Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssl/dist merge conflicts
details: https://anonhg.NetBSD.org/src/rev/6cbddf069595
branches: trunk
changeset: 342112:6cbddf069595
user: christos <christos%NetBSD.org@localhost>
date: Sun Dec 06 21:52:35 2015 +0000
description:
merge conflicts
diffstat:
crypto/external/bsd/openssl/dist/CHANGES | 221 ++++++---
crypto/external/bsd/openssl/dist/Configure | 17 +-
crypto/external/bsd/openssl/dist/Makefile | 33 +-
crypto/external/bsd/openssl/dist/NEWS | 9 +
crypto/external/bsd/openssl/dist/README | 204 ++------
crypto/external/bsd/openssl/dist/apps/ca.c | 14 +-
crypto/external/bsd/openssl/dist/apps/ocsp.c | 4 +-
crypto/external/bsd/openssl/dist/apps/s_client.c | 3 +
crypto/external/bsd/openssl/dist/apps/s_server.c | 15 +
crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c | 11 +-
crypto/external/bsd/openssl/dist/crypto/bio/bss_file.c | 13 +-
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gf2m.pl | 16 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_exp.c | 7 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_mont.c | 9 +-
crypto/external/bsd/openssl/dist/crypto/bn/bntest.c | 56 ++-
crypto/external/bsd/openssl/dist/crypto/cms/cms_pwri.c | 3 +
crypto/external/bsd/openssl/dist/crypto/comp/c_zlib.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/conf/conf_def.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/cryptlib.c | 26 +-
crypto/external/bsd/openssl/dist/crypto/des/t/test | 27 -
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_ameth.c | 1 +
crypto/external/bsd/openssl/dist/crypto/ec/ec.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/engine/eng_cryptodev.c | 7 +-
crypto/external/bsd/openssl/dist/crypto/mem_clr.c | 4 +
crypto/external/bsd/openssl/dist/crypto/opensslconf.h | 2 +-
crypto/external/bsd/openssl/dist/crypto/opensslv.h | 6 +-
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c | 3 +-
crypto/external/bsd/openssl/dist/crypto/rc4/asm/rc4-x86_64.pl | 2 +-
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_sign.c | 11 +-
crypto/external/bsd/openssl/dist/crypto/sparccpuid.S | 2 +-
crypto/external/bsd/openssl/dist/doc/apps/dgst.pod | 5 -
crypto/external/bsd/openssl/dist/doc/crypto/EVP_DigestVerifyInit.pod | 9 +-
crypto/external/bsd/openssl/dist/e_os.h | 8 +-
crypto/external/bsd/openssl/dist/openssl.spec | 2 +-
crypto/external/bsd/openssl/dist/ssl/Makefile | 2 +-
crypto/external/bsd/openssl/dist/ssl/d1_both.c | 7 +-
crypto/external/bsd/openssl/dist/ssl/d1_srvr.c | 31 +-
crypto/external/bsd/openssl/dist/ssl/s23_clnt.c | 21 +-
crypto/external/bsd/openssl/dist/ssl/s3_cbc.c | 45 +-
crypto/external/bsd/openssl/dist/ssl/s3_clnt.c | 119 +++-
crypto/external/bsd/openssl/dist/ssl/s3_enc.c | 104 ++-
crypto/external/bsd/openssl/dist/ssl/s3_lib.c | 2 +-
crypto/external/bsd/openssl/dist/ssl/s3_srvr.c | 78 ++-
crypto/external/bsd/openssl/dist/ssl/ssl.h | 4 +
crypto/external/bsd/openssl/dist/ssl/ssl3.h | 2 +
crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c | 11 +-
crypto/external/bsd/openssl/dist/ssl/ssl_err.c | 5 +
crypto/external/bsd/openssl/dist/ssl/ssl_lib.c | 9 +-
crypto/external/bsd/openssl/dist/ssl/ssl_locl.h | 20 +-
crypto/external/bsd/openssl/dist/ssl/ssltest.c | 1 +
crypto/external/bsd/openssl/dist/ssl/t1_enc.c | 48 +-
crypto/external/bsd/openssl/dist/ssl/t1_lib.c | 57 +-
crypto/external/bsd/openssl/dist/ssl/tls1.h | 15 +-
crypto/external/bsd/openssl/dist/test/Makefile | 40 +-
crypto/external/bsd/openssl/dist/util/mk1mf.pl | 2 +-
57 files changed, 821 insertions(+), 570 deletions(-)
diffs (truncated from 3352 to 300 lines):
diff -r 7aa7007dc2b5 -r 6cbddf069595 crypto/external/bsd/openssl/dist/CHANGES
--- a/crypto/external/bsd/openssl/dist/CHANGES Sun Dec 06 21:45:41 2015 +0000
+++ b/crypto/external/bsd/openssl/dist/CHANGES Sun Dec 06 21:52:35 2015 +0000
@@ -2,6 +2,45 @@
OpenSSL CHANGES
_______________
+ Changes between 1.0.1p and 1.0.1q [3 Dec 2015]
+
+ *) Certificate verify crash with missing PSS parameter
+
+ The signature verification routines will crash with a NULL pointer
+ dereference if presented with an ASN.1 signature using the RSA PSS
+ algorithm and absent mask generation function parameter. Since these
+ routines are used to verify certificate signature algorithms this can be
+ used to crash any certificate verification operation and exploited in a
+ DoS attack. Any application which performs certificate verification is
+ vulnerable including OpenSSL clients and servers which enable client
+ authentication.
+
+ This issue was reported to OpenSSL by Loïc Jonas Etienne (Qnective AG).
+ (CVE-2015-3194)
+ [Stephen Henson]
+
+ *) X509_ATTRIBUTE memory leak
+
+ When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
+ memory. This structure is used by the PKCS#7 and CMS routines so any
+ application which reads PKCS#7 or CMS data from untrusted sources is
+ affected. SSL/TLS is not affected.
+
+ This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using
+ libFuzzer.
+ (CVE-2015-3195)
+ [Stephen Henson]
+
+ *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
+ This changes the decoding behaviour for some invalid messages,
+ though the change is mostly in the more lenient direction, and
+ legacy behaviour is preserved as much as possible.
+ [Emilia Käsper]
+
+ *) In DSA_generate_parameters_ex, if the provided seed is too short,
+ return an error
+ [Rich Salz and Ismo Puustinen <ismo.puustinen%intel.com@localhost>]
+
Changes between 1.0.1o and 1.0.1p [9 Jul 2015]
*) Alternate chains certificate forgery
@@ -15,10 +54,19 @@
This issue was reported to OpenSSL by Adam Langley/David Benjamin
(Google/BoringSSL).
+ (CVE-2015-1793)
[Matt Caswell]
+ *) Race condition handling PSK identify hint
+
+ If PSK identity hints are received by a multi-threaded client then
+ the values are wrongly updated in the parent SSL_CTX structure. This can
+ result in a race condition potentially leading to a double free of the
+ identify hint data.
+ (CVE-2015-3196)
+ [Stephen Henson]
+
Changes between 1.0.1n and 1.0.1o [12 Jun 2015]
-
*) Fix HMAC ABI incompatibility. The previous version introduced an ABI
incompatibility in the handling of HMAC. The previous ABI has now been
restored.
@@ -55,9 +103,9 @@
callbacks.
This issue was reported to OpenSSL by Robert Swiecki (Google), and
- independently by Hanno Böck.
+ independently by Hanno Böck.
(CVE-2015-1789)
- [Emilia Käsper]
+ [Emilia Käsper]
*) PKCS7 crash with missing EnvelopedContent
@@ -71,7 +119,7 @@
This issue was reported to OpenSSL by Michal Zalewski (Google).
(CVE-2015-1790)
- [Emilia Käsper]
+ [Emilia Käsper]
*) CMS verify infinite loop with unknown hash function
@@ -94,6 +142,9 @@
*) Reject DH handshakes with parameters shorter than 768 bits.
[Kurt Roeckx and Emilia Kasper]
+ *) dhparam: generate 2048-bit parameters by default.
+ [Kurt Roeckx and Emilia Kasper]
+
Changes between 1.0.1l and 1.0.1m [19 Mar 2015]
*) Segmentation fault in ASN1_TYPE_cmp fix
@@ -132,7 +183,7 @@
This issue was reported to OpenSSL by Michal Zalewski (Google).
(CVE-2015-0289)
- [Emilia Käsper]
+ [Emilia Käsper]
*) DoS via reachable assert in SSLv2 servers fix
@@ -140,10 +191,10 @@
servers that both support SSLv2 and enable export cipher suites by sending
a specially crafted SSLv2 CLIENT-MASTER-KEY message.
- This issue was discovered by Sean Burford (Google) and Emilia Käsper
+ This issue was discovered by Sean Burford (Google) and Emilia Käsper
(OpenSSL development team).
(CVE-2015-0293)
- [Emilia Käsper]
+ [Emilia Käsper]
*) Use After Free following d2i_ECPrivatekey error fix
@@ -288,12 +339,12 @@
version does not match the session's version. Resuming with a different
version, while not strictly forbidden by the RFC, is of questionable
sanity and breaks all known clients.
- [David Benjamin, Emilia Käsper]
+ [David Benjamin, Emilia Käsper]
*) Tighten handling of the ChangeCipherSpec (CCS) message: reject
early CCS messages during renegotiation. (Note that because
renegotiation is encrypted, this early CCS was not exploitable.)
- [Emilia Käsper]
+ [Emilia Käsper]
*) Tighten client-side session ticket handling during renegotiation:
ensure that the client only accepts a session ticket if the server sends
@@ -304,7 +355,7 @@
Similarly, ensure that the client requires a session ticket if one
was advertised in the ServerHello. Previously, a TLS client would
ignore a missing NewSessionTicket message.
- [Emilia Käsper]
+ [Emilia Käsper]
Changes between 1.0.1i and 1.0.1j [15 Oct 2014]
@@ -384,10 +435,10 @@
with a null pointer dereference (read) by specifying an anonymous (EC)DH
ciphersuite and sending carefully crafted handshake messages.
- Thanks to Felix Gröbert (Google) for discovering and researching this
+ Thanks to Felix Gröbert (Google) for discovering and researching this
issue.
(CVE-2014-3510)
- [Emilia Käsper]
+ [Emilia Käsper]
*) By sending carefully crafted DTLS packets an attacker could cause openssl
to leak memory. This can be exploited through a Denial of Service attack.
@@ -424,7 +475,7 @@
properly negotiated with the client. This can be exploited through a
Denial of Service attack.
- Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for
+ Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for
discovering and researching this issue.
(CVE-2014-5139)
[Steve Henson]
@@ -436,7 +487,7 @@
Thanks to Ivan Fratric (Google) for discovering this issue.
(CVE-2014-3508)
- [Emilia Käsper, and Steve Henson]
+ [Emilia Käsper, and Steve Henson]
*) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
for corner cases. (Certain input points at infinity could lead to
@@ -466,15 +517,15 @@
client or server. This is potentially exploitable to run arbitrary
code on a vulnerable client or server.
- Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
- [Jüri Aedla, Steve Henson]
+ Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
+ [Jüri Aedla, Steve Henson]
*) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
are subject to a denial of service attack.
- Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
+ Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
this issue. (CVE-2014-3470)
- [Felix Gröbert, Ivan Fratric, Steve Henson]
+ [Felix Gröbert, Ivan Fratric, Steve Henson]
*) Harmonize version and its documentation. -f flag is used to display
compilation flags.
@@ -553,9 +604,9 @@
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
Security Group at Royal Holloway, University of London
(www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
- Emilia Käsper for the initial patch.
+ Emilia Käsper for the initial patch.
(CVE-2013-0169)
- [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+ [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
*) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
ciphersuites which can be exploited in a denial of service attack.
@@ -730,7 +781,7 @@
EC_GROUP_new_by_curve_name() will automatically use these (while
EC_GROUP_new_curve_GFp() currently prefers the more flexible
implementations).
- [Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
+ [Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
*) Use type ossl_ssize_t instad of ssize_t which isn't available on
all platforms. Move ssize_t definition from e_os.h to the public
@@ -1006,7 +1057,7 @@
[Adam Langley (Google)]
*) Fix spurious failures in ecdsatest.c.
- [Emilia Käsper (Google)]
+ [Emilia Käsper (Google)]
*) Fix the BIO_f_buffer() implementation (which was mixing different
interpretations of the '..._len' fields).
@@ -1020,7 +1071,7 @@
lock to call BN_BLINDING_invert_ex, and avoids one use of
BN_BLINDING_update for each BN_BLINDING structure (previously,
the last update always remained unused).
- [Emilia Käsper (Google)]
+ [Emilia Käsper (Google)]
*) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
[Bob Buckholz (Google)]
@@ -1829,7 +1880,7 @@
*) Add RFC 3161 compliant time stamp request creation, response generation
and response verification functionality.
- [Zoltán Glózik <zglozik%opentsa.org@localhost>, The OpenTSA Project]
+ [Zoltán Glózik <zglozik%opentsa.org@localhost>, The OpenTSA Project]
*) Add initial support for TLS extensions, specifically for the server_name
extension so far. The SSL_SESSION, SSL_CTX, and SSL data structures now
@@ -2997,7 +3048,7 @@
*) BN_CTX_get() should return zero-valued bignums, providing the same
initialised value as BN_new().
- [Geoff Thorpe, suggested by Ulf Möller]
+ [Geoff Thorpe, suggested by Ulf Möller]
*) Support for inhibitAnyPolicy certificate extension.
[Steve Henson]
@@ -3016,7 +3067,7 @@
some point, these tighter rules will become openssl's default to improve
maintainability, though the assert()s and other overheads will remain only
in debugging configurations. See bn.h for more details.
- [Geoff Thorpe, Nils Larsch, Ulf Möller]
+ [Geoff Thorpe, Nils Larsch, Ulf Möller]
*) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure
that can only be obtained through BN_CTX_new() (which implicitly
@@ -3083,7 +3134,7 @@
[Douglas Stebila (Sun Microsystems Laboratories)]
*) Add the possibility to load symbols globally with DSO.
- [Götz Babin-Ebell <babin-ebell%trustcenter.de@localhost> via Richard Levitte]
+ [Götz Babin-Ebell <babin-ebell%trustcenter.de@localhost> via Richard Levitte]
*) Add the functions ERR_set_mark() and ERR_pop_to_mark() for better
control of the error stack.
@@ -3798,7 +3849,7 @@
[Steve Henson]
*) Undo Cygwin change.
- [Ulf Möller]
+ [Ulf Möller]
*) Added support for proxy certificates according to RFC 3820.
Because they may be a security thread to unaware applications,
@@ -3831,11 +3882,11 @@
[Stephen Henson, reported by UK NISCC]
*) Use Windows randomness collection on Cygwin.
- [Ulf Möller]
+ [Ulf Möller]
*) Fix hang in EGD/PRNGD query when communication socket is closed
prematurely by EGD/PRNGD.
- [Darren Tucker <dtucker%zip.com.au@localhost> via Lutz Jänicke, resolves #1014]
+ [Darren Tucker <dtucker%zip.com.au@localhost> via Lutz Jänicke, resolves #1014]
*) Prompt for pass phrases when appropriate for PKCS12 input format.
[Steve Henson]
@@ -4297,7 +4348,7 @@
pointers passed to them whenever necessary. Otherwise it is possible
the caller may have overwritten (or deallocated) the original string
data when a later ENGINE operation tries to use the stored values.
Home |
Main Index |
Thread Index |
Old Index