OpenSSL (SSL = Secure Socket Layer), de bekende security software voor o.a. webservers, heeft een aantal belangrijke bugfixes uitgebracht, en deze verpakt in een nieuwe release van OpenSSL welke het versienummer 0.9.7b heeft gekregen. Het changelog bevat de volgende punten:
Changes between 0.9.7a and 0.9.7b
- Countermeasure against the Klima-Pokorny-Rosa extension of Bleichbacher's attack on PKCS #1 v1.5 padding: treat a protocol version number mismatch like a decryption error in ssl3_get_client_key_exchange (ssl/s3_srvr.c). [Bodo Moeller]
- Turn on RSA blinding by default in the default implementation to avoid a timing attack. Applications that don't want it can call RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING. They would be ill-advised to do so in most cases. [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
- Change RSA blinding code so that it works when the PRNG is not seeded (in this case, the secret RSA exponent is abused as an unpredictable seed -- if it is not unpredictable, there is no point in blinding anyway). Make RSA blinding thread-safe by remembering the creator's thread ID in rsa->blinding and having all other threads use local one-time blinding factors (this requires more computation than sharing rsa->blinding, but avoids excessive locking; and if an RSA object is not shared between threads, blinding will still be very fast). [Bodo Moeller]
- Fixed a typo bug that would cause ENGINE_set_default() to set an ENGINE as defaults for all supported algorithms irrespective of the 'flags' parameter. 'flags' is now honoured, so applications should make sure they are passing it correctly.[Geoff Thorpe]
- Target "mingw" now allows native Windows code to be generated in the Cygwin environment as well as with the MinGW compiler. [Ulf Moeller]
/u/32913/crop5609886665acc.png?f=community){kind=small}