path: root/CHANGES
diff options
Diffstat (limited to 'CHANGES')
1 files changed, 37 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 37dd60b726ee..1ab64b35c9a4 100644
@@ -7,6 +7,43 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1i and 1.1.1j [16 Feb 2021]
+ *) Fixed the X509_issuer_and_serial_hash() function. It attempts to
+ create a unique hash value based on the issuer and serial number data
+ contained within an X509 certificate. However it was failing to correctly
+ handle any errors that may occur while parsing the issuer field (which might
+ occur if the issuer field is maliciously constructed). This may subsequently
+ result in a NULL pointer deref and a crash leading to a potential denial of
+ service attack.
+ (CVE-2021-23841)
+ [Matt Caswell]
+ *) Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING
+ padding mode to correctly check for rollback attacks. This is considered a
+ bug in OpenSSL 1.1.1 because it does not support SSLv2. In 1.0.2 this is
+ CVE-2021-23839.
+ [Matt Caswell]
+ *) Fixed the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate
+ functions. Previously they could overflow the output length argument in some
+ cases where the input length is close to the maximum permissable length for
+ an integer on the platform. In such cases the return value from the function
+ call would be 1 (indicating success), but the output length value would be
+ negative. This could cause applications to behave incorrectly or crash.
+ (CVE-2021-23840)
+ [Matt Caswell]
+ *) Fixed SRP_Calc_client_key so that it runs in constant time. The previous
+ implementation called BN_mod_exp without setting BN_FLG_CONSTTIME. This
+ could be exploited in a side channel attack to recover the password. Since
+ the attack is local host only this is outside of the current OpenSSL
+ threat model and therefore no CVE is assigned.
+ Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this
+ issue.
+ [Matt Caswell]
Changes between 1.1.1h and 1.1.1i [8 Dec 2020]
*) Fixed NULL pointer deref in the GENERAL_NAME_cmp function