1 |
|
Updating Information for MidnightBSD users. |
2 |
|
|
3 |
+ |
20160505: |
4 |
+ |
OpenSSL security patch |
5 |
+ |
|
6 |
+ |
The padding check in AES-NI CBC MAC was rewritten to be in constant time |
7 |
+ |
by making sure that always the same bytes are read and compared against |
8 |
+ |
either the MAC or padding bytes. But it no longer checked that there was |
9 |
+ |
enough data to have both the MAC and padding bytes. [CVE-2016-2107] |
10 |
+ |
|
11 |
+ |
An overflow can occur in the EVP_EncodeUpdate() function which is used for |
12 |
+ |
Base64 encoding of binary data. [CVE-2016-2105] |
13 |
+ |
|
14 |
+ |
An overflow can occur in the EVP_EncryptUpdate() function, however it is |
15 |
+ |
believed that there can be no overflows in internal code due to this problem. |
16 |
+ |
[CVE-2016-2106] |
17 |
+ |
|
18 |
+ |
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() |
19 |
+ |
a short invalid encoding can casuse allocation of large amounts of memory |
20 |
+ |
potentially consuming excessive resources or exhausting memory. |
21 |
+ |
[CVE-2016-2109] |
22 |
+ |
|
23 |
|
20160412: |
24 |
|
0.8 stable branch created. Continue development as 0.9. |
25 |
|
|