The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSLv2/v3) and Transport Layer Security (TLSv1) as well as a full-strength general-purpose cryptography library.
Homepage
Download
Recent Releases
1.0.223 Jan 2015 20:25
major feature:
Suite B support for TLS 1.2 and DTLS 1.2
Support for DTLS 1.2
TLS automatic EC curve selection.
API to set TLS supported signature algorithms and curves
SSL_CONF configuration API.
TLS Brainpool support.
ALPN support.
CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
1.0.1j15 Oct 2014 21:26
security:
SRTP Memory Leak (CVE-2014-3513).
Session Ticket Memory Leak (CVE-2014-3567).
Build option no-ssl3 was incomplete (CVE-2014-3568).
Add support for TLS_FALLBACK_SCSV (CVE-2014-3566).
Add additional DigestInfo checks.
1.0.1i07 Aug 2014 21:12
security:
CVE-2014-3512: Fix SRP buffer overrun vulnerability. Invalid parameters passed to the SRP code can be overrun an internal buffer. Add sanity check that g, A, B N to SRP code. CVE-2014-3511: A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client's TLS records. CVE-2014-3510: OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages. CVE-2014-3507: By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. CVE-2014-3506: An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. CVE-2014-3505: An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. CVE-2014-3509: If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory. CVE-2014-5139: A malicious server can crash an OpenSSL client with a null pointer dereference (read) by specifying an SRP ciphersuite even though it was not properly negotiated with the client. CVE-2014-3508: A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.) for corner cases.
1.0.0n07 Aug 2014 21:09
security:
CVE-2014-3510: OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages. CVE-2014-3507: By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. CVE-2014-3506: An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. CVE-2014-3505: An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. CVE-2014-3509: If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory. CVE-2014-3508: A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.) for corner cases. (Certain input points at infinity could lead to bogus results, with non-infinity inputs mapped to infinity too.)
0.9.8zb07 Aug 2014 21:07
security:
CVE-2014-3510: OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages. CVE-2014-3507: By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. CVE-2014-3506: An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. CVE-2014-3505: An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. CVE-2014-3508: A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.) for corner cases. (Certain input points at infinity could lead to bogus results, with non-infinity inputs mapped to infinity too.)
|