We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 6bedd0f commit c808447Copy full SHA for c808447
deps/openssl/openssl/CHANGES
@@ -2,6 +2,67 @@
2
OpenSSL CHANGES
3
_______________
4
5
+ Changes between 1.0.2j and 1.0.2k [26 Jan 2017]
6
+
7
+ *) Truncated packet could crash via OOB read
8
9
+ If one side of an SSL/TLS path is running on a 32-bit host and a specific
10
+ cipher is being used, then a truncated packet can cause that host to
11
+ perform an out-of-bounds read, usually resulting in a crash.
12
13
+ This issue was reported to OpenSSL by Robert Święcki of Google.
14
+ (CVE-2017-3731)
15
+ [Andy Polyakov]
16
17
+ *) BN_mod_exp may produce incorrect results on x86_64
18
19
+ There is a carry propagating bug in the x86_64 Montgomery squaring
20
+ procedure. No EC algorithms are affected. Analysis suggests that attacks
21
+ against RSA and DSA as a result of this defect would be very difficult to
22
+ perform and are not believed likely. Attacks against DH are considered just
23
+ feasible (although very difficult) because most of the work necessary to
24
+ deduce information about a private key may be performed offline. The amount
25
+ of resources required for such an attack would be very significant and
26
+ likely only accessible to a limited number of attackers. An attacker would
27
+ additionally need online access to an unpatched system using the target
28
+ private key in a scena CBA2 rio with persistent DH parameters and a private
29
+ key that is shared between multiple clients. For example this can occur by
30
+ default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very
31
+ similar to CVE-2015-3193 but must be treated as a separate problem.
32
33
+ This issue was reported to OpenSSL by the OSS-Fuzz project.
34
+ (CVE-2017-3732)
35
36
37
+ *) Montgomery multiplication may produce incorrect results
38
39
+ There is a carry propagating bug in the Broadwell-specific Montgomery
40
+ multiplication procedure that handles input lengths divisible by, but
41
+ longer than 256 bits. Analysis suggests that attacks against RSA, DSA
42
+ and DH private keys are impossible. This is because the subroutine in
43
+ question is not used in operations with the private key itself and an input
44
+ of the attacker's direct choice. Otherwise the bug can manifest itself as
45
+ transient authentication and key negotiation failures or reproducible
46
+ erroneous outcome of public-key operations with specially crafted input.
47
+ Among EC algorithms only Brainpool P-512 curves are affected and one
48
+ presumably can attack ECDH key negotiation. Impact was not analyzed in
49
+ detail, because pre-requisites for attack are considered unlikely. Namely
50
+ multiple clients have to choose the curve in question and the server has to
51
+ share the private key among them, neither of which is default behaviour.
52
+ Even then only clients that chose the curve will be affected.
53
54
+ This issue was publicly reported as transient failures and was not
55
+ initially recognized as a security issue. Thanks to Richard Morgan for
56
+ providing reproducible case.
57
+ (CVE-2016-7055)
58
59
60
+ *) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
61
+ or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
62
+ prevent issues where no progress is being made and the peer continually
63
+ sends unrecognised record types, using up resources processing them.
64
+ [Matt Caswell]
65
66
Changes between 1.0.2i and 1.0.2j [26 Sep 2016]
67
68
*) Missing CRL sanity check
deps/openssl/openssl/CONTRIBUTING
@@ -1,4 +1,4 @@
1
-HOW TO CONTRIBUTE TO PATCHES OpenSSL
+HOW TO CONTRIBUTE PATCHES TO OpenSSL
(Please visit https://www.openssl.org/community/getting-started.html for
@@ -11,34 +11,12 @@ OpenSSL community you might want to discuss it on the openssl-dev mailing
list first. Someone may be already working on the same thing or there
may be a good reason as to why that feature isn't implemented.
-The best way to submit a patch is to make a pull request on GitHub.
-(It is not necessary to send mail to rt@openssl.org to open a ticket!)
-If you think the patch could use feedback from the community, please
-start a thread on openssl-dev.
+To submit a patch, make a pull request on GitHub. If you think the patch
+could use feedback from the community, please start a thread on openssl-dev
+to discuss it.
-You can also submit patches by sending it as mail to rt@openssl.org.
-Please include the word "PATCH" and an explanation of what the patch
-does in the subject line. If you do this, our preferred format is "git
-format-patch" output. For example to provide a patch file containing the
-last commit in your local git repository use the following command:
-
- % git format-patch --stdout HEAD^ >mydiffs.patch
-Another method of creating an acceptable patch file without using git is as
-follows:
- % cd openssl-work
- ...make your changes...
- % ./Configure dist; make clean
- % cd ..
- % diff -ur openssl-orig openssl-work >mydiffs.patch
-Note that pull requests are generally easier for the team, and community, to
-work with. Pull requests benefit from all of the standard GitHub features,
-including code review tools, simpler integration, and CI build support.
-No matter how a patch is submitted, the following items will help make
-the acceptance and review process faster:
+Having addressed the following items before the PR will help make the
+acceptance and review process faster:
1. Anything other than trivial contributions will require a contributor
licensing agreement, giving us permission to use your code. See
@@ -55,21 +33,22 @@ the acceptance and review process faster:
in the file LICENSE in the source distribution or at
https://www.openssl.org/source/license.html
- 3. Patches should be as current as possible. When using GitHub, please
- expect to have to rebase and update often. Note that we do not accept merge
- commits. You will be asked to remove them before a patch is considered
- acceptable.
+ 3. Patches should be as current as possible; expect to have to rebase
+ often. We do not accept merge commits; You will be asked to remove
+ them before a patch is considered acceptable.
4. Patches should follow our coding style (see
https://www.openssl.org/policies/codingstyle.html) and compile without
warnings. Where gcc or clang is availble you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
platforms: try to ensure you only use portable features.
+ Clean builds via Travis and AppVeyor are expected, and done whenever
+ a PR is created or updated.
69
- 5. When at all possible, patches should include tests. These can either be
70
- added to an existing test, or completely new. Please see test/README
71
- for information on the test framework.
+ 5. When at all possible, patches should include tests. These can
+ either be added to an existing test, or completely new. Please see
+ test/README for information on the test framework.
72
73
- 6. New features or changed functionality must include documentation. Please
74
- look at the "pod" files in doc/apps, doc/crypto and doc/ssl for examples of
75
- our style.
+ 6. New features or changed functionality must include
+ documentation. Please look at the "pod" files in doc/apps, doc/crypto
+ and doc/ssl for examples of our style.
deps/openssl/openssl/Configure
@@ -7,6 +7,7 @@ eval 'exec perl -S $0 ${1+"$@"}'
require 5.000;
use strict;
+use File::Compare;
# see INSTALL for instructions.
@@ -57,12 +58,13 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
# sctp include SCTP support
-# 386 generate 80386 code
# enable-weak-ssl-ciphers
# Enable EXPORT and LOW SSLv3 ciphers that are disabled by
# default. Note, weak SSLv2 ciphers are unconditionally
# disabled.
-# no 3FFA -sse2 disables IA-32 SSE2 code, above option implies no-sse2
+# 386 generate 80386 code in assembly modules
+# no-sse2 disables IA-32 SSE2 code in assembly modules, the above
+# mentioned '386' option implies this one
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
#
@@ -1792,8 +1794,16 @@ while (<IN>)
1792
1794
}
1793
1795
close(IN);
1796
close(OUT);
-rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
-rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
1797
+if ((compare($Makefile, "$Makefile.new"))
1798
+ or file_newer('Configure', $Makefile)
1799
+ or file_newer('config', $Makefile)
1800
+ or file_newer('Makefile.org', $Makefile))
1801
+ {
1802
+ rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
1803
+ rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
1804
+ }
1805
+else
1806
+ { unlink("$Makefile.new"); }
1807
1808
print "CC =$cc\n";
1809
print "CFLAG =$cflags\n";
@@ -1985,9 +1995,13 @@ print OUT "#ifdef __cplusplus\n";
1985
1995
print OUT "}\n";
1986
1996
print OUT "#endif\n";
1987
1997
1988
-rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
1989
-rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
1990
1998
+if (compare("crypto/opensslconf.h.new","crypto/opensslconf.h"))
1999
2000
+ rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
2001
+ rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
2002
2003
2004
+ { unlink("crypto/opensslconf.h.new"); }
1991
2005
1992
2006
# Fix the date
1993
2007
@@ -2289,3 +2303,9 @@ sub test_sanity
2289
2303
print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
2290
2304
return $errorcnt;
2291
2305
2306
2307
+sub file_newer
2308
2309
+ my ($file1, $file2) = @_;
2310
+ return (stat($file1))[9] > (stat($file2))[9]
2311
deps/openssl/openssl/INSTALL
@@ -74,24 +74,26 @@
no-asm Do not use assembler code.
76
77
- 386 Use the 80386 instruction set only (the default x86 code is
78
- more efficient, but requires at least a 486). Note: Use
79
- compiler flags for any other CPU specific configuration,
80
- e.g. "-m32" to build x86 code on an x64 system.
81
82
- no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is
83
- detected at run-time, but the decision whether or not the
84
- machine code will be executed is taken solely on CPU
85
- capability vector. This means that if you happen to run OS
86
- kernel which does not support SSE2 extension on Intel P4
87
- processor, then your application might be exposed to
88
- "illegal instruction" exception. There might be a way
89
- to enable support in kernel, e.g. FreeBSD kernel can be
90
- compiled with CPU_ENABLE_SSE, and there is a way to
91
- disengage SSE2 code pathes upon application start-up,
92
- but if you aim for wider "audience" running such kernel,
93
- consider no-sse2. Both 386 and no-asm options above imply
94
- no-sse2.
+ 386 In 32-bit x86 builds, when generating assembly modules,
+ use the 80386 instruction set only (the default x86 code
+ is more efficient, but requires at least a 486). Note:
+ This doesn't affect code generated by compiler, you're
+ likely to complement configuration command line with
+ suitable compiler-specific option.
+ no-sse2 Exclude SSE2 code paths from 32-bit x86 assembly modules.
+ Normally SSE2 extension is detected at run-time, but the
+ decision whether or not the machine code will be executed
+ is taken solely on CPU capability vector. This means that
+ if you happen to run OS kernel which does not support SSE2
+ extension on Intel P4 processor, then your application
+ might be exposed to "illegal instruction" exception.
+ There might be a way to enable support in kernel, e.g.
+ FreeBSD kernel can be compiled with CPU_ENABLE_SSE, and
+ there is a way to disengage SSE2 code paths upon application
+ start-up, but if you aim for wider "audience" running
95
+ such kernel, consider no-sse2. Both the 386 and
96
+ no-asm options imply no-sse2.
97
98
no-<cipher> Build without the specified cipher (bf, cast, des, dh, dsa,
99
hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
@@ -101,7 +103,12 @@
101
103
-Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
102
104
be passed through to the compiler to allow you to
105
define preprocessor symbols, specify additional libraries,
- library directories or other compiler options.
106
+ library directories or other compiler options. It might be
107
+ worth noting that some compilers generate code specifically
108
+ for processor the compiler currently executes on. This is
109
+ not necessarily what you might have in mind, since it might
110
+ be unsuitable for execution on other, typically older,
111
+ processor. Consult your compiler documentation.
112
113
-DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
114
BSD. Useful if you are running ocf-linux or something
@@ -159,18 +166,18 @@
159
166
OpenSSL binary ("openssl"). The libraries will be built in the top-level
160
167
directory, and the binary will be in the "apps" directory.
161
168
162
- If "make" fails, look at the output. There may be reasons for
163
- the failure that aren't problems in OpenSSL itself (like missing
164
- standard headers). If it is a problem with OpenSSL itself, please
165
- report the problem to <openssl-bugs@openssl.org> (note that your
- message will be recorded in the request tracker publicly readable
- at https://www.openssl.org/community/index.html#bugs and will be
- forwarded to a public mailing list). Include the output of "make
169
- report" in your message. Please check out the request tracker. Maybe
170
- the bug was already reported or has already been fixed.
171
172
- [If you encounter assembler error messages, try the "no-asm"
173
- configuration option as an immediate fix.]
+ If the build fails, look at the output. There may be reasons
+ for the failure that aren't problems in OpenSSL itself (like
+ missing standard headers). If you are having problems you can
+ get help by sending an email to the openssl-users email list (see
+ https://www.openssl.org/community/mailinglists.html for details). If
174
+ it is a bug with OpenSSL itself, please open an issue on GitHub, at
175
+ https://github.com/openssl/openssl/issues. Please review the existing
176
+ ones first; maybe the bug was already reported or has already been
177
+ fixed.
178
179
+ (If you encounter assembler error messages, try the "no-asm"
180
+ configuration option as an immediate fix.)
181
182
Compiling parts of OpenSSL with gcc and others with the system
183
compiler will result in unresolved symbols on some systems.
deps/openssl/openssl/Makefile
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.2j
+VERSION=1.0.2k
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
@@ -203,7 +203,8 @@ CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
203
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
204
$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
205
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
206
- $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+ $${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS} \
207
+ $${APPS+APPS}
208
209
# LC_ALL=C ensures that error [and other] messages are delivered in
210
# same language for uniform treatment.
deps/openssl/openssl/Makefile.bak
deps/openssl/openssl/Makefile.org
@@ -201,7 +201,8 @@ CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
201
202
deps/openssl/openssl/NEWS
@@ -5,9 +5,15 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]
+ o Truncated packet could crash via OOB read (CVE-2017-3731)
+ o BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
+ o Montgomery multiplication may produce incorrect results (CVE-2016-7055)
Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016]
- o Fix Use After Free for large message sizes (CVE-2016-6309)
+ o Missing CRL sanity check (CVE-2016-7052)
Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016]