Cryptography and SSL/TLS Toolkit

OpenSSL 1.0.2 Series Release Notes

The major changes and known issues for the 1.0.2 branch of the OpenSSL toolkit are summarised below. The contents reflect the current state of the NEWS file inside the git repository.

More details can be found in the ChangeLog.

Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017]

Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [2 Nov 2017]

Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017]

  • config now recognises 64-bit mingw and chooses mingw64 instead of mingw

Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]

  • Truncated packet could crash via OOB read (CVE-2017-3731)
  • BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
  • Montgomery multiplication may produce incorrect results (CVE-2016-7055)

Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016]

Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016]

Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]

  • Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
  • Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
  • Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
  • Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
  • EBCDIC overread (CVE-2016-2176)
  • Modify behavior of ALPN to invoke callback after SNI/servername callback, such that updates to the SSL_CTX affect ALPN.
  • Remove LOW from the DEFAULT cipher list. This removes singles DES from the default.
  • Only remove the SSLv2 methods with the no-ssl2-method option.

Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]

  • Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
  • Disable SSLv2 default build, default negotiation and weak ciphers (CVE-2016-0800)
  • Fix a double-free in DSA code (CVE-2016-0705)
  • Disable SRP fake user seed to address a server memory leak (CVE-2016-0798)
  • Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
  • Fix memory issues in BIO_*printf functions (CVE-2016-0799)
  • Fix side channel attack on modular exponentiation (CVE-2016-0702)

Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016]

Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015]

  • BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
  • Certificate verify crash with missing PSS parameter (CVE-2015-3194)
  • X509_ATTRIBUTE memory leak (CVE-2015-3195)
  • Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
  • In DSA_generate_parameters_ex, if the provided seed is too short, return an error

Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015]

Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015]

  • Fix HMAC ABI incompatibility

Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015]

Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015]

Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]:

  • Suite B support for TLS 1.2 and DTLS 1.2
  • Support for DTLS 1.2
  • TLS automatic EC curve selection.
  • API to set TLS supported signature algorithms and curves
  • SSL_CONF configuration API.
  • TLS Brainpool support.
  • ALPN support.
  • CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.