Package: openssl / 1.0.1e-2+deb7u20
Metadata
Package | Version | Patches format |
---|---|---|
openssl | 1.0.1e-2+deb7u20 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
ca.patch | (download) |
apps/CA.pl.in |
2 2 + 0 - 0 ! |
--- |
config hurd.patch | (download) |
config |
4 2 + 2 - 0 ! |
--- |
debian targets.patch | (download) |
Configure |
45 45 + 0 - 0 ! |
--- |
engines path.patch | (download) |
Configure |
2 1 + 1 - 0 ! |
--- |
make targets.patch | (download) |
Makefile.org |
2 1 + 1 - 0 ! |
--- |
man dir.patch | (download) |
Makefile.org |
2 1 + 1 - 0 ! |
--- |
man section.patch | (download) |
Makefile.org |
7 4 + 3 - 0 ! |
--- |
no rpath.patch | (download) |
Makefile.shared |
2 1 + 1 - 0 ! |
--- |
no symbolic.patch | (download) |
Makefile.shared |
2 1 + 1 - 0 ! |
--- |
pic.patch | (download) |
crypto/des/asm/desboth.pl |
17 14 + 3 - 0 ! |
--- |
valgrind.patch | (download) |
crypto/rand/md_rand.c |
2 2 + 0 - 0 ! |
--- |
rehash crt.patch | (download) |
tools/c_rehash.in |
12 9 + 3 - 0 ! |
--- |
rehash_pod.patch | (download) |
doc/apps/c_rehash.pod |
55 55 + 0 - 0 ! |
--- |
shared lib ext.patch | (download) |
Configure |
3 2 + 1 - 0 ! |
--- |
stddef.patch | (download) |
crypto/sha/sha.h |
1 1 + 0 - 0 ! |
--- |
version script.patch | (download) |
Configure |
2 2 + 0 - 0 ! |
--- |
gnu_source.patch | (download) |
crypto/dso/dso_dlfcn.c |
6 2 + 4 - 0 ! |
always define _gnu_source We need this atleast for kfreebsd because they also use glibc. There shouldn't be a problem defining this on systems not using glibc. |
c_rehash compat.patch | (download) |
tools/c_rehash.in |
8 7 + 1 - 0 ! |
[patch] also create old hash for compatibility |
libdoc manpgs pod spell.patch | (download) |
doc/crypto/ASN1_generate_nconf.pod |
2 1 + 1 - 0 ! |
--- |
libssl misspell.patch | (download) |
crypto/asn1/asn1_err.c |
2 1 + 1 - 0 ! |
--- |
openssl pod misspell.patch | (download) |
apps/ca.c |
2 1 + 1 - 0 ! |
--- |
pod_req_misspell2.patch | (download) |
doc/apps/req.pod |
2 1 + 1 - 0 ! |
--- |
pod_pksc12.misspell.patch | (download) |
doc/apps/pkcs12.pod |
2 1 + 1 - 0 ! |
--- |
pod_s_server.misspell.patch | (download) |
doc/apps/s_server.pod |
2 1 + 1 - 0 ! |
--- |
pod_x509setflags.misspell.patch | (download) |
doc/crypto/X509_VERIFY_PARAM_set_flags.pod |
2 1 + 1 - 0 ! |
--- |
pod_ec.misspell.patch | (download) |
doc/apps/ec.pod |
2 1 + 1 - 0 ! |
--- |
pkcs12 doc.patch | (download) |
doc/apps/pkcs12.pod |
7 6 + 1 - 0 ! |
--- |
dgst_hmac.patch | (download) |
apps/dgst.c |
2 2 + 0 - 0 ! |
document openssl dgst -hmac option I've committed the thing below in MirBSD; since the apps code changes very little between OpenSSL versions, it will probably apply to the Debian package as well. I'm open for better wor- ding though, especially considering the FIPS option, which I found as undocumented too. |
block_diginotar.patch | (download) |
crypto/x509/x509_vfy.c |
27 27 + 0 - 0 ! |
make x509_verify_cert indicate that any certificate whose name contains "DigiNotar" is revoked. |
block_digicert_malaysia.patch | (download) |
crypto/x509/x509_vfy.c |
7 4 + 3 - 0 ! |
make x509_verify_cert indicate that any certificate whose name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked. |
c_rehash multi.patch | (download) |
tools/c_rehash.in |
72 44 + 28 - 0 ! |
generate hashes for all certs in a file Bug: http://bugs.debian.org/628780 Forwared: no |
default_bits.patch | (download) |
apps/openssl.cnf |
2 1 + 1 - 0 ! |
--- |
ssltest_no_sslv2.patch | (download) |
ssl/ssltest.c |
8 7 + 1 - 0 ! |
fix in ssltest is no-ssl2 configured |
cpuid.patch | (download) |
crypto/x86cpuid.pl |
2 2 + 0 - 0 ! |
x86cpuid.pl: make it work with older cpus. |
aesni mac.patch | (download) |
crypto/evp/e_aes_cbc_hmac_sha1.c |
5 3 + 2 - 0 ! |
e_aes_cbc_hmac_sha1.c: fix rare bad record mac on aes-ni plaforms. |
dtls_version.patch | (download) |
ssl/s3_cbc.c |
2 1 + 1 - 0 ! |
check dtls_bad_ver for version number. |
get_certificate.patch | (download) |
ssl/ssl_lib.c |
4 1 + 3 - 0 ! |
fix for ssl_get_certificate |
CVE 2013 6449.patch | (download) |
ssl/s3_both.c |
2 2 + 0 - 0 ! |
fix cve-2013-6449 This is a combination of upstream commits: 0294b2be5f4c11e60620c0018674ff0e17b14238 ca989269a2876bae79393bd54c3e72d49975fc75 |
CVE 2013 6450.patch | (download) |
crypto/evp/digest.c |
7 5 + 2 - 0 ! |
[patch] fix dtls retransmission from previous session. |
disable_rdrand.patch | (download) |
crypto/engine/eng_rdrand.c |
1 1 + 0 - 0 ! |
[patch] don't use rdrand engine as default unless explicitly requested. |
disable_dual_ec_drbg.patch | (download) |
crypto/rand/rand.h |
1 1 + 0 - 0 ! |
[patch] disable dual ec drbg. |
CVE 2013 4353.patch | (download) |
ssl/s3_both.c |
6 5 + 1 - 0 ! |
[patch] fix for tls record tampering bug cve-2013-4353 |
dont_change_version.patch | (download) |
ssl/s3_pkt.c |
2 1 + 1 - 0 ! |
[patch] don't change version number if session established |
CVE 2014 0160.patch | (download) |
ssl/d1_both.c |
26 18 + 8 - 0 ! |
[patch] add heartbeat extension bounds check. A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for preparing the fix (CVE-2014-0160) |
CVE 2010 5298.patch | (download) |
ssl/s3_pkt.c |
3 2 + 1 - 0 ! |
[patch] don't release the buffer when there still is data in it RT: 2167, 3265 |
CVE 2014 XXXX Extension checking fixes.patch | (download) |
crypto/x509v3/v3_purp.c |
6 3 + 3 - 0 ! |
[patch] extension checking fixes. When looking for an extension we need to set the last found position to -1 to properly search all extensions. PR#3309. |
CVE 2014 0076.patch | (download) |
crypto/bn/bn.h |
11 11 + 0 - 0 ! |
[patch] fix for cve-2014-0076 Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" |
ECDHE ECDSA_Safari.patch | (download) |
doc/ssl/SSL_CTX_set_options.pod |
5 3 + 2 - 0 ! |
[patch] don't prefer ecdhe-ecdsa ciphers when the client appears to be Safari on OS X. OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers. |
CVE 2014 0198.patch | (download) |
ssl/s3_pkt.c |
7 4 + 3 - 0 ! |
[patch] fixed null pointer dereference. see pr#3321 |
CVE 2014 0224.patch | (download) |
ssl/s3_clnt.c |
4 4 + 0 - 0 ! |
fix for cve-2014-0224 Only accept change cipher spec when it is expected instead of at any time. This prevents premature setting of session keys before the master secret is determined which an attacker could use as a MITM attack. Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for reporting this issue and providing the initial fix this patch is based on. |
CVE 2014 3470.patch | (download) |
ssl/s3_clnt.c |
7 7 + 0 - 0 ! |
--- |
CVE 2014 0195.patch | (download) |
ssl/d1_both.c |
9 9 + 0 - 0 ! |
fix for cve-2014-0195 A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. Fixed by adding consistency check for DTLS fragments. Thanks to Jri Aedla for reporting this issue. |
CVE 2014 0221.patch | (download) |
ssl/d1_both.c |
4 2 + 2 - 0 ! |
fix cve-2014-0221 Unnecessary recursion when receiving a DTLS hello request can be used to crash a DTLS client. Fixed by handling DTLS hello request without recursion. Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. |
CVE 2012 4929.patch | (download) |
ssl/ssl_ciph.c |
2 1 + 1 - 0 ! |
disable zlib compression by default This fixes CVE-2012-4929 (CRiME). |
Avoid double free when processing DTLS packets.patch | (download) |
ssl/d1_both.c |
6 2 + 4 - 0 ! |
[patch 01/16] avoid double free when processing dtls packets. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The |item| variable, in both of these cases, may contain a pointer to a |pitem| structure within |s->d1->buffered_messages|. It was being freed in the error case while still being in |buffered_messages|. When the error later caused the |SSL*| to be destroyed, the item would be double freed. Thanks to Wah-Teh Chang for spotting that the fix in 1632ef74 was inconsistent with the other error paths (but correct). Fixes CVE-2014-3505 |
Added comment for the frag reassembly NULL case as p.patch | (download) |
ssl/d1_both.c |
3 2 + 1 - 0 ! |
[patch 02/16] added comment for the frag->reassembly == null case as per feedback from Emilia MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit |
Fix DTLS handshake message size checks.patch | (download) |
ssl/d1_both.c |
29 16 + 13 - 0 ! |
[patch 03/16] fix dtls handshake message size checks. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In |dtls1_reassemble_fragment|, the value of |msg_hdr->frag_off+frag_len| was being checked against the maximum handshake message size, but then |msg_len| bytes were allocated for the fragment buffer. This means that so long as the fragment was within the allowed size, the pending handshake message could consume 16MB + 2MB (for the reassembly bitmap). Approx 10 outstanding handshake messages are allowed, meaning that an attacker could consume ~180MB per DTLS connection. In the non-fragmented path (in |dtls1_process_out_of_seq_message|), no check was applied. Fixes CVE-2014-3506 Wholly based on patch by Adam Langley with one minor amendment. |
Fix memory leak from zero length DTLS fragments.patch | (download) |
ssl/d1_both.c |
22 19 + 3 - 0 ! |
[patch 04/16] fix memory leak from zero-length dtls fragments. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The |pqueue_insert| function can fail if one attempts to insert a duplicate sequence number. When handling a fragment of an out of sequence message, |dtls1_process_out_of_seq_message| would not call |dtls1_reassemble_fragment| if the fragment's length was zero. It would then allocate a fresh fragment and attempt to insert it, but ignore the return value, leaking the fragment. This allows an attacker to exhaust the memory of a DTLS peer. Fixes CVE-2014-3507 |
Fix return code for truncated DTLS fragment.patch | (download) |
ssl/d1_both.c |
4 3 + 1 - 0 ! |
[patch 05/16] fix return code for truncated dtls fragment. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Previously, a truncated DTLS fragment in |dtls1_process_out_of_seq_message| would cause *ok to be cleared, but the return value would still be the number of bytes read. This would cause |dtls1_get_message| not to consider it an error and it would continue processing as normal until the calling function noticed that *ok was zero. I can't see an exploit here because |dtls1_get_message| uses |s->init_num| as the length, which will always be zero from what I can see. |