A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_5_5 2015-03-19T14:02:56+00:00 2015-03-19T14:02:56+00:00 tedu 2015-03-19T14:02:56+00:00 urn:sha1:d9209f18e13ea0d2d1fccdbb009e6bef1408ab02 CVE-2015-0286 - Apply fix from OpenSSL for ASN1_TYPE_cmp. CVE-2015-0292 - Backport existing fix for Base64 decoding. 2014-10-19T16:21:06+00:00 tedu 2014-10-19T16:21:06+00:00 urn:sha1:ceff6ee056c9f0efcbcb769de1a1479e9be83428 tested by jasper 2014-08-09T16:55:00+00:00 tedu 2014-08-09T16:55:00+00:00 urn:sha1:5a7df51181e0e6ac681c4372a03a1462a27481bf tested by bcook jsg 2014-06-05T20:16:57+00:00 sthen 2014-06-05T20:16:57+00:00 urn:sha1:a132fd76a1fc13c6a1ca12db902dd71b1021e4b2 "Avoid a buffer overflow that can be triggered by sending specially crafted DTLS fragments. Fix for CVE-2014-0195, from OpenSSL. Reported to OpenSSL by Juri Aedla." From d1_both.c r1.19 2014-06-05T20:12:13+00:00 sthen 2014-06-05T20:12:13+00:00 urn:sha1:45a3ee3c33a1489f853d55c1adaaa1a41affc241 "Do not recurse when a 'Hello Request' message is received while getting DTLS fragments. A stream of 'Hello Request' messages will result in infinite recursion, eventually crashing the DTLS client or server. Fixes CVE-2014-0221, from OpenSSL. Reported to OpenSSL by Imre Rad." From d1_both.c r1.20 2014-06-05T20:09:31+00:00 sthen 2014-06-05T20:09:31+00:00 urn:sha1:3e3b919c01bcb1f65349e1765905b41ba007f751 "Ensure that sess_cert is not NULL before trying to use it. Fixes CVE-2014-3470, from OpenSSL." From s3_clnt.c r1.66 2014-06-05T17:05:16+00:00 sthen 2014-06-05T17:05:16+00:00 urn:sha1:4167d3d81d74b4430d5e09ff5a706dceead2a011 "Be selective as to when ChangeCipherSpec messages will be accepted. Without this an early ChangeCipherSpec message would result in session keys being generated, along with the Finished hash for the handshake, using an empty master secret." From s3_clnt.c r1.64, s3_pkt.c r1.42, s3_srvr.c r1.59, ssl3.h r1.19 - note that the ssl3.h change has been applied to s3_locl.h instead to simplify patching. "Ensure that we do not process a ChangeCipherSpec with an empty master secret. This is an additional safeguard against early ChangeCipherSpec handling." From s3_pkt.c:1.43 2014-05-01T14:16:36+00:00 sthen 2014-05-01T14:16:36+00:00 urn:sha1:205ed35b282424bc5563c32dc85804c49f292546 -/-------------------------- revision 1.33 date: 2014/04/24 04:31:30; author: tedu; state: Exp; lines: +4 -0; on today's episode of things you didn't want to learn: do_ssl3_write() is recursive. and not in the simple, obvious way, but in the sneaky called through ssl3_dispatch_alert way. (alert level: fuchsia) this then has a decent chance of releasing the buffer that we thought we were going to use. check for this happening, and if the buffer has gone missing, put another one back in place. the direct recursive call is safe because it won't call ssl3_write_pending which is the function that actually does do the writing and releasing. as reported by David Ramos to openssl-dev: http://marc.info/?l=openssl-dev&m=139809493725682&w=2 ok beck -/-------------------------- 2014-04-12T17:01:15+00:00 deraadt 2014-04-12T17:01:15+00:00 urn:sha1:5b8a00822ae8b4d37cdb67bc2a396cdb32fede7a Changes by: tedu@cvs.openbsd.org 2014/04/10 13:01:37 Piotr Sikora pointed me at a more refined diff for the buffer release issue. Apply that version. Maybe someday upstream will wake up and then we can have the same code. https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest 2014-04-08T00:55:41+00:00 djm 2014-04-08T00:55:41+00:00 urn:sha1:4c4ffae09656f4f6c721d4f04b7f2e127ebf9526 cherrypick fix for CVE-2014-0160 "heartbleed" vulnerability from OpenSSL git; ok sthen@