1. Forum
  2. Usenet
  3. COMP.UNIX.BSD.OPENBSD.ANN

  • LibreSSL 2.5.1, 2.4.5, and 2.3.10 released

    From Brent Cook@21:1/5 to All on Wed Feb 1 16:10:02 2017
    Copy: libressl@openbsd.org

    We have released LibreSSL 2.5.1 along with stable versions 2.4.5 and
    2.3.10. These will be arriving in the LibreSSL directory of your local
    OpenBSD mirror soon.

    All of the releases contain the following updates:

    * Avoid a side-channel cache-timing attack that can leak the ECDSA
    private keys when signing. This is due to BN_mod_inverse() being
    used without the constant time flag being set. Reported by Cesar
    Pereida Garcia and Billy Brumley (Tampere University of Technology).
    The fix was developed by Cesar Pereida Garcia.

    * iOS and MacOS compatibility updates from Simone Basso and Jacob
    Berkman.

    LibreSSL 2.5.1 contains these additional features and improvements:

    * X509_cmp_time() now passes a malformed GeneralizedTime field as an
    error. Reported by Theofilos Petsios.

    * Detect zero-length encrypted session data early, instead of when
    malloc(0) fails or the HMAC check fails. Noted independently by
    jsing@ and Kurt Cancemi.

    * Check for and handle failure of HMAC_{Update,Final} or
    EVP_DecryptUpdate().

    * Massive update and normalization of manpages, conversion to
    mandoc format. Many pages were rewritten for clarity and accuracy.
    Portable doc links are up-to-date with a new conversion tool.

    * Curve25519 Key Exchange support.

    * Support for alternate chains for certificate verification.

    * Code cleanups, CBB conversions, further unification of DTLS/SSL
    handshake code, further ASN1 macro expansion and removal.

    * Private symbol are now hidden in libssl and libcryto.

    * Friendly certificate verification error messages in libtls, peer
    verification is now always enabled.

    * Added OCSP stapling support to libtls and netcat.

    * Added ocspcheck utility to validate a certificate against its OCSP
    responder and save the reply for stapling

    * Enhanced regression tests and error handling for libtls.

    * Added explicit constant and non-constant time BN functions,
    defaulting to constant time wherever possible.

    * Moved many leaked implementation details in public structs behind
    opaque pointers.

    * Added ticket support to libtls.

    * Added support for setting the supported EC curves via
    SSL{_CTX}_set1_groups{_list}() - also provide defines for the previous
    SSL{_CTX}_set1_curves{_list} names. This also changes the default
    list of curves to be X25519, P-256 and P-384. All other curves must
    be manually enabled.

    * Added -groups option to openssl(1) s_client for specifying the curves
    to be used in a colon-separated list.

    * Merged client/server version negotiation code paths into one,
    reducing much duplicate code.

    * Removed error function codes from libssl and libcrypto.

    * Fixed an issue where a truncated packet could crash via an OOB read.

    * Added SSL_OP_NO_CLIENT_RENEGOTIATION option that disallows
    client-initiated renegotiation. This is the default for libtls
    servers.

    * Added BN_gcd_nonct, based on BN_mod_inverse_no_branch,
    as suggested by Alejandro Cabrera, to avoid the possibility of a
    sidechannel timing attack during RSA private key generation.

    The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)