diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-09-29 12:06:27 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-09-29 12:25:10 +0100 |
| commit | 7c4776251e283db7bdaeb416f1d99b78cd622e7a (patch) | |
| tree | 1194554d24bfe4603bf36dac1a526ffc270c34e2 | |
| parent | 1cfd255c9123cdb4637cc9a65c6665fe4a06c6d5 (diff) | |
| download | openssl-7c4776251e283db7bdaeb416f1d99b78cd622e7a.zip openssl-7c4776251e283db7bdaeb416f1d99b78cd622e7a.tar.gz openssl-7c4776251e283db7bdaeb416f1d99b78cd622e7a.tar.bz2 | |
Add additional explanation to CHANGES entry.
Reviewed-by: Tim Hudson <tjh@openssl.org>
| -rw-r--r-- | CHANGES | 12 |
1 files changed, 7 insertions, 5 deletions
@@ -625,18 +625,20 @@ X509_CINF_set_modified, X509_CINF_get_issuer, X509_CINF_get_extensions and X509_CINF_get_signature were reverted post internal team review. - Changes between 1.0.1g and 1.0.1h [5 Jun 2014] + Changes between 1.0.1i and 1.0.1j [xx XXX xxxx] *) Add additional DigestInfo checks. - Reencode DigestInto in DER and check against the original: this - will reject any improperly encoded DigestInfo structures. + Reencode DigestInto in DER and check against the original when + verifying RSA signature: this will reject any improperly encoded + DigestInfo structures. - Note: this is a precautionary measure OpenSSL and no attacks - are currently known. + Note: this is a precautionary measure and no attacks are currently known. [Steve Henson] + Changes between 1.0.1g and 1.0.1h [5 Jun 2014] + *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. |