UbuntuUpdates.org

Package "openssl"

Name: openssl

Description:

Secure Socket Layer (SSL) binary and related cryptographic tools

Latest version: 1.0.1-4ubuntu5.45
Release: precise (12.04)
Level: security
Repository: main

Links


Download "openssl"


Other versions of "openssl" in Precise

Repository Area Version
base main 1.0.1-4ubuntu3
updates main 1.0.1-4ubuntu5.45

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.0.1-4ubuntu5.45 2021-05-03 14:07:17 UTC

  openssl (1.0.1-4ubuntu5.45) precise-security; urgency=medium

  * SECURITY UPDATE: EDIPARTYNAME NULL pointer de-ref
    - debian/patches/DirectoryString-is-a-CHOICE-type-and-therefore-uses-expli.patch:
      use explicit tagging for DirectoryString in crypto/x509v3/v3_genn.c.
    - debian/patches/Correctly-compare-EdiPartyName-in-GENERAL_NAME_cmp.patch:
      correctly compare EdiPartyName in crypto/x509v3/v3_genn.c.
    - debian/patches/Check-that-multi-strings-CHOICE-types-don-t-use-implicit-.patch:
      check that multi-strings/CHOICE types don't use implicit tagging in
      crypto/asn1/asn1_err.c, crypto/asn1/tasn_dec.c, crypto/asn1/asn1.h.
    - debian/patches/Complain-if-we-are-attempting-to-encode-with-an-invalid-A.patch:
      complain if we are attempting to encode with an invalid ASN.1 template in
      crypto/asn1/asn1_err.c, crypto/asn1/tasn_enc.c, crypto/asn1/asn1.h.
    - CVE-2020-1971
  * SECURITY UPDATE: Null pointer deref in X509_issuer_and_serial_hash()
    - debian/patches/CVE-2021-23841.patch: fix Null pointer deref in
      crypto/x509/x509_cmp.c.
    - CVE-2021-23841

 -- Avital Ostromich <email address hidden> Fri, 19 Feb 2021 17:38:20 -0500

Source diff to previous version
CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference
CVE-2021-23841 Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is cl

Version: 1.0.1-4ubuntu5.39 2017-01-31 18:06:39 UTC

  openssl (1.0.1-4ubuntu5.39) precise-security; urgency=medium

  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

 -- Marc Deslauriers <email address hidden> Mon, 30 Jan 2017 14:30:36 -0500

Source diff to previous version
CVE-2016-2177 OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of s
CVE-2016-7056 ECDSA P-256 timing attack key recovery
CVE-2016-8610 SSL/TLS SSL3_AL_WARNING undefined alert DoS

Version: 1.0.1-4ubuntu5.38 2016-09-23 15:06:28 UTC

  openssl (1.0.1-4ubuntu5.38) precise-security; urgency=medium

  * SECURITY REGRESSION: incomplete fix for CVE-2016-2182 (LP: #1626883)
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.

 -- Marc Deslauriers <email address hidden> Fri, 23 Sep 2016 07:59:32 -0400

Source diff to previous version
1626883 libssl 1.0.2g-1ubuntu4.4 and 1.0.1f-1ubuntu2.20 cause PHP SSL cert validation to segfault
CVE-2016-2182 The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to

Version: 1.0.1-4ubuntu5.37 2016-09-22 21:06:28 UTC

  openssl (1.0.1-4ubuntu5.37) precise-security; urgency=medium

  * SECURITY UPDATE: Constant time flag not preserved in DSA signing
    - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
      crypto/dsa/dsa_ossl.c.
    - CVE-2016-2178
  * SECURITY UPDATE: DTLS buffered message DoS
    - debian/patches/CVE-2016-2179.patch: fix queue handling in
      ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
      ssl/ssl_locl.h.
    - CVE-2016-2179
  * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
    - debian/patches/CVE-2016-2180.patch: fix text handling in
      crypto/ts/ts_lib.c.
    - CVE-2016-2180
  * SECURITY UPDATE: DTLS replay protection DoS
    - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
      records in ssl/d1_pkt.c.
    - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
      in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
    - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
    - CVE-2016-2181
  * SECURITY UPDATE: OOB write in BN_bn2dec()
    - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
      crypto/bn/bn_print.c.
    - CVE-2016-2182
  * SECURITY UPDATE: SWEET32 Mitigation
    - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
      to MEDIUM in ssl/s3_lib.c.
    - CVE-2016-2183
  * SECURITY UPDATE: Malformed SHA512 ticket DoS
    - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
      ssl/t1_lib.c.
    - CVE-2016-6302
  * SECURITY UPDATE: OOB write in MDC2_Update()
    - debian/patches/CVE-2016-6303.patch: avoid overflow in
      crypto/mdc2/mdc2dgst.c.
    - CVE-2016-6303
  * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
    - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
      handshake in ssl/t1_lib.c.
    - CVE-2016-6304
  * SECURITY UPDATE: Certificate message OOB reads
    - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
      ssl/s3_srvr.c.
    - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
      larger in ssl/d1_both.c, ssl/s3_both.c.
    - CVE-2016-6306
  * SECURITY REGRESSION: DTLS regression (LP: #1622500)
    - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
      read_ahead is set in ssl/s3_pkt.c.
  * debian/patches/update-expired-smime-test-certs.patch: Update test
    certificates that have expired and caused build test failures.

 -- Marc Deslauriers <email address hidden> Thu, 22 Sep 2016 13:39:47 -0400

Source diff to previous version
1622500 Backported bugfix for CVE-2014-3571 causes regressions for DTLS in Ubuntu 14.04
CVE-2016-2178 The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which ma
CVE-2016-2179 The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages
CVE-2016-2180 The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL throug
CVE-2016-2181 The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large seq
CVE-2016-2182 The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to
CVE-2016-2183 The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately
CVE-2016-6302 The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which
CVE-2016-6303 Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (
CVE-2016-6304 OCSP Status Request extension unbounded memory growth
CVE-2014-3571 OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference a

Version: 1.0.1-4ubuntu5.36 2016-05-03 16:06:56 UTC

  openssl (1.0.1-4ubuntu5.36) precise-security; urgency=medium

  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108-1.patch: don't mishandle zero if it is
      marked as negative in crypto/asn1/a_int.c.
    - debian/patches/CVE-2016-2108-2.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

 -- Marc Deslauriers <email address hidden> Thu, 28 Apr 2016 11:45:24 -0400

CVE-2016-2105 EVP_EncodeUpdate overflow
CVE-2016-2106 EVP_EncryptUpdate overflow
CVE-2016-2107 Padding oracle in AES-NI CBC MAC check
CVE-2016-2108 Memory corruption in the ASN.1 encoder
CVE-2016-2109 ASN.1 BIO excessive memory allocation



About   -   Send Feedback to @ubuntu_updates