Skip to content
  1. Mar 19, 2015
    • Emilia Kasper's avatar
      Fix reachable assert in SSLv2 servers. · 65c588c1
      Emilia Kasper authored
      
      
      This assert is reachable for servers that support SSLv2 and export ciphers.
      Therefore, such servers can be DoSed by sending a specially crafted
      SSLv2 CLIENT-MASTER-KEY.
      
      Also fix s2_srvr.c to error out early if the key lengths are malformed.
      These lengths are sent unencrypted, so this does not introduce an oracle.
      
      CVE-2015-0293
      
      This issue was discovered by Sean Burford (Google) and Emilia Käsper of
      the OpenSSL development team.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      65c588c1
    • Emilia Kasper's avatar
      PKCS#7: avoid NULL pointer dereferences with missing content · 544e3e3b
      Emilia Kasper authored
      
      
      In PKCS#7, the ASN.1 content component is optional.
      This typically applies to inner content (detached signatures),
      however we must also handle unexpected missing outer content
      correctly.
      
      This patch only addresses functions reachable from parsing,
      decryption and verification, and functions otherwise associated
      with reading potentially untrusted data.
      
      Correcting all low-level API calls requires further work.
      
      CVE-2015-0289
      
      Thanks to Michal Zalewski (Google) for reporting this issue.
      
      Reviewed-by: default avatarSteve Henson <steve@openssl.org>
      
      Conflicts:
      	crypto/pkcs7/pk7_doit.c
      544e3e3b
    • Dr. Stephen Henson's avatar
      Fix ASN1_TYPE_cmp · 497d0b00
      Dr. Stephen Henson authored
      
      
      Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This
      can be triggered during certificate verification so could be a DoS attack
      against a client or a server enabling client authentication.
      
      CVE-2015-0286
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      497d0b00
  2. Mar 18, 2015
  3. Mar 14, 2015
  4. Mar 11, 2015
  5. Mar 08, 2015
  6. Mar 06, 2015
  7. Mar 02, 2015
  8. Feb 25, 2015
  9. Feb 09, 2015
  10. Feb 06, 2015
  11. Feb 05, 2015
  12. Feb 03, 2015
  13. Jan 22, 2015