SHA256
1
0
forked from pool/openssl-1_1

Accepting request 1126087 from home:ohollmann:branches:security:tls

- Security fix: [bsc#1216922, CVE-2023-5678]
  * Fix excessive time spent in DH check / generation with large Q
    parameter value.
  * Applications that use the functions DH_generate_key() to generate
    an X9.42 DH key may experience long delays. Likewise,
    applications that use DH_check_pub_key(), DH_check_pub_key_ex
    () or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42
    DH parameters may experience long delays. Where the key or
    parameters that are being checked have been obtained from an
    untrusted source this may lead to a Denial of Service.
  * Add openssl-CVE-2023-5678.patch
- Remove trailing spaces from changelog

- Remove a hack for bsc#936563
  bsc936563_hack.patch (bsc#936563)
- Build with no-ssl3, for details on why this is needed read
  require us to patch dependant packages as the relevant
  functions are still available (SSLv3_(client|server)_method)
- openssl.keyring: use Matt Caswells current key.
- openSSL 1.0.1j
- openssl.keyring: the 1.0.1i release was done by
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
  it is already in RPM_OPT_FLAGS and is replaced by
- Remove the "gmp" and "capi" shared engines, nobody noticed
  but they are just dummies that do nothing.
- Use enable-rfc3779 to allow projects such as rpki.net
- openssl-buffreelistbug-aka-CVE-2010-5298.patch fix
- openssl-gcc-attributes.patch: fix thinko, CRYPTO_realloc_clean does
- openssl-gcc-attributes.patch

OBS-URL: https://build.opensuse.org/request/show/1126087
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=150
This commit is contained in:
Otto Hollmann 2023-11-15 09:54:14 +00:00 committed by Git OBS Bridge
parent b51c004cd8
commit 6a02bab132
3 changed files with 288 additions and 95 deletions

View File

@ -1,3 +1,19 @@
-------------------------------------------------------------------
Mon Nov 13 09:29:26 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
- Security fix: [bsc#1216922, CVE-2023-5678]
* Fix excessive time spent in DH check / generation with large Q
parameter value.
* Applications that use the functions DH_generate_key() to generate
an X9.42 DH key may experience long delays. Likewise,
applications that use DH_check_pub_key(), DH_check_pub_key_ex
() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42
DH parameters may experience long delays. Where the key or
parameters that are being checked have been obtained from an
untrusted source this may lead to a Denial of Service.
* Add openssl-CVE-2023-5678.patch
- Remove trailing spaces from changelog
-------------------------------------------------------------------
Thu Oct 19 15:03:14 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
@ -633,7 +649,7 @@ Fri Jan 8 17:49:33 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
- Add openssl-1_1-seclevel.patch
-------------------------------------------------------------------
Thu Dec 17 17:16:08 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
Thu Dec 17 17:16:08 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
- Require the crypto-policies package [bsc#1180051]
@ -1683,7 +1699,7 @@ Tue May 3 14:43:47 UTC 2016 - vcizek@suse.com
-------------------------------------------------------------------
Fri Apr 15 16:55:05 UTC 2016 - dvaleev@suse.com
- Remove a hack for bsc#936563
- Remove a hack for bsc#936563
- Drop bsc936563_hack.patch
-------------------------------------------------------------------
@ -1802,7 +1818,7 @@ Thu Jul 9 13:32:34 UTC 2015 - vcizek@suse.com
Thu Jul 2 14:46:36 UTC 2015 - dvaleev@suse.com
- Workaround debugit crash on ppc64le with gcc5
bsc936563_hack.patch (bsc#936563)
bsc936563_hack.patch (bsc#936563)
-------------------------------------------------------------------
Wed Jul 1 09:26:26 UTC 2015 - normand@linux.vnet.ibm.com
@ -1814,10 +1830,10 @@ Wed Jul 1 09:26:26 UTC 2015 - normand@linux.vnet.ibm.com
-------------------------------------------------------------------
Fri Jun 26 00:11:20 UTC 2015 - crrodriguez@opensuse.org
- Build with no-ssl3, for details on why this is needed read
- Build with no-ssl3, for details on why this is needed read
rfc7568. Contrary to the "no-ssl2" option, this does not
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
require us to patch dependant packages as the relevant
functions are still available (SSLv3_(client|server)_method)
but will fail to negotiate. if removing SSL3 methods is desired
at a later time, option "no-ssl3-method" needs to be used.
@ -1937,7 +1953,7 @@ Fri Jan 9 10:03:37 UTC 2015 - meissner@suse.com
bsc#912018 CVE-2014-8275: Fix various certificate fingerprint issues.
bsc#912296 CVE-2014-3570: Correct Bignum squaring.
and other bugfixes.
- openssl.keyring: use Matt Caswells current key.
- openssl.keyring: use Matt Caswells current key.
pub 2048R/0E604491 2013-04-30
uid Matt Caswell <frodo@baggins.org>
uid Matt Caswell <matt@openssl.org>
@ -1966,7 +1982,7 @@ Fri Nov 7 22:09:27 UTC 2014 - brian@aljex.com
-------------------------------------------------------------------
Tue Oct 21 19:58:31 UTC 2014 - crrodriguez@opensuse.org
- openSSL 1.0.1j
- openSSL 1.0.1j
* Fix SRTP Memory Leak (CVE-2014-3513)
* Session Ticket Memory Leak (CVE-2014-3567)
* Add SSL 3.0 Fallback protection (TLS_FALLBACK_SCSV)
@ -1975,7 +1991,7 @@ Tue Oct 21 19:58:31 UTC 2014 - crrodriguez@opensuse.org
-------------------------------------------------------------------
Thu Aug 21 15:05:43 UTC 2014 - meissner@suse.com
- openssl.keyring: the 1.0.1i release was done by
- openssl.keyring: the 1.0.1i release was done by
Matt Caswell <matt@openssl.org> UK 0E604491
-------------------------------------------------------------------
@ -2129,17 +2145,17 @@ Mon May 5 16:25:17 UTC 2014 - crrodriguez@opensuse.org
- 0009-Fix-double-frees.patch, 0017-Double-free-in-i2o_ECPublicKey.patch
fix various double frees (from upstream)
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should
- 012-Fix-eckey_priv_encode.patch eckey_priv_encode should
return an error inmediately on failure of i2d_ECPrivateKey (from upstream)
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
- 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch
From libressl, modified to work on linux systems that do not have
funopen() but fopencookie() instead.
Once upon a time, OS didn't have snprintf, which caused openssl to
bundle a *printf implementation. We know better nowadays, the glibc
implementation has buffer overflow checking, has sane failure modes
deal properly with threads, signals..etc..
- build with -fno-common as well.
-------------------------------------------------------------------
@ -2153,26 +2169,26 @@ Sun Apr 20 00:53:34 UTC 2014 - crrodriguez@opensuse.org
- Build everything with full RELRO (-Wl,-z,relro,-z,now)
- Remove -fstack-protector from the hardcoded build options
it is already in RPM_OPT_FLAGS and is replaced by
it is already in RPM_OPT_FLAGS and is replaced by
-fstack-protector-strong with gcc 4.9
-------------------------------------------------------------------
Sun Apr 20 00:49:25 UTC 2014 - crrodriguez@opensuse.org
- Remove the "gmp" and "capi" shared engines, nobody noticed
but they are just dummies that do nothing.
- Remove the "gmp" and "capi" shared engines, nobody noticed
but they are just dummies that do nothing.
-------------------------------------------------------------------
Sat Apr 19 22:29:10 UTC 2014 - crrodriguez@opensuse.org
- Use enable-rfc3779 to allow projects such as rpki.net
- Use enable-rfc3779 to allow projects such as rpki.net
to work in openSUSE and match the functionality
available in Debian/Fedora/etc
-------------------------------------------------------------------
Sat Apr 19 22:22:01 UTC 2014 - crrodriguez@opensuse.org
- openssl-buffreelistbug-aka-CVE-2010-5298.patch fix
- openssl-buffreelistbug-aka-CVE-2010-5298.patch fix
CVE-2010-5298 and disable the internal BUF_FREELISTS
functionality. it hides bugs like heartbleed and is
there only for systems on which malloc() free() are slow.
@ -2191,14 +2207,14 @@ Sat Apr 19 03:45:20 UTC 2014 - crrodriguez@opensuse.org
-------------------------------------------------------------------
Fri Apr 18 14:07:47 UTC 2014 - crrodriguez@opensuse.org
- openssl-gcc-attributes.patch: fix thinko, CRYPTO_realloc_clean does
- openssl-gcc-attributes.patch: fix thinko, CRYPTO_realloc_clean does
not return memory of "num * old_num" but only "num" size
fortunately this function is currently unused.
-------------------------------------------------------------------
Fri Apr 11 02:40:34 UTC 2014 - crrodriguez@opensuse.org
- openssl-gcc-attributes.patch
- openssl-gcc-attributes.patch
* annotate memory allocation wrappers with attribute(alloc_size)
so the compiler can tell us if it knows they are being misused
* OPENSSL_showfatal is annotated with attribute printf to detect
@ -2232,20 +2248,20 @@ Tue Mar 25 08:11:11 UTC 2014 - shchang@suse.com
-------------------------------------------------------------------
Mon Mar 3 06:44:52 UTC 2014 - shchang@suse.com
- additional changes required for FIPS validation( from Fedora repo)
- additional changes required for FIPS validation( from Fedora repo)
Add patch file: openssl-1.0.1e-new-fips-reqs.patch
-------------------------------------------------------------------
Sat Jan 11 08:42:54 UTC 2014 - shchang@suse.com
- Remove GCC option "-O3" for compiliation issue of ARM version
- Remove GCC option "-O3" for compiliation issue of ARM version
Modify: openssl.spec
-------------------------------------------------------------------
Fri Jan 10 14:43:20 UTC 2014 - shchang@suse.com
- Adjust the installation path( libopenssl/hmac into /lib or /lib64)
Modify files: README-FIPS.txt openssl.spec
Modify files: README-FIPS.txt openssl.spec
-------------------------------------------------------------------
Thu Jan 9 23:08:29 UTC 2014 - andreas.stieger@gmx.de
@ -2279,13 +2295,13 @@ Wed Jan 8 10:57:24 UTC 2014 - shchang@suse.com
Thu Jan 2 17:28:41 UTC 2014 - shchang@suse.com
- Fixed bnc#857203, openssl: crash in DTLS renegotiation after packet loss
Add file: CVE-2013-6450.patch
Add file: CVE-2013-6450.patch
-------------------------------------------------------------------
Sun Dec 22 08:10:55 UTC 2013 - shchang@suse.com
- Fixed bnc#856687, openssl: crash when using TLS 1.2
Add file: CVE-2013-6449.patch
- Fixed bnc#856687, openssl: crash when using TLS 1.2
Add file: CVE-2013-6449.patch
-------------------------------------------------------------------
Tue Dec 17 13:57:40 UTC 2013 - meissner@suse.com
@ -2329,11 +2345,11 @@ Sat Nov 23 08:23:59 UTC 2013 - shchang@suse.com
-------------------------------------------------------------------
Wed Oct 23 02:59:05 UTC 2013 - crrodriguez@opensuse.org
- 0001-libcrypto-Hide-library-private-symbols.patch
- 0001-libcrypto-Hide-library-private-symbols.patch
This patch implements the libcrpto part complimentary to
0005-libssl-Hide-library-private-symbols.patch.
This patch is however not 100% complete, as some private library
symbols are declared in public headers that shall not be touched
This patch is however not 100% complete, as some private library
symbols are declared in public headers that shall not be touched
or are defined/declared in "perlasm". (tested in 13.1, 12.3, factory)
- openSSL defaults to -O3 optimization level but we override
@ -2342,7 +2358,7 @@ Wed Oct 23 02:59:05 UTC 2013 - crrodriguez@opensuse.org
-------------------------------------------------------------------
Fri Oct 11 12:24:14 UTC 2013 - meissner@suse.com
- openssl-1.0.1c-ipv6-apps.patch:
- openssl-1.0.1c-ipv6-apps.patch:
Support ipv6 in the openssl s_client / s_server commandline app.
-------------------------------------------------------------------
@ -2354,7 +2370,7 @@ Fri Sep 27 10:26:43 UTC 2013 - dmacvicar@suse.de
-------------------------------------------------------------------
Wed Sep 4 18:56:38 UTC 2013 - guillaume@opensuse.org
- Fix armv6l arch (armv7 was previously used to build armv6 which
- Fix armv6l arch (armv7 was previously used to build armv6 which
lead to illegal instruction when used)
-------------------------------------------------------------------
@ -2366,7 +2382,7 @@ Mon Aug 12 06:05:03 UTC 2013 - shchang@suse.com
-------------------------------------------------------------------
Fri Aug 9 23:24:14 UTC 2013 - crrodriguez@opensuse.org
- Via padlock is only found in x86 and x86_64 CPUs, remove
- Via padlock is only found in x86 and x86_64 CPUs, remove
the shared module for other archs.
-------------------------------------------------------------------
@ -2378,15 +2394,15 @@ Wed Aug 7 18:30:45 UTC 2013 - crrodriguez@opensuse.org
* libgmp.so --> may help to doing some maths using GMP
* libgost.so --> implements the GOST block cipher
* libpadlock.so --> VIA padlock support
- Al other are removed because they require third party propietary
- Al other are removed because they require third party propietary
shared libraries nowhere to be found or that we can test.
-------------------------------------------------------------------
Wed Aug 7 18:30:23 UTC 2013 - crrodriguez@opensuse.org
- openssl-pkgconfig.patch: Here we go.. For applications
to benefit fully of features provided by openSSL engines
(rdrand, aes-ni..etc) either builtin or in DSO form applications
- openssl-pkgconfig.patch: Here we go.. For applications
to benefit fully of features provided by openSSL engines
(rdrand, aes-ni..etc) either builtin or in DSO form applications
have to call ENGINE_load_builtin_engines() or OPENSSL_config()
unfortunately from a total of 68 apps/libraries linked to libcrypto
in a desktop system, only 4 do so, and there is a sea of buggy
@ -2401,13 +2417,13 @@ not using pkgconfig or using it incorrectly, but it is a good start.
Wed Aug 7 09:33:55 UTC 2013 - dmueller@suse.com
- add openssl-1.0.1c-default-paths.patch:
Fix from Fedora for openssl s_client not setting
Fix from Fedora for openssl s_client not setting
CApath by default
-------------------------------------------------------------------
Sat Aug 3 21:15:07 UTC 2013 - crrodriguez@opensuse.org
- 0005-libssl-Hide-library-private-symbols.patch: hide
- 0005-libssl-Hide-library-private-symbols.patch: hide
private symbols, this *only* applies to libssl where
it is straightforward to do so as applications should
not be using any of the symbols declared/defined in headers
@ -2442,7 +2458,7 @@ Sat Jun 29 22:47:54 UTC 2013 - crrodriguez@opensuse.org
security as the new implementations are secure against timing
attacks)"
It is not enabled by default due to the build system being unable
to detect if the compiler supports __uint128_t.
to detect if the compiler supports __uint128_t.
-------------------------------------------------------------------
Thu Jun 20 07:58:33 UTC 2013 - coolo@suse.com
@ -2470,7 +2486,7 @@ Tue Feb 12 00:08:06 UTC 2013 - hrvoje.senjan@gmail.com
-------------------------------------------------------------------
Sun Feb 10 20:33:51 UTC 2013 - hrvoje.senjan@gmail.com
- Added openssl-1.0.1d-s3-packet.patch from upstream, fixes
- Added openssl-1.0.1d-s3-packet.patch from upstream, fixes
bnc#803004, openssl ticket#2975
-------------------------------------------------------------------
@ -2495,7 +2511,7 @@ Sun Aug 19 23:38:32 UTC 2012 - crrodriguez@opensuse.org
- Open Internal file descriptors with O_CLOEXEC, leaving
those open across fork()..execve() makes a perfect
vector for a side-channel attack...
vector for a side-channel attack...
-------------------------------------------------------------------
Tue Aug 7 17:17:34 UTC 2012 - dmueller@suse.com
@ -2557,7 +2573,7 @@ Tue Mar 20 14:29:24 UTC 2012 - cfarrell@suse.com
-------------------------------------------------------------------
Fri Feb 24 02:33:22 UTC 2012 - gjhe@suse.com
- fix bug[bnc#748738] - Tolerate bad MIME headers in openssl's
- fix bug[bnc#748738] - Tolerate bad MIME headers in openssl's
asn1 parser.
CVE-2006-7250
@ -2575,22 +2591,22 @@ Wed Jan 11 05:35:18 UTC 2012 - gjhe@suse.com
Uninitialized SSL 3.0 Padding (CVE-2011-4576)
Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
SGC Restart DoS Attack (CVE-2011-4619)
Invalid GOST parameters DoS Attack (CVE-2012-0027)
Invalid GOST parameters DoS Attack (CVE-2012-0027)
-------------------------------------------------------------------
Tue Oct 18 16:43:50 UTC 2011 - crrodriguez@opensuse.org
- AES-NI: Check the return value of Engine_add()
if the ENGINE_add() call fails: it ends up adding a reference
to a freed up ENGINE which is likely to subsequently contain garbage
- AES-NI: Check the return value of Engine_add()
if the ENGINE_add() call fails: it ends up adding a reference
to a freed up ENGINE which is likely to subsequently contain garbage
This will happen if an ENGINE with the same name is added multiple
times,for example different libraries. [bnc#720601]
-------------------------------------------------------------------
Sat Oct 8 21:36:58 UTC 2011 - crrodriguez@opensuse.org
- Build with -DSSL_FORBID_ENULL so servers are not
able to use the NULL encryption ciphers (Those offering no
- Build with -DSSL_FORBID_ENULL so servers are not
able to use the NULL encryption ciphers (Those offering no
encryption whatsoever).
-------------------------------------------------------------------
@ -2604,12 +2620,12 @@ Sat Aug 6 00:33:47 UTC 2011 - crrodriguez@opensuse.org
- Add upstream patch that calls ENGINE_register_all_complete()
in ENGINE_load_builtin_engines() saving us from adding dozens
of calls to such function to calling applications.
of calls to such function to calling applications.
-------------------------------------------------------------------
Fri Aug 5 19:09:42 UTC 2011 - crrodriguez@opensuse.org
- remove -fno-strict-aliasing from CFLAGS no longer needed
- remove -fno-strict-aliasing from CFLAGS no longer needed
and is likely to slow down stuff.
-------------------------------------------------------------------
@ -2638,7 +2654,7 @@ Tue May 31 07:07:49 UTC 2011 - gjhe@novell.com
-------------------------------------------------------------------
Mon May 16 14:38:26 UTC 2011 - andrea@opensuse.org
- added openssl as dependency in the devel package
- added openssl as dependency in the devel package
-------------------------------------------------------------------
Thu Feb 10 07:42:01 UTC 2011 - gjhe@novell.com
@ -2650,7 +2666,7 @@ Thu Feb 10 07:42:01 UTC 2011 - gjhe@novell.com
Sat Jan 15 19:58:51 UTC 2011 - cristian.rodriguez@opensuse.org
- Add patch from upstream in order to support AES-NI instruction
set present on current Intel and AMD processors
set present on current Intel and AMD processors
-------------------------------------------------------------------
Mon Jan 10 11:45:27 CET 2011 - meissner@suse.de
@ -2677,13 +2693,13 @@ Thu Nov 18 07:53:12 UTC 2010 - gjhe@novell.com
Sat Sep 25 08:55:02 UTC 2010 - gjhe@novell.com
- fix bug [bnc#629905]
CVE-2010-2939
CVE-2010-2939
-------------------------------------------------------------------
Wed Jul 28 20:55:18 UTC 2010 - cristian.rodriguez@opensuse.org
- Exclude static libraries, see what breaks and fix that
instead
instead
-------------------------------------------------------------------
Wed Jun 30 08:47:39 UTC 2010 - jengelh@medozas.de
@ -2700,13 +2716,13 @@ Fri Jun 4 07:11:28 UTC 2010 - gjhe@novell.com
- fix bnc #610642
CVE-2010-0742
CVE-2010-1633
CVE-2010-1633
-------------------------------------------------------------------
Mon May 31 03:06:39 UTC 2010 - gjhe@novell.com
- fix bnc #610223,change Configure to tell openssl to load engines
from /%{_lib} instead of %{_libdir}
from /%{_lib} instead of %{_libdir}
-------------------------------------------------------------------
Mon May 10 16:11:54 UTC 2010 - aj@suse.de
@ -2717,13 +2733,13 @@ Mon May 10 16:11:54 UTC 2010 - aj@suse.de
-------------------------------------------------------------------
Tue May 4 02:55:52 UTC 2010 - gjhe@novell.com
- build libopenssl to /%{_lib} dir,and keep only one
- build libopenssl to /%{_lib} dir,and keep only one
libopenssl-devel for new developping programs.
-------------------------------------------------------------------
Tue Apr 27 05:44:32 UTC 2010 - gjhe@novell.com
- build libopenssl and libopenssl-devel to a version directory
- build libopenssl and libopenssl-devel to a version directory
-------------------------------------------------------------------
Sat Apr 24 09:46:37 UTC 2010 - coolo@novell.com
@ -2748,7 +2764,7 @@ Mon Apr 12 16:12:08 CEST 2010 - meissner@suse.de
-------------------------------------------------------------------
Mon Apr 12 04:57:17 UTC 2010 - gjhe@novell.com
- update to 1.0.0
- update to 1.0.0
Merge the following patches from 0.9.8k:
openssl-0.9.6g-alpha.diff
openssl-0.9.7f-ppc64.diff
@ -2766,19 +2782,19 @@ Fri Apr 9 11:42:51 CEST 2010 - meissner@suse.de
-------------------------------------------------------------------
Wed Apr 7 14:08:05 CEST 2010 - meissner@suse.de
- Openssl is now partially converted to libdir usage upstream,
- Openssl is now partially converted to libdir usage upstream,
merge that in to fix lib64 builds.
-------------------------------------------------------------------
Thu Mar 25 02:18:22 UTC 2010 - gjhe@novell.com
- fix security bug [bnc#590833]
- fix security bug [bnc#590833]
CVE-2010-0740
-------------------------------------------------------------------
Mon Mar 22 06:29:14 UTC 2010 - gjhe@novell.com
- update to version 0.9.8m
- update to version 0.9.8m
Merge the following patches from 0.9.8k:
bswap.diff
non-exec-stack.diff
@ -2808,7 +2824,7 @@ Tue Nov 3 19:09:35 UTC 2009 - coolo@novell.com
-------------------------------------------------------------------
Tue Sep 1 10:21:16 CEST 2009 - gjhe@novell.com
- fix Bug [bnc#526319]
- fix Bug [bnc#526319]
-------------------------------------------------------------------
Wed Aug 26 11:24:16 CEST 2009 - coolo@novell.com
@ -2818,14 +2834,14 @@ Wed Aug 26 11:24:16 CEST 2009 - coolo@novell.com
-------------------------------------------------------------------
Fri Jul 3 11:53:48 CEST 2009 - gjhe@novell.com
- update to version 0.9.8k
- update to version 0.9.8k
- patches merged upstream:
openssl-CVE-2008-5077.patch
openssl-CVE-2009-0590.patch
openssl-CVE-2009-0590.patch
openssl-CVE-2009-0591.patch
openssl-CVE-2009-0789.patch
openssl-CVE-2009-0789.patch
openssl-CVE-2009-1377.patch
openssl-CVE-2009-1378.patch
openssl-CVE-2009-1378.patch
openssl-CVE-2009-1379.patch
openssl-CVE-2009-1386.patch
openssl-CVE-2009-1387.patch
@ -2877,18 +2893,18 @@ Mon Dec 8 12:12:14 CET 2008 - xwhu@suse.de
-------------------------------------------------------------------
Mon Nov 10 10:22:04 CET 2008 - xwhu@suse.de
- Disable optimization of ripemd [bnc#442740]
- Disable optimization of ripemd [bnc#442740]
-------------------------------------------------------------------
Tue Oct 14 09:08:47 CEST 2008 - xwhu@suse.de
- Passing string as struct cause openssl segment-fault [bnc#430141]
- Passing string as struct cause openssl segment-fault [bnc#430141]
-------------------------------------------------------------------
Wed Jul 16 12:02:37 CEST 2008 - mkoenig@suse.de
- do not require openssl-certs, but rather recommend it
to avoid dependency cycle [bnc#408865]
to avoid dependency cycle [bnc#408865]
-------------------------------------------------------------------
Wed Jul 9 12:53:27 CEST 2008 - mkoenig@suse.de
@ -2912,8 +2928,8 @@ Tue Jun 24 09:09:04 CEST 2008 - mkoenig@suse.de
Wed May 28 15:04:08 CEST 2008 - mkoenig@suse.de
- fix OpenSSL Server Name extension crash (CVE-2008-0891)
and OpenSSL Omit Server Key Exchange message crash (CVE-2008-1672)
[bnc#394317]
and OpenSSL Omit Server Key Exchange message crash (CVE-2008-1672)
[bnc#394317]
-------------------------------------------------------------------
Wed May 21 20:48:39 CEST 2008 - cthiel@suse.de
@ -2923,7 +2939,7 @@ Wed May 21 20:48:39 CEST 2008 - cthiel@suse.de
-------------------------------------------------------------------
Tue Apr 22 14:39:35 CEST 2008 - mkoenig@suse.de
- add -DMD32_REG_T=int for x86_64 and ia64 [bnc#381844]
- add -DMD32_REG_T=int for x86_64 and ia64 [bnc#381844]
-------------------------------------------------------------------
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
@ -2934,7 +2950,7 @@ Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
-------------------------------------------------------------------
Mon Nov 5 14:27:06 CET 2007 - mkoenig@suse.de
- fix Diffie-Hellman failure with certain prime lengths
- fix Diffie-Hellman failure with certain prime lengths
-------------------------------------------------------------------
Mon Oct 22 15:00:21 CEST 2007 - mkoenig@suse.de
@ -2958,7 +2974,7 @@ Mon Oct 15 11:17:14 CEST 2007 - mkoenig@suse.de
-------------------------------------------------------------------
Mon Oct 1 11:29:55 CEST 2007 - mkoenig@suse.de
- fix buffer overflow CVE-2007-5135 [#329208]
- fix buffer overflow CVE-2007-5135 [#329208]
-------------------------------------------------------------------
Wed Sep 5 11:39:26 CEST 2007 - mkoenig@suse.de
@ -2973,7 +2989,7 @@ Fri Aug 3 14:17:27 CEST 2007 - coolo@suse.de
-------------------------------------------------------------------
Wed Aug 1 18:01:45 CEST 2007 - werner@suse.de
- Add patch from CVS for RSA key reconstruction vulnerability
- Add patch from CVS for RSA key reconstruction vulnerability
(CVE-2007-3108, VU#724968, bug #296511)
-------------------------------------------------------------------
@ -2981,7 +2997,7 @@ Thu May 24 16:18:50 CEST 2007 - mkoenig@suse.de
- fix build with gcc-4.2
openssl-gcc42.patch
- do not install example scripts with executable permissions
- do not install example scripts with executable permissions
-------------------------------------------------------------------
Mon Apr 30 01:32:44 CEST 2007 - ro@suse.de
@ -2999,12 +3015,12 @@ Fri Apr 27 15:25:13 CEST 2007 - mkoenig@suse.de
Wed Apr 25 12:32:44 CEST 2007 - mkoenig@suse.de
- Split/rename package to follow library packaging policy [#260219]
New package libopenssl0.9.8 containing shared libs
New package libopenssl0.9.8 containing shared libs
openssl-devel package renamed to libopenssl-devel
New package openssl-certs containing certificates
New package openssl-certs containing certificates
- add zlib-devel to Requires of devel package
- remove old Obsoletes and Conflicts
openssls (Last used Nov 2000)
openssls (Last used Nov 2000)
ssleay (Last used 6.2)
-------------------------------------------------------------------
@ -3052,7 +3068,7 @@ Fri Sep 29 18:37:01 CEST 2006 - poeml@suse.de
cause a denial of service. (CVE-2006-2940)
*) Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937)
*) Fix buffer overflow in SSL_get_shared_ciphers() function.
*) Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738)
*) Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
@ -3183,12 +3199,12 @@ Wed Jan 25 21:30:41 CET 2006 - mls@suse.de
Mon Jan 16 13:13:13 CET 2006 - mc@suse.de
- fix build problems on s390x (openssl-s390-config.diff)
- build with -fstack-protector
- build with -fstack-protector
-------------------------------------------------------------------
Mon Nov 7 16:30:49 CET 2005 - dmueller@suse.de
- build with non-executable stack
- build with non-executable stack
-------------------------------------------------------------------
Thu Oct 20 17:37:47 CEST 2005 - poeml@suse.de
@ -3328,7 +3344,7 @@ Tue Jun 15 16:18:36 CEST 2004 - poeml@suse.de
- patch from CVS: make stack API more robust (return NULL for
out-of-range indexes). Fixes another possible segfault during
engine detection (could also triggered by stunnel)
- add patch from Michal Ludvig for VIA PadLock support
- add patch from Michal Ludvig for VIA PadLock support
-------------------------------------------------------------------
Wed Jun 2 20:44:40 CEST 2004 - poeml@suse.de
@ -3351,7 +3367,7 @@ Thu Mar 18 13:47:09 CET 2004 - poeml@suse.de
- update to 0.9.7d
o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
(CAN-2004-0112)
o Security: Fix null-pointer assignment in do_change_cipher_spec()
o Security: Fix null-pointer assignment in do_change_cipher_spec()
(CAN-2004-0079)
o Allow multiple active certificates with same subject in CA index
o Multiple X590 verification fixes
@ -3396,7 +3412,7 @@ Wed Feb 25 20:42:39 CET 2004 - poeml@suse.de
Output CR+LF for EOL if PKCS7_CRLFEOL is set (this makes opening
of files as .eml work). Correctly handle very long lines in MIME
parser.
- update ICA patch
- update ICA patch
quote: This version of the engine patch has updated error handling in
the DES/SHA code, and turns RSA blinding off for hardware
accelerated RSA ops.
@ -3454,7 +3470,7 @@ Thu Jul 10 23:14:22 CEST 2003 - poeml@suse.de
-------------------------------------------------------------------
Mon May 12 23:27:07 CEST 2003 - poeml@suse.de
- package the openssl.pc file for pkgconfig
- package the openssl.pc file for pkgconfig
-------------------------------------------------------------------
Wed Apr 16 16:04:32 CEST 2003 - poeml@suse.de
@ -3552,7 +3568,7 @@ Thu Oct 24 12:57:36 CEST 2002 - poeml@suse.de
-------------------------------------------------------------------
Mon Sep 30 16:07:49 CEST 2002 - bg@suse.de
- enable hppa distribution; use only pa1.1 architecture.
- enable hppa distribution; use only pa1.1 architecture.
-------------------------------------------------------------------
Tue Sep 17 17:13:46 CEST 2002 - froh@suse.de
@ -3593,7 +3609,7 @@ Thu Aug 1 00:53:33 CEST 2002 - poeml@suse.de
- gcc 3.1 version detection is fixed, we can drop the patch
- move the most used man pages from the -doc to the main package
[#9913] and resolve man page conflicts by putting them into ssl
sections [#17239]
sections [#17239]
- spec file: use PreReq for %post script
-------------------------------------------------------------------
@ -3642,14 +3658,14 @@ Thu Apr 18 16:30:01 CEST 2002 - meissner@suse.de
Wed Apr 17 16:56:34 CEST 2002 - ro@suse.de
- fixed gcc version determination
- drop sun4c support/always use sparcv8
- drop sun4c support/always use sparcv8
- ignore return code from showciphers
-------------------------------------------------------------------
Fri Mar 15 16:54:44 CET 2002 - poeml@suse.de
- add settings for sparc to build shared objects. Note that all
sparcs (sun4[mdu]) are recognized as linux-sparcv7
sparcs (sun4[mdu]) are recognized as linux-sparcv7
-------------------------------------------------------------------
Wed Feb 6 14:23:44 CET 2002 - kukuk@suse.de
@ -3672,7 +3688,7 @@ Tue Jan 29 12:42:58 CET 2002 - poeml@suse.de
- add IBMCA patch for IBM eServer Cryptographic Accelerator Device
Driver (#12565) (forward ported from 0.9.6b)
(http://www-124.ibm.com/developerworks/projects/libica/)
- tell Configure how to build shared libs for s390 and s390x
- tell Configure how to build shared libs for s390 and s390x
- tweak Makefile.org to use %_libdir
- clean up spec file
- add README.SuSE as source file instead of in a patch
@ -3686,7 +3702,7 @@ Wed Dec 5 10:59:59 CET 2001 - uli@suse.de
-------------------------------------------------------------------
Wed Dec 5 02:39:16 CET 2001 - ro@suse.de
- removed subpackage src
- removed subpackage src
-------------------------------------------------------------------
Wed Nov 28 13:28:42 CET 2001 - uli@suse.de
@ -3708,7 +3724,7 @@ Fri Aug 31 11:19:46 CEST 2001 - rolf@suse.de
Wed Jul 18 10:27:54 CEST 2001 - rolf@suse.de
- update to 0.9.6b
- switch to engine version of openssl, which supports hardware
- switch to engine version of openssl, which supports hardware
encryption for a few popular devices
- check wether shared libraries have been generated
@ -3731,7 +3747,7 @@ Mon May 7 21:02:30 CEST 2001 - kukuk@suse.de
Mon May 7 11:36:53 MEST 2001 - rolf@suse.de
- Fix ppc and s390 shared library builds
- resolved conflict in manpage naming:
- resolved conflict in manpage naming:
rand.3 is now sslrand.3 [BUG#7643]
-------------------------------------------------------------------
@ -3764,7 +3780,7 @@ Wed Mar 21 10:12:59 MET 2001 - rolf@suse.de
-------------------------------------------------------------------
Fri Dec 15 18:09:16 CET 2000 - sf@suse.de
- changed CFLAG to -O1 to make the tests run successfully
- changed CFLAG to -O1 to make the tests run successfully
-------------------------------------------------------------------
Mon Dec 11 13:33:55 CET 2000 - rolf@suse.de

View File

@ -185,6 +185,9 @@ Patch111: openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.pat
Patch112: openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch
Patch113: openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch
Patch114: openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch
# PATCH-FIX-UPSTREAM: bsc#1216922 CVE-2023-5678 Generating excessively long X9.42 DH keys or
# checking excessively long X9.42 DH keys or parameters may be very slow
Patch115: openssl-CVE-2023-5678.patch
BuildRequires: jitterentropy-devel >= 3.4.0
BuildRequires: pkgconfig
BuildRequires: pkgconfig(zlib)

174
openssl-CVE-2023-5678.patch Normal file
View File

@ -0,0 +1,174 @@
From db925ae2e65d0d925adef429afc37f75bd1c2017 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Fri, 20 Oct 2023 09:18:19 +0200
Subject: [PATCH] Make DH_check_pub_key() and DH_generate_key() safer yet
We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.
This change adds all the missing excessive size checks of P and Q.
It's to be noted that behaviours surrounding excessively sized P and Q
differ. DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q. This behaviour is mimicked in
DH_check_pub_key().
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22518)
(cherry picked from commit ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6)
---
crypto/dh/dh_check.c | 12 ++++++++++++
crypto/dh/dh_err.c | 3 ++-
crypto/dh/dh_key.c | 12 ++++++++++++
crypto/err/openssl.txt | 1 +
include/crypto/dherr.h | 2 +-
include/openssl/dh.h | 6 +++---
include/openssl/dherr.h | 3 ++-
7 files changed, 33 insertions(+), 6 deletions(-)
Index: openssl-1.1.1w/crypto/dh/dh_err.c
===================================================================
--- openssl-1.1.1w.orig/crypto/dh/dh_err.c
+++ openssl-1.1.1w/crypto/dh/dh_err.c
@@ -21,6 +21,7 @@ static const ERR_STRING_DATA DH_str_func
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK, 0), "DH_check"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_EX, 0), "DH_check_ex"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PARAMS_EX, 0), "DH_check_params_ex"},
+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY, 0), "DH_check_pub_key"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY_EX, 0), "DH_check_pub_key_ex"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_DECRYPT, 0), "dh_cms_decrypt"},
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"},
@@ -87,6 +88,7 @@ static const ERR_STRING_DATA DH_str_reas
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
"parameter encoding error"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_Q_TOO_LARGE), "q too large"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"},
{ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR),
"unable to check generator"},
Index: openssl-1.1.1w/crypto/err/openssl.txt
===================================================================
--- openssl-1.1.1w.orig/crypto/err/openssl.txt
+++ openssl-1.1.1w/crypto/err/openssl.txt
@@ -404,6 +404,7 @@ DH_F_DH_BUILTIN_GENPARAMS:106:dh_builtin
DH_F_DH_CHECK:126:DH_check
DH_F_DH_CHECK_EX:121:DH_check_ex
DH_F_DH_CHECK_PARAMS_EX:122:DH_check_params_ex
+DH_F_DH_CHECK_PUB_KEY:128:DH_check_pub_key
DH_F_DH_CHECK_PUB_KEY_EX:123:DH_check_pub_key_ex
DH_F_DH_CMS_DECRYPT:114:dh_cms_decrypt
DH_F_DH_CMS_SET_PEERKEY:115:dh_cms_set_peerkey
@@ -2226,6 +2227,7 @@ DH_R_NO_PARAMETERS_SET:107:no parameters
DH_R_NO_PRIVATE_VALUE:100:no private value
DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
DH_R_PEER_KEY_ERROR:111:peer key error
+DH_R_Q_TOO_LARGE:130:q too large
DH_R_SHARED_INFO_ERROR:113:shared info error
DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator
DSA_R_BAD_Q_VALUE:102:bad q value
Index: openssl-1.1.1w/include/openssl/dherr.h
===================================================================
--- openssl-1.1.1w.orig/include/openssl/dherr.h
+++ openssl-1.1.1w/include/openssl/dherr.h
@@ -31,6 +31,7 @@ int ERR_load_DH_strings(void);
# define DH_F_DH_CHECK 126
# define DH_F_DH_CHECK_EX 121
# define DH_F_DH_CHECK_PARAMS_EX 122
+# define DH_F_DH_CHECK_PUB_KEY 128
# define DH_F_DH_CHECK_PUB_KEY_EX 123
# define DH_F_DH_CMS_DECRYPT 114
# define DH_F_DH_CMS_SET_PEERKEY 115
@@ -84,6 +85,7 @@ int ERR_load_DH_strings(void);
# define DH_R_NO_PRIVATE_VALUE 100
# define DH_R_PARAMETER_ENCODING_ERROR 105
# define DH_R_PEER_KEY_ERROR 111
+# define DH_R_Q_TOO_LARGE 130
# define DH_R_SHARED_INFO_ERROR 113
# define DH_R_UNABLE_TO_CHECK_GENERATOR 121
Index: openssl-1.1.1w/crypto/dh/dh_check.c
===================================================================
--- openssl-1.1.1w.orig/crypto/dh/dh_check.c
+++ openssl-1.1.1w/crypto/dh/dh_check.c
@@ -260,6 +260,18 @@ static int dh_check_pub_key_int(const DH
*/
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
{
+ /* Don't do any checks at all with an excessively large modulus */
+ if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
+ DHerr(DH_F_DH_CHECK_PUB_KEY, DH_R_MODULUS_TOO_LARGE);
+ *ret = DH_MODULUS_TOO_LARGE | DH_CHECK_PUBKEY_INVALID;
+ return 0;
+ }
+
+ if (dh->q != NULL && BN_ucmp(dh->p, dh->q) < 0) {
+ *ret |= DH_CHECK_INVALID_Q_VALUE | DH_CHECK_PUBKEY_INVALID;
+ return 1;
+ }
+
return dh_check_pub_key_int(dh, dh->q, pub_key, ret);
}
Index: openssl-1.1.1w/crypto/dh/dh_key.c
===================================================================
--- openssl-1.1.1w.orig/crypto/dh/dh_key.c
+++ openssl-1.1.1w/crypto/dh/dh_key.c
@@ -51,6 +51,12 @@ int DH_compute_key(unsigned char *key, c
int ret = 0, i;
volatile size_t npad = 0, mask = 1;
+ if (dh->q != NULL
+ && BN_num_bits(dh->q) > OPENSSL_DH_MAX_MODULUS_BITS) {
+ DHerr(DH_F_DH_COMPUTE_KEY, DH_R_Q_TOO_LARGE);
+ return 0;
+ }
+
/* compute the key; ret is constant unless compute_key is external */
if ((ret = dh->meth->compute_key(key, pub_key, dh)) <= 0)
return ret;
@@ -147,6 +153,12 @@ static int generate_key(DH *dh)
return 0;
}
+ if (dh->q != NULL
+ && BN_num_bits(dh->q) > OPENSSL_DH_MAX_MODULUS_BITS) {
+ DHerr(DH_F_GENERATE_KEY, DH_R_Q_TOO_LARGE);
+ return 0;
+ }
+
ctx = BN_CTX_new();
if (ctx == NULL)
goto err;
Index: openssl-1.1.1w/doc/man3/DH_generate_parameters.pod
===================================================================
--- openssl-1.1.1w.orig/doc/man3/DH_generate_parameters.pod
+++ openssl-1.1.1w/doc/man3/DH_generate_parameters.pod
@@ -73,6 +73,10 @@ The generator B<g> is not suitable.
Note that the lack of this bit doesn't guarantee that B<g> is
suitable, unless B<p> is known to be a strong prime.
+=item DH_MODULUS_TOO_LARGE
+
+The modulus is too large.
+
=back
DH_check() confirms that the Diffie-Hellman parameters B<dh> are valid. The
Index: openssl-1.1.1w/include/openssl/dh.h
===================================================================
--- openssl-1.1.1w.orig/include/openssl/dh.h
+++ openssl-1.1.1w/include/openssl/dh.h
@@ -78,8 +78,9 @@ DECLARE_ASN1_ITEM(DHparams)
# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
# define DH_NOT_SUITABLE_GENERATOR 0x08
# define DH_CHECK_Q_NOT_PRIME 0x10
-# define DH_CHECK_INVALID_Q_VALUE 0x20
+# define DH_CHECK_INVALID_Q_VALUE 0x20 /* +DH_check_pub_key */
# define DH_CHECK_INVALID_J_VALUE 0x40
+# define DH_MODULUS_TOO_LARGE 0x100 /* +DH_check_pub_key */
/* DH_check_pub_key error codes */
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01