summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2014-10-15 10:40:29 +0100
committerJanusz Kozerski <j.kozerski@samsung.com>2014-10-20 15:26:07 +0200
commitc652e3ba541b952bdcb2ea5805b3765f1272e237 (patch)
treec8d6761f35e546b532609504a898494f54973616
parentc627333f4a7d547d486ab8c8d4a9c647db1a849c (diff)
downloadopenssl-c652e3ba541b952bdcb2ea5805b3765f1272e237.tar.gz
openssl-c652e3ba541b952bdcb2ea5805b3765f1272e237.tar.bz2
openssl-c652e3ba541b952bdcb2ea5805b3765f1272e237.zip
Add updates to CHANGES file
Reviewed-by: Bodo Möller <bodo@openssl.org>
-rw-r--r--CHANGES33
1 files changed, 33 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index c79f4d0..fdc19f3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,39 @@
Changes between 1.0.1i and 1.0.1j [xx XXX xxxx]
+ *) SRTP Memory Leak.
+
+ A flaw in the DTLS SRTP extension parsing code allows an attacker, who
+ sends a carefully crafted handshake message, to cause OpenSSL to fail
+ to free up to 64k of memory causing a memory leak. This could be
+ exploited in a Denial Of Service attack. This issue affects OpenSSL
+ 1.0.1 server implementations for both SSL/TLS and DTLS regardless of
+ whether SRTP is used or configured. Implementations of OpenSSL that
+ have been compiled with OPENSSL_NO_SRTP defined are not affected.
+
+ The fix was developed by the OpenSSL team.
+ (CVE-2014-3513)
+ [OpenSSL team]
+
+ *) Session Ticket Memory Leak.
+
+ When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
+ integrity of that ticket is first verified. In the event of a session
+ ticket integrity check failing, OpenSSL will fail to free memory
+ causing a memory leak. By sending a large number of invalid session
+ tickets an attacker could exploit this issue in a Denial Of Service
+ attack.
+ (CVE-2014-3567)
+ [Steve Henson]
+
+ *) Build option no-ssl3 is incomplete.
+
+ When OpenSSL is configured with "no-ssl3" as a build option, servers
+ could accept and complete a SSL 3.0 handshake, and clients could be
+ configured to send them.
+ (CVE-2014-3568)
+ [Akamai and the OpenSSL team]
+
*) Add support for TLS_FALLBACK_SCSV.
Client applications doing fallback retries should call
SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).