Hello community, here is the log from the commit of package openssl checked in at Mon Oct 2 15:41:06 CEST 2006. -------- --- openssl/openssl.changes 2006-09-08 20:34:06.000000000 +0200 +++ /mounts/work_src_done/STABLE/openssl/openssl.changes 2006-09-29 18:38:43.000000000 +0200 @@ -1,0 +2,37 @@ +Fri Sep 29 18:37:01 CEST 2006 - poeml@suse.de + +- update to 0.9.8d + *) Introduce limits to prevent malicious keys being able to + cause a denial of service. (CVE-2006-2940) + *) Fix ASN.1 parsing of certain invalid structures that can result + in a denial of service. (CVE-2006-2937) + *) Fix buffer overflow in SSL_get_shared_ciphers() function. + (CVE-2006-3738) + *) Fix SSL client code which could crash if connecting to a + malicious SSLv2 server. (CVE-2006-4343) + *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites + match only those. Before that, "AES256-SHA" would be interpreted + as a pattern and match "AES128-SHA" too (since AES128-SHA got + the same strength classification in 0.9.7h) as we currently only + have a single AES bit in the ciphersuite description bitmap. + That change, however, also applied to ciphersuite strings such as + "RC4-MD5" that intentionally matched multiple ciphersuites -- + namely, SSL 2.0 ciphersuites in addition to the more common ones + from SSL 3.0/TLS 1.0. + So we change the selection algorithm again: Naming an explicit + ciphersuite selects this one ciphersuite, and any other similar + ciphersuite (same bitmap) from *other* protocol versions. + Thus, "RC4-MD5" again will properly select both the SSL 2.0 + ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite. + Since SSL 2.0 does not have any ciphersuites for which the + 128/256 bit distinction would be relevant, this works for now. + The proper fix will be to use different bits for AES128 and + AES256, which would have avoided the problems from the beginning; + however, bits are scarce, so we can only do this in a new release + (not just a patchlevel) when we can change the SSL_CIPHER + definition to split the single 'unsigned long mask' bitmap into + multiple values to extend the available space. +- not in mentioned in CHANGES: patch for CVE-2006-4339 corrected + [openssl.org #1397] + +------------------------------------------------------------------- Old: ---- openssl-0.9.8c.tar.bz2 New: ---- openssl-0.9.8d.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl.spec ++++++ --- /var/tmp/diff_new_pack.IKm8VT/_old 2006-10-02 15:40:54.000000000 +0200 +++ /var/tmp/diff_new_pack.IKm8VT/_new 2006-10-02 15:40:54.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package openssl (Version 0.9.8c) +# spec file for package openssl (Version 0.9.8d) # # Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -23,8 +23,8 @@ Conflicts: ssleay Obsoletes: ssleay Autoreqprov: on -Version: 0.9.8c -Release: 2 +Version: 0.9.8d +Release: 1 Summary: Secure Sockets and Transport Layer Security URL: http://www.openssl.org/ Source: http://www.%{name}.org/source/%{name}-%{version}.tar.bz2 @@ -334,6 +334,40 @@ %{_libdir}/engines %changelog -n openssl +* Fri Sep 29 2006 - poeml@suse.de +- update to 0.9.8d + *) Introduce limits to prevent malicious keys being able to + cause a denial of service. (CVE-2006-2940) + *) Fix ASN.1 parsing of certain invalid structures that can result + in a denial of service. (CVE-2006-2937) + *) Fix buffer overflow in SSL_get_shared_ciphers() function. + (CVE-2006-3738) + *) Fix SSL client code which could crash if connecting to a + malicious SSLv2 server. (CVE-2006-4343) + *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites + match only those. Before that, "AES256-SHA" would be interpreted + as a pattern and match "AES128-SHA" too (since AES128-SHA got + the same strength classification in 0.9.7h) as we currently only + have a single AES bit in the ciphersuite description bitmap. + That change, however, also applied to ciphersuite strings such as + "RC4-MD5" that intentionally matched multiple ciphersuites -- + namely, SSL 2.0 ciphersuites in addition to the more common ones + from SSL 3.0/TLS 1.0. + So we change the selection algorithm again: Naming an explicit + ciphersuite selects this one ciphersuite, and any other similar + ciphersuite (same bitmap) from *other* protocol versions. + Thus, "RC4-MD5" again will properly select both the SSL 2.0 + ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite. + Since SSL 2.0 does not have any ciphersuites for which the + 128/256 bit distinction would be relevant, this works for now. + The proper fix will be to use different bits for AES128 and + AES256, which would have avoided the problems from the beginning; + however, bits are scarce, so we can only do this in a new release + (not just a patchlevel) when we can change the SSL_CIPHER + definition to split the single 'unsigned long mask' bitmap into + multiple values to extend the available space. +- not in mentioned in CHANGES: patch for CVE-2006-4339 corrected + [openssl.org #1397] * Fri Sep 08 2006 - schwab@suse.de - Fix inverted logic. * Wed Sep 06 2006 - poeml@suse.de ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org