010-3864][]. |
|
|
|
* Fix for [CVE-2010-2939][] |
|
|
|
* Fix for security issue ([CVE-2010-3864]). |
|
|
|
* Fix for ([CVE-2010-2939]) |
|
|
|
* Fix WIN32 build system for GOST ENGINE. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010] |
|
|
|
|
|
|
|
* Fix for security issue [CVE-2010-1633][]. |
|
|
|
* Fix for security issue ([CVE-2010-1633]). |
|
|
|
* GOST MAC and CFB fixes. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010] |
|
|
|
@ -809,7 +809,7 @@ OpenSSL 0.9.x |
|
|
|
### Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010] |
|
|
|
|
|
|
|
* CFB cipher definition fixes. |
|
|
|
* Fix security issues [CVE-2010-0740][] and [CVE-2010-0433][]. |
|
|
|
* Fix security issues [CVE-2010-0740] and [CVE-2010-0433]. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010] |
|
|
|
|
|
|
|
@ -825,16 +825,16 @@ OpenSSL 0.9.x |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009] |
|
|
|
|
|
|
|
* Temporary work around for [CVE-2009-3555][]: disable renegotiation. |
|
|
|
* Temporary work around for [CVE-2009-3555]: disable renegotiation. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009] |
|
|
|
|
|
|
|
* Fix various build issues. |
|
|
|
* Fix security issues ([CVE-2009-0590][], [CVE-2009-0591][], [CVE-2009-0789][]) |
|
|
|
* Fix security issues [CVE-2009-0590], [CVE-2009-0591], [CVE-2009-0789] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009] |
|
|
|
|
|
|
|
* Fix security issue ([CVE-2008-5077][]) |
|
|
|
* Fix security issue ([CVE-2008-5077]) |
|
|
|
* Merge FIPS 140-2 branch code. |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008] |
|
|
|
@ -867,13 +867,13 @@ OpenSSL 0.9.x |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006] |
|
|
|
|
|
|
|
* Introduce limits to prevent malicious key DoS ([CVE-2006-2940][]) |
|
|
|
* Fix security issues ([CVE-2006-2937][], [CVE-2006-3737][], [CVE-2006-4343][]) |
|
|
|
* Introduce limits to prevent malicious key DoS ([CVE-2006-2940]) |
|
|
|
* Fix security issues [CVE-2006-2937], [CVE-2006-3737], [CVE-2006-4343] |
|
|
|
* Changes to ciphersuite selection algorithm |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006] |
|
|
|
|
|
|
|
* Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339][] |
|
|
|
* Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339] |
|
|
|
* New cipher Camellia |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006] |
|
|
|
@ -888,7 +888,7 @@ OpenSSL 0.9.x |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005] |
|
|
|
|
|
|
|
* Fix potential SSL 2.0 rollback, [CVE-2005-2969][] |
|
|
|
* Fix potential SSL 2.0 rollback ([CVE-2005-2969]) |
|
|
|
* Extended Windows CE support |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005] |
|
|
|
@ -972,12 +972,12 @@ OpenSSL 0.9.x |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006] |
|
|
|
|
|
|
|
* Introduce limits to prevent malicious key DoS ([CVE-2006-2940][]) |
|
|
|
* Fix security issues ([CVE-2006-2937][], [CVE-2006-3737][], [CVE-2006-4343][]) |
|
|
|
* Introduce limits to prevent malicious key DoS ([CVE-2006-2940]) |
|
|
|
* Fix security issues [CVE-2006-2937], [CVE-2006-3737], [CVE-2006-4343] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006] |
|
|
|
|
|
|
|
* Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339][] |
|
|
|
* Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339] |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006] |
|
|
|
|
|
|
|
@ -990,7 +990,7 @@ OpenSSL 0.9.x |
|
|
|
|
|
|
|
### Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005] |
|
|
|
|
|
|
|
* Fix SSL 2.0 Rollback, [CVE-2005-2969][] |
|
|
|
* Fix SSL 2.0 Rollback ([CVE-2005-2969]) |
|
|
|
* Allow use of fixed-length exponent on DSA signing |
|
|
|
* Default fixed-window RSA, DSA, DH private-key operations |
|
|
|
|
|
|
|
|
Dr. Matthias St. Pierre
2 years ago