OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)

Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
2011-02-08 17:10:53 +00:00 · 2011-02-08 17:10:53 +00:00 · 6545372c24
parent 17f8412983
commit 6545372c24
10 changed files with 60 additions and 14 deletions
--- a/30
+++ b/30
@ -2,7 +2,10 @@
 OpenSSL CHANGES
 _______________

- Changes between 1.0.0c and 1.0.0d [xx XXX xxxx]
+ Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
+
+  *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
+     [Neel Mehta, Adam Langley, Bodo Moeller (Google)]

  *) Fix bug in string printing code: if *any* escaping is enabled we must
     escape the escape character (backslash) or the resulting string is
@ -879,11 +882,34 @@
  *) Change 'Configure' script to enable Camellia by default.
     [NTT]
  
- Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
+ Changes between 0.9.8q and 0.9.8r [8 Feb 2011]
+
+  *) Fix parsing of OCSP stapling ClientHello extension.  CVE-2011-0014
+     [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
+
+  *) Fix bug in string printing code: if *any* escaping is enabled we must
+     escape the escape character (backslash) or the resulting string is
+     ambiguous.
+     [Steve Henson]
+
+ Changes between 0.9.8p and 0.9.8q [2 Dec 2010]
+
+  *) Disable code workaround for ancient and obsolete Netscape browsers
+     and servers: an attacker can use it in a ciphersuite downgrade attack.
+     Thanks to Martin Rex for discovering this bug. CVE-2010-4180
+     [Steve Henson]
+
+  *) Fixed J-PAKE implementation error, originally discovered by
+     Sebastien Martini, further info and confirmation from Stefan
+     Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
+     [Ben Laurie]
+
+ Changes between 0.9.8o and 0.9.8p [16 Nov 2010]

  *) Fix extension code to avoid race conditions which can result in a buffer
     overrun vulnerability: resumed sessions must not be modified as they can
     be shared by multiple threads. CVE-2010-3864
+     [Steve Henson]

  *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
     [Steve Henson]
--- a/2
+++ b/2
@ -82,7 +82,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?

 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 1.0.0c was released on Dec 2nd, 2010.
+OpenSSL 1.0.0d was released on Feb 8th, 2011.

 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
--- a/2
+++ b/2
@ -12,7 +12,7 @@
  ---------------

 /* ====================================================================
- * Copyright (c) 1998-2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
--- a/8
+++ b/8
@ -5,6 +5,10 @@
  This file gives a brief overview of the major changes between each OpenSSL
  release. For more details please read the CHANGES file.

+  Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d:
+
+      o Fix for security issue CVE-2011-0014
+
  Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c:

      o Fix for security issue CVE-2010-4180
@ -47,6 +51,10 @@
      o Opaque PRF Input TLS extension support.
      o Updated time routines to avoid OS limitations.

+  Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r:
+
+      o Fix for security issue CVE-2011-0014
+
  Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q:

      o Fix for security issue CVE-2010-4180
--- a/4
+++ b/4
@ -1,7 +1,7 @@

- OpenSSL 1.0.0d-dev
+ OpenSSL 1.0.0d

- Copyright (c) 1998-2010 The OpenSSL Project
+ Copyright (c) 1998-2011 The OpenSSL Project
 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
 All rights reserved.

--- a/8
+++ b/8
@ -1,14 +1,20 @@

  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2010/12/02 18:29:03 $
+  ______________                           $Date: 2011/02/08 17:10:52 $

  DEVELOPMENT STATE

    o  OpenSSL 1.1.0:  Under development...
+    o  OpenSSL 1.0.1:  Under development...
+    o  OpenSSL 1.0.0d: Released on February   8nd, 2011
    o  OpenSSL 1.0.0c: Released on December   2nd, 2010
    o  OpenSSL 1.0.0b: Released on November  16th, 2010
    o  OpenSSL 1.0.0a: Released on June      1st,  2010
    o  OpenSSL 1.0.0:  Released on March     29th, 2010
+    o  OpenSSL 0.9.8r: Released on February   8nd, 2011
+    o  OpenSSL 0.9.8q: Released on December   2nd, 2010
+    o  OpenSSL 0.9.8p: Released on November  16th, 2010
+    o  OpenSSL 0.9.8o: Released on June       1st, 2010
    o  OpenSSL 0.9.8n: Released on March     24th, 2010
    o  OpenSSL 0.9.8m: Released on February  25th, 2010
    o  OpenSSL 0.9.8l: Released on November   5th, 2009
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@ -25,11 +25,11 @@
 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
 *  major minor fix final patch/beta)
 */
-#define OPENSSL_VERSION_NUMBER	0x10000040L
+#define OPENSSL_VERSION_NUMBER	0x1000004fL
 #ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0d-fips-dev xx XXX xxxx"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0d-fips 8 Feb 2011"
 #else
-#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0d-dev xx XXX xxxx"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0d 8 Feb 2011"
 #endif
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT

--- a/openssl.spec
+++ b/openssl.spec
@ -9,8 +9,8 @@ Release: 1

 Summary: Secure Sockets Layer and cryptography libraries and tools
 Name: openssl
-Version: %{libmaj}.%{libmin}.%{librel}
-#Version: %{libmaj}.%{libmin}.%{librel}%{librev}
+#Version: %{libmaj}.%{libmin}.%{librel}
+Version: %{libmaj}.%{libmin}.%{librel}%{librev}
 Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
 Copyright: Freely distributable
 Group: System Environment/Libraries
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -917,6 +917,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 						}
 					n2s(data, idsize);
 					dsize -= 2 + idsize;
+					size -= 2 + idsize;
 					if (dsize < 0)
 						{
 						*al = SSL_AD_DECODE_ERROR;
@ -955,9 +956,14 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 					}

 				/* Read in request_extensions */
+				if (size < 2)
+					{
+					*al = SSL_AD_DECODE_ERROR;
+					return 0;
+					}
 				n2s(data,dsize);
 				size -= 2;
-				if (dsize > size) 
+				if (dsize != size)
 					{
 					*al = SSL_AD_DECODE_ERROR;
 					return 0;
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@ -391,7 +391,7 @@ foreach $lib (keys %csrc)
 	} else {
 	    push @out,
 "/* ====================================================================\n",
-" * Copyright (c) 2001-2010 The OpenSSL Project.  All rights reserved.\n",
+" * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.\n",
 " *\n",
 " * Redistribution and use in source and binary forms, with or without\n",
 " * modification, are permitted provided that the following conditions\n",