ubuntu/+source/openssl:ubuntu/precise-security

Last commit made on 2017-01-31
Get this branch:
git clone -b ubuntu/precise-security https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/precise-security
Repository:
lp:ubuntu/+source/openssl

Recent commits

5e0bb0b... by Marc Deslauriers on 2017-01-30

Import patches-unapplied version 1.0.1-4ubuntu5.39 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 82a89004c586499a6eea19659cf0054de87c5b57

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

82a8900... by Marc Deslauriers on 2016-09-23

Import patches-unapplied version 1.0.1-4ubuntu5.38 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 079ba1ba09cb4630134802253ad73e3e0342fce5

New changelog entries:
  * SECURITY REGRESSION: incomplete fix for CVE-2016-2182 (LP: #1626883)
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.

079ba1b... by Marc Deslauriers on 2016-09-22

Import patches-unapplied version 1.0.1-4ubuntu5.37 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 8cac65579c1715d39ae6aa1983f2cf0c4dc19c28

New changelog entries:
  * SECURITY UPDATE: Constant time flag not preserved in DSA signing
    - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
      crypto/dsa/dsa_ossl.c.
    - CVE-2016-2178
  * SECURITY UPDATE: DTLS buffered message DoS
    - debian/patches/CVE-2016-2179.patch: fix queue handling in
      ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
      ssl/ssl_locl.h.
    - CVE-2016-2179
  * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
    - debian/patches/CVE-2016-2180.patch: fix text handling in
      crypto/ts/ts_lib.c.
    - CVE-2016-2180
  * SECURITY UPDATE: DTLS replay protection DoS
    - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
      records in ssl/d1_pkt.c.
    - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
      in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
    - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
    - CVE-2016-2181
  * SECURITY UPDATE: OOB write in BN_bn2dec()
    - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
      crypto/bn/bn_print.c.
    - CVE-2016-2182
  * SECURITY UPDATE: SWEET32 Mitigation
    - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
      to MEDIUM in ssl/s3_lib.c.
    - CVE-2016-2183
  * SECURITY UPDATE: Malformed SHA512 ticket DoS
    - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
      ssl/t1_lib.c.
    - CVE-2016-6302
  * SECURITY UPDATE: OOB write in MDC2_Update()
    - debian/patches/CVE-2016-6303.patch: avoid overflow in
      crypto/mdc2/mdc2dgst.c.
    - CVE-2016-6303
  * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
    - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
      handshake in ssl/t1_lib.c.
    - CVE-2016-6304
  * SECURITY UPDATE: Certificate message OOB reads
    - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
      ssl/s3_srvr.c.
    - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
      larger in ssl/d1_both.c, ssl/s3_both.c.
    - CVE-2016-6306
  * SECURITY REGRESSION: DTLS regression (LP: #1622500)
    - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
      read_ahead is set in ssl/s3_pkt.c.
  * debian/patches/update-expired-smime-test-certs.patch: Update test
    certificates that have expired and caused build test failures.

8cac655... by Marc Deslauriers on 2016-04-28

Import patches-unapplied version 1.0.1-4ubuntu5.36 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 15abdc0c0b5752bd74a82f72b7f1578319883d53

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108-1.patch: don't mishandle zero if it is
      marked as negative in crypto/asn1/a_int.c.
    - debian/patches/CVE-2016-2108-2.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

15abdc0... by Marc Deslauriers on 2016-02-29

Import patches-unapplied version 1.0.1-4ubuntu5.35 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: e88cf8c2de35078b18c8c293eb96a359d1eb6983

New changelog entries:
  * SECURITY UPDATE: side channel attack on modular exponentiation
    - debian/patches/CVE-2016-0702.patch: use constant-time calculations in
      crypto/bn/asm/x86_64-mont5.pl, crypto/bn/bn_exp.c,
      crypto/perlasm/x86_64-xlate.pl, crypto/constant_time_locl.h.
    - CVE-2016-0702
  * SECURITY UPDATE: double-free in DSA code
    - debian/patches/CVE-2016-0705.patch: fix double-free in
      crypto/dsa/dsa_ameth.c.
    - CVE-2016-0705
  * SECURITY UPDATE: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
    - debian/patches/CVE-2016-0797.patch: prevent overflow in
      crypto/bn/bn_print.c, crypto/bn/bn.h.
    - CVE-2016-0797
  * SECURITY UPDATE: memory leak in SRP database lookups
    - debian/patches/CVE-2016-0798.patch: disable SRP fake user seed and
      introduce new SRP_VBASE_get1_by_user function that handled seed
      properly in apps/s_server.c, crypto/srp/srp.h, crypto/srp/srp_vfy.c,
      util/libeay.num, openssl.ld.
    - CVE-2016-0798
  * SECURITY UPDATE: memory issues in BIO_*printf functions
    - debian/patches/CVE-2016-0799.patch: prevent overflow in
      crypto/bio/b_print.c.
    - CVE-2016-0799
  * debian/patches/preserve_digests_for_sni.patch: preserve negotiated
    digests for SNI when SSL_set_SSL_CTX is called in ssl/ssl_lib.c.
    (LP: #1550643)

e88cf8c... by Marc Deslauriers on 2016-02-08

Import patches-unapplied version 1.0.1-4ubuntu5.34 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 7861db80f13f72acdfd0ef59f688f92ecc6dcec1

New changelog entries:
  * debian/patches/alt-cert-chains-*.patch: backport series of upstream
    commits to add alternate chains support. This will allow the future
    removal of 1024-bit RSA keys from the ca-certificates package.

7861db8... by Marc Deslauriers on 2016-01-07

Import patches-unapplied version 1.0.1-4ubuntu5.33 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: e6204c41aa6a5fb5fdb271dcfc72be7bc089dc62

New changelog entries:
  * SECURITY UPDATE: incorrect RSA+MD5 support with TLS 1.2
    - debian/patches/CVE-2015-7575.patch: disable RSA+MD5 when using TLS
      1.2 in ssl/t1_lib.c.
    - CVE-2015-7575

e6204c4... by Marc Deslauriers on 2015-12-04

Import patches-unapplied version 1.0.1-4ubuntu5.32 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 716d9ce2ee67e500769ea34d445cf47b55aea5f5

New changelog entries:
  * SECURITY UPDATE: Certificate verify crash with missing PSS parameter
    - debian/patches/CVE-2015-3194.patch: add PSS parameter check to
      crypto/rsa/rsa_ameth.c.
    - CVE-2015-3194
  * SECURITY UPDATE: X509_ATTRIBUTE memory leak
    - debian/patches/CVE-2015-3195.patch: fix leak in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-3195
  * SECURITY UPDATE: Race condition handling PSK identify hint
    - debian/patches/CVE-2015-3196.patch: fix PSK handling in
      ssl/s3_clnt.c, ssl/s3_srvr.c.
    - CVE-2015-3196

716d9ce... by Marc Deslauriers on 2015-06-11

Import patches-unapplied version 1.0.1-4ubuntu5.31 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 05f365e2796ac1d400759d45df5d5bf29987e171

New changelog entries:
  * SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits
    - debian/patches/reject_small_dh.patch: reject small dh keys in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in
      doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit
      dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod,
      switch defaut dh to 2048-bit in apps/dhparam.c, apps/gendh.c.
  * SECURITY UPDATE: denial of service and possible code execution via
    invalid free in DTLS
    - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c.
    - CVE-2014-8176
  * SECURITY UPDATE: denial of service via malformed ECParameters
    - debian/patches/CVE-2015-1788.patch: improve logic in
      crypto/bn/bn_gf2m.c.
    - CVE-2015-1788
  * SECURITY UPDATE: denial of service via out-of-bounds read in
    X509_cmp_time
    - debian/patches/CVE-2015-1789.patch: properly parse time format in
      crypto/x509/x509_vfy.c.
    - CVE-2015-1789
  * SECURITY UPDATE: denial of service via missing EnvelopedContent
    - debian/patches/CVE-2015-1790.patch: handle NULL data_body in
      crypto/pkcs7/pk7_doit.c.
    - CVE-2015-1790
  * SECURITY UPDATE: race condition in NewSessionTicket
    - debian/patches/CVE-2015-1791.patch: create a new session in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h,
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in
      ssl/ssl_sess.c.
    - CVE-2015-1791
  * SECURITY UPDATE: CMS verify infinite loop with unknown hash function
    - debian/patches/CVE-2015-1792.patch: fix infinite loop in
      crypto/cms/cms_smime.c.
    - CVE-2015-1792

05f365e... by Marc Deslauriers on 2015-05-28

Import patches-unapplied version 1.0.1-4ubuntu5.28 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 2f54ed261f2f691d866f40751766cfa2d93bdccf

New changelog entries:
  * SECURITY IMPROVEMENT: Disable EXPORT ciphers by default
    - debian/patches/disable_export_ciphers.patch: remove export ciphers
      from the DEFAULT cipher list in ssl/ssl.h, ssl/ssl_ciph.c,
      doc/apps/ciphers.pod.