summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CHANGES10
-rw-r--r--NEWS2
-rw-r--r--crypto/cms/cms_asn1.c4
-rw-r--r--crypto/rsa/rsa_pmeth.c2
4 files changed, 16 insertions, 2 deletions
diff --git a/CHANGES b/CHANGES
index 6f713d9e87..17ddf7f021 100644
--- a/CHANGES
+++ b/CHANGES
@@ -103,6 +103,12 @@
is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
whose return value is often ignored.
[Steve Henson]
+
+ Changes between 1.0.0 and 1.0.0a [xx XXX xxxx]
+
+ *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
+ (CVE-2010-1633)
+ [Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]
@@ -947,6 +953,10 @@
Changes between 0.9.8n and 0.9.8o [xx XXX xxxx]
+ *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+ access or freeing data twice (CVE-2010-0742)
+ [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
+
*) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
common in certificates and some applications which only call
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
diff --git a/NEWS b/NEWS
index 65c0ac933f..3a787ea06c 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,7 @@
Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
+ o Fix for security issue CVE-2010-1633.
o GOST MAC and CFB fixes.
Major changes between OpenSSL 0.9.8n and OpenSSL 1.0:
@@ -34,6 +35,7 @@
Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
+ o Fix for security issue CVE-2010-0742.
o Various DTLS fixes.
o Recognise SHA2 certificates if only SSL algorithms added.
o Fix for no-rc4 compilation.
diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
index 835cae4e0b..cfe67fb6c1 100644
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -131,8 +131,8 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
} ASN1_NDEF_SEQUENCE_END(CMS_SignedData)
ASN1_SEQUENCE(CMS_OriginatorInfo) = {
- ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
- ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1)
+ ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0),
+ ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
} ASN1_SEQUENCE_END(CMS_OriginatorInfo)
ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index ff65c071f8..60bf6145ab 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -251,6 +251,8 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
ret = int_rsa_verify(EVP_MD_type(rctx->md),
NULL, 0, rout, &sltmp,
sig, siglen, ctx->pkey->pkey.rsa);
+ if (ret <= 0)
+ return 0;
ret = sltmp;
}
else