OpenSSL v1.0.1.p Release Notes
Release Date: 2015-12-03 // over 8 years ago-
- Certificate verify crash with missing PSS parameter
The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication.
This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG). [CVE-2015-3194][]
Stephen Henson
- X509_ATTRIBUTE memory leak
When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected.
This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using libFuzzer. [CVE-2015-3195][]
Stephen Henson
- Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs. This changes the decoding behaviour for some invalid messages, though the change is mostly in the more lenient direction, and legacy behaviour is preserved as much as possible.
Emilia Käsper
- In DSA_generate_parameters_ex, if the provided seed is too short, use a random seed, as already documented.
Rich Salz and Ismo Puustinen [email protected]