"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "CHANGES" between
openssl-1.0.2t.tar.gz and openssl-1.0.2u.tar.gz

About: OpenSSL is a toolkit implementing the Transport Layer Security (TLS) and Secure Sockets Layer (SSL v2/v3) protocols as well as a full-strength general purpose cryptography library. Long Term Support (LTS) version (support will be provided until end of 2019).

CHANGES  (openssl-1.0.2t):CHANGES  (openssl-1.0.2u)
OpenSSL CHANGES OpenSSL CHANGES
_______________ _______________
This is a high-level summary of the most important changes. This is a high-level summary of the most important changes.
For a full list of changes, see the git commit log; for example, For a full list of changes, see the git commit log; for example,
https://github.com/openssl/openssl/commits/ and pick the appropriate https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch. release branch.
Changes between 1.0.2t and 1.0.2u [20 Dec 2019]
*) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
used in exponentiation with 512-bit moduli. No EC algorithms are
affected. Analysis suggests that attacks against 2-prime RSA1024,
3-prime RSA1536, and DSA1024 as a result of this defect would be very
difficult to perform and are not believed likely. Attacks against DH512
are considered just feasible. However, for an attack the target would
have to re-use the DH512 private key, which is not recommended anyway.
Also applications directly using the low level API BN_mod_exp may be
affected if they use BN_FLG_CONSTTIME.
(CVE-2019-1551)
[Andy Polyakov]
Changes between 1.0.2s and 1.0.2t [10 Sep 2019] Changes between 1.0.2s and 1.0.2t [10 Sep 2019]
*) For built-in EC curves, ensure an EC_GROUP built from the curve name is *) For built-in EC curves, ensure an EC_GROUP built from the curve name is
used even when parsing explicit parameters, when loading a serialized key used even when parsing explicit parameters, when loading a serialized key
or calling `EC_GROUP_new_from_ecpkparameters()`/ or calling `EC_GROUP_new_from_ecpkparameters()`/
`EC_GROUP_new_from_ecparameters()`. `EC_GROUP_new_from_ecparameters()`.
This prevents bypass of security hardening and performance gains, This prevents bypass of security hardening and performance gains,
especially for curves with specialized EC_METHODs. especially for curves with specialized EC_METHODs.
By default, if a key encoded with explicit parameters is loaded and later By default, if a key encoded with explicit parameters is loaded and later
serialized, the output is still encoded with explicit parameters, even if serialized, the output is still encoded with explicit parameters, even if
 End of changes. 1 change blocks. 
0 lines changed or deleted 14 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)