SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libopenssl-devel-1.0.1i-150400.1.15.x86_64.rpm :

* Tue Jan 31 2017 vcizekAATTsuse.com- OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)- ECSDA P-256 timing attack key recovery (bsc#1019334, CVE-2016-7056)- remote denial of service in SSL alert handling (bsc#1005878, CVE-2016-8610)- Truncated packet could crash via OOB read (bsc#1022085, CVE-2017-3731)- degrade 3DES to MEDIUM in SSL2 (bsc#1001912)- fix crash in openssl speed (bsc#1000677)- added patches:
* openssl-CVE-2016-7056.patch
* openssl-CVE-2016-8610.patch
* openssl-CVE-2017-3731.patch
* openssl-fix_crash_in_openssl_speed.patch
* openssl-degrade_3DES_to_MEDIUM_in_SSL2.patch- add missing commit for CVE-2016-2108 (bsc#1004499)
* updated openssl-CVE-2016-2108.patch- fix X509_CERT_FILE path (bsc#1022271)
* updated openssl-1.0.1e-truststore.diff
* Fri Sep 23 2016 vcizekAATTsuse.com- resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
* add openssl-randfile_fread_interrupt.patch
* Thu Sep 22 2016 vcizekAATTsuse.com- OpenSSL Security Advisory [22 Sep 2016] (bsc#999665) Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666) Severity: Low
* Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)- added patches:
* openssl-CVE-2016-2177.patch
* openssl-CVE-2016-2178.patch
* openssl-CVE-2016-2179.patch
* openssl-CVE-2016-2180.patch
* openssl-CVE-2016-2181.patch
* openssl-CVE-2016-2182.patch
* openssl-CVE-2016-2183.patch
* openssl-CVE-2016-6302.patch
* openssl-CVE-2016-6303.patch
* openssl-CVE-2016-6304.patch
* openssl-CVE-2016-6306.patch
* Wed Aug 03 2016 vcizekAATTsuse.com- update expired S/MIME certs (bsc#979475)
* add openssl-update-expired-smime-certs.patch- improve s390x performance (bsc#982745)
* add openssl-s390x_performance_improvements.patch- allow >= 64GB AESGCM transfers (bsc#988591)
* modify openssl-1.0.1i-new-fips-reqs.patch- fix crash in print_notice (bsc#998190)
* add openssl-print_notice-NULL_crash.patch
* Thu Apr 28 2016 vcizekAATTsuse.com- OpenSSL Security Advisory [3rd May 2016]
* Memory corruption in the ASN.1 encoder - bsc#977617 (CVE-2016-2108)
* Padding oracle in AES-NI CBC MAC check - bsc#977616 (CVE-2016-2107)
* EVP_EncodeUpdate overflow - bsc#977614 (CVE-2016-2105)
* EVP_EncryptUpdate overflow - bsc#977615 (CVE-2016-2106)
* ASN.1 BIO excessive memory allocation - bsc#976942 (CVE-2016-2109)
* add patches + openssl-CVE-2016-2105.patch + openssl-CVE-2016-2106.patch + openssl-CVE-2016-2107.patch + openssl-CVE-2016-2108.patch + openssl-CVE-2016-2109.patch- Fix buffer overrun in ASN1_parse (bsc#976943)
* add 0001-Fix-buffer-overrun-in-ASN1_parse.patch- Preserve digests for SNI (bsc#977621)
* add 0001-Preserve-digests-for-SNI.patch- Fix openssl enc -non-fips-allow option in FIPS mode (bsc#958501)
* modify openssl-fips-dont-fall-back-to-default-digest.patch
* Thu Feb 25 2016 psimonsAATTsuse.com- Fix CVE-2016-0702 (bnc#968050, \"Cache Bleed\"). The patch \"openssl-CVE-2016-0702-openssl101.patch\" prevents side channel attacks on modular exponentiation that attempted to recover RSA secret keys by analyzing cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. The ability to exploit this issue was limited, however, as it required the attacker to have control of code running in a thread on the same hyper-threaded core as the victim thread which was performing decryptions.- Fix CVE-2016-0705 (bnc#968047) via \"openssl-CVE-2016-0705.patch\". This issue allowed attackers with the ability to load malformed DSA private keys into applications based on OpenSSL to trigger a double free() bug in OpenSSL\'s parser code. That scenario could be abused to facilitate a denial-of-service attack.- Fix CVE-2016-0797 (bnc#968048) via \"openssl-CVE-2016-0797.patch\". The BN_hex2bn() and BN_dec2bn() functions had a bug that could result in an attempt to de-reference a NULL pointer. This could have security consequences if these functions were ever called by user applications with large untrusted hex/decimal data. Also, internal usage of these functions in OpenSSL uses data from config files or application command line arguments. If user developed applications generated config file data based on untrusted data, then this could have had security consequences as well.- Fix CVE-2016-0800 (bnc#968046, \"Drown\"). OpenSSL used to be vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. The patch \"openssl-CVE-2016-0800-DROWN-disable-ssl2.patch\" remedies this issue by disabling the SSLv2 protocol (unless the environment variable $OPENSSL_ALLOW_SSL2 is defined) and all weak EXPORT ciphers (unless $OPENSSL_ALLOW_EXPORT is defined).- The PGP signature \"openssl-1.0.1i.tar.gz.asc\" of the OpenSSL release tarball was removed because the key that issued it uses insecure signature algorithms and can no longer be considered safe, i.e. having the signature around does not improve security.- Add patch \"openssl-fips-dont-fall-back-to-default-digest.patch\" to ensure that OpenSSL doesn\'t fall back to the default digest algorithm (SHA1) in case a non-FIPS algorithm was negotiated while running in FIPS mode. Instead, OpenSSL will refuse the session. (bnc#958501)- Fix CVE-2016-0798 via \"openssl-CVE-2016-0798-101.patch\". The SRP user database lookup method SRP_VBASE_get_by_user() had a memory leak that attackers could abuse to facility DoS attacks. To mitigate the issue, the seed handling in SRP_VBASE_get_by_user() was disabled even if the user has configured a seed. Applications are advised to migrate to SRP_VBASE_get1_by_user(). (bnc#968265)- Fix CVE-2016-0799 (bnc#968374) via \"openssl-CVE-2016-0799.patch\". On many 64 bit systems, the internal fmtstr() and doapr_outch() functions could miscalculate the length of a string and attempt to access out-of-bounds memory locations. These problems could have enabled attacks where large amounts of untrusted data is passed to the BIO_
*printf functions. If applications use these functions in this way then they could have been vulnerable. OpenSSL itself uses these functions when printing out human-readable dumps of ASN.1 data. Therefore applications that print this data could have been vulnerable if the data is from untrusted sources. OpenSSL command line applications could also have been vulnerable when they print out ASN.1 data, or if untrusted data is passed as command line arguments. Libssl is not considered directly vulnerable.
* Fri Feb 12 2016 vcizekAATTsuse.com- fix CVE-2015-3197 (bsc#963415)
* SSLv2 doesn\'t block disabled ciphers
* add openssl-CVE-2015-3197.patch
* Thu Dec 03 2015 vcizekAATTsuse.com- security fixes:
* Certificate verify crash with missing PSS parameter (CVE-2015-3194) (bsc#957815)
* X509_ATTRIBUTE memory leak (CVE-2015-3195) (bsc#957812)
* Race condition handling PSK identify hint (CVE-2015-3196) (bsc#957813)
* added patches: openssl-CVE-2015-3194.patch openssl-CVE-2015-3195.patch openssl-CVE-2015-3196.patch
* Mon Nov 09 2015 vcizekAATTsuse.com- improve s390 performance (bsc#954256)
* added 0001-bn-asm-s390x.S-improve-performance-on-z196-and-z13-b.patch
* Wed Nov 04 2015 meissnerAATTsuse.com- avoid running OPENSSL_config twice. This avoids breaking engine loading. (bsc#952871)- openssl.keyring: replaced with correct release engineer key
* Wed Sep 23 2015 vcizekAATTsuse.com- clear openssl error when fips selftests fail in non-fips mode (bsc#947104)
* added openssl-fips-clearerror.patch
* Fri Sep 04 2015 vcizekAATTsuse.com- don\'t build ppc64le as linux-generic32 (bsc#943421)- modified openssl-1.0.1i-ppc-asm-update.patch- adding patches: 0001-Config-for-ppc64-le.patch 0001-sha-asm-fips.patch 0002-Delete-OPENSSL-CLEANSE-buplicated.patch 0003-Missing-function-declarations.patch 0001-Adding-OPENSSL_cpuid_setup.patch
* Thu Aug 13 2015 vcizekAATTsuse.com- add support for \"ciphers\" providing no encryption (bsc#937085)
* don\'t build with -DSSL_FORBID_ENULL
* Tue Aug 04 2015 vcizekAATTsuse.com- fixed a regression caused by openssl-CVE-2015-0287.patch (bsc#937492)
* Fri Jul 10 2015 vcizekAATTsuse.com- Add POWER8 VMX crypto acceleration (fate#318717, bsc#937634)- added patches from IBM:
* 0001-Taking-only-the-struct-change-of-ks-to-ks-ks.patch
* 0002-Taking-only-the-general-HWAES_-function-declarations.patch
* 0003-Taking-only-the-change-to-the-preprocessor-condition.patch
* 0004-evp-e_aes.c-populate-HWAES_-to-remaning-modes.patch- fix corrupted keyring
* Fri Jul 10 2015 vcizekAATTsuse.com- fix an RSA key generation problem with odd bit sizes (bsc#937212)
* added openssl-fips-fix-odd-rsakeybits.patch
* Fri Jun 12 2015 vcizekAATTsuse.com- CVE-2015-4000 (boo#931698)
* The Logjam Attack / weakdh.org
* reject connections with DH parameters shorter than 1024 bits
* generates 2048-bit DH parameters by default- CVE-2015-1788 (boo#934487)
* Malformed ECParameters causes infinite loop- CVE-2015-1789 (boo#934489)
* Exploitable out-of-bounds read in X509_cmp_time- CVE-2015-1790 (boo#934491)
* PKCS7 crash with missing EnvelopedContent- CVE-2015-1792 (boo#934493)
* CMS verify infinite loop with unknown hash function- CVE-2015-1791 (boo#933911)
* race condition in NewSessionTicket- CVE-2015-3216 (boo#933898)
* Crash in ssleay_rand_bytes due to locking regression
* modified openssl-1.0.1i-fipslocking.patch- fix timing side channel in RSA decryption (bnc#929678)- newly added patches:
* 0001-s_server-Use-2048-bit-DH-parameters-by-default.patch
* 0002-dhparam-set-the-default-to-2048-bits.patch
* 0003-dhparam-fix-documentation.patch
* 0004-Update-documentation-with-Diffie-Hellman-best-practi.patch
* 0005-client-reject-handshakes-with-DH-parameters-1024-bits.patch
* openssl-CVE-2015-1788.patch
* openssl-CVE-2015-1789.patch
* openssl-CVE-2015-1790.patch
* openssl-CVE-2015-1791.patch
* openssl-CVE-2015-1792.patch
* openssl-RSA_premaster_secret_in_constant_time.patch
* Tue Apr 28 2015 vcizekAATTsuse.com- the selftests must pass even in non-FIPS mode if the module is complete (bnc#926597)
* added openssl-fips-selftests_in_nonfips_mode.patch
* Mon Mar 16 2015 vcizekAATTsuse.com- security update:
* CVE-2015-0209 (bnc#919648) - Fix a failure to NULL a pointer freed on error
* CVE-2015-0286 (bnc#922496) - Segmentation fault in ASN1_TYPE_cmp
* CVE-2015-0287 (bnc#922499) - ASN.1 structure reuse memory corruption
* CVE-2015-0288 x509: (bnc#920236) - added missing public key is not NULL check
* CVE-2015-0289 (bnc#922500) - PKCS7 NULL pointer dereferences
* CVE-2015-0293 (bnc#922488) - Fix reachable assert in SSLv2 servers
* added patches: openssl-CVE-2015-0209.patch openssl-CVE-2015-0286.patch openssl-CVE-2015-0287.patch openssl-CVE-2015-0288.patch openssl-CVE-2015-0289.patch openssl-CVE-2015-0293.patch
* Wed Jan 28 2015 vcizekAATTsuse.com- enforce a limit on minimal length of RSA decryption exponent d
* added openssl-fips-rsagen-d-bits.patch by Marcus Meissner
* Fri Jan 09 2015 vcizekAATTsuse.com- fix for several security vulnerabilites:
* CVE-2014-3570 (bnc#912296) - Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. - added openssl-CVE-2014-3570.patch
* CVE-2014-3571 (bnc#912294) - Fix crash in dtls1_get_record whilst in the listen state where you get two separate reads performed - one for the header and one for the body of the handshake record. - added openssl-CVE-2014-3571.patch
* CVE-2014-3572 (bnc#912015) - don\'t accept a handshake using an ephemeral ECDH ciphersuites with the server key exchange message omitted. - added openssl-CVE-2014-3572.patch
* CVE-2014-8275 (bnc#912018) - fix various certificate fingerprint issues - added openssl-CVE-2014-8275.patch
* CVE-2015-0204 (bnc#912014) - Only allow ephemeral RSA keys in export ciphersuites - added openssl-CVE-2015-0204.patch
* CVE-2015-0205 (bnc#912293) - Fix to prevent use of DH client certificates without sending certificate verify message. - added openssl-CVE-2015-0205.patch
* CVE-2015-0206 (bnc#912292) - memory leak can occur in dtls1_buffer_record - added openssl-CVE-2015-0206.patch
* Fri Jan 09 2015 vcizekAATTsuse.com- make RSA2 key generation FIPS 186-4 compliant (bnc#901902)
* added openssl-fips_RSA_compute_d_with_lcm.patch
* Thu Jan 08 2015 vcizekAATTsuse.com- X9.31 rand method is not allowed in FIPS mode
* added openssl-fips_disallow_x931_rand_method.patch- don\'t allow dynamic ENGINEs loading in FIPS mode
* added openssl-fips_disallow_ENGINE_loading.patch- for both see bnc#855676, comment 16- added a locking hack which prevents hangs in FIPS mode (bnc#895129)
* added openssl-1.0.1i-fipslocking.patch
* Fri Dec 19 2014 meissnerAATTsuse.com- openssl-rsakeygen-minimum-distance.patch: in non-FIPS rsa key generation, mirror the maximum and minimum limiters from FIPS rsa generation to meet Common Criteria requirements on minimum and maximum distances between p and q. bsc#908362
* Mon Dec 15 2014 meissnerAATTsuse.com- openssl-urandom-reseeding.patch: constant reseeding from /dev/urandom; for every byte pulled, seed with 1 byte from /dev/urandom, also change RAND_poll to pull the full state size of the SSLEAY DRBG. bsc#908372
* Tue Nov 25 2014 vcizekAATTsuse.com- don\'t advertise curves we don\'t support (bnc#906878)
* added openssl-Added-OPENSSL_NO_EC2M-guards-around-the-preferred-EC.patch
* Thu Oct 30 2014 vcizekAATTsuse.com- security fixes for bnc#901277 and bnc#901223- NOTE: this update alone DOESN\'T FIX the POODLE SSL protocol vulnerability. OpenSSL only adds downgrade detection support for client applications. See https://www.suse.com/support/kb/doc.php?id=7015773 for mitigations.- details of the addressed vulnerabilities:
* ) SRTP Memory Leak. A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected. (CVE-2014-3513)
* ) Session Ticket Memory Leak. When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. (CVE-2014-3567)
* ) Build option no-ssl3 is incomplete. When OpenSSL is configured with \"no-ssl3\" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them. (CVE-2014-3568)
* ) Add support for TLS_FALLBACK_SCSV. Client applications doing fallback retries should call SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). (CVE-2014-3566)- added patches:
* openssl-CVE-2014-3513.patch
* openssl-CVE-2014-3566.patch
* openssl-CVE-2014-3567.patch
* openssl-CVE-2014-3568.patch
  
ICM