[BACK]Return to 61.html CVS log [TXT][DIR] Up to [local] / www

Diff for /www/61.html between version 1.79 and 1.80

version 1.79, 2017/04/08 14:53:35 version 1.80, 2017/04/08 15:07:07
Line 150 
Line 150 
         <a href="http://man.openbsd.org/vio.4">vio(4)</a> and          <a href="http://man.openbsd.org/vio.4">vio(4)</a> and
         <a href="http://man.openbsd.org/vioblk.4">vioblk(4)</a> devices.          <a href="http://man.openbsd.org/vioblk.4">vioblk(4)</a> devices.
     <li>Support VMs with &gt; 2GB RAM.      <li>Support VMs with &gt; 2GB RAM.
     <li><a href="http://man.openbsd.org/amd64/vmd.8">vmd(8)</a> uses      <li><a href="http://man.openbsd.org/amd64/vmd.8">vmd(8)</a> uses
         <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> and the          <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> and the
         fork+exec model.          fork+exec model.
     <li><a href="http://man.openbsd.org/amd64/vm.conf.5">vm.conf(5)</a>      <li><a href="http://man.openbsd.org/amd64/vm.conf.5">vm.conf(5)</a>
Line 364 
Line 364 
     <li>Fix vis/unvis of strings in      <li>Fix vis/unvis of strings in
         <a href="http://man.openbsd.org/dhclient.8">dhclient(8)</a> leases files.          <a href="http://man.openbsd.org/dhclient.8">dhclient(8)</a> leases files.
     </ul>      </ul>
 <p>  <p>
   
 <li>Assorted improvements:  <li>Assorted improvements:
     <ul>      <ul>
Line 474 
Line 474 
            to permit OCSP responses to be stapled to the tls handshake             to permit OCSP responses to be stapled to the tls handshake
     <li><a href="http://man.openbsd.org/nc.1">nc(1)</a> now also      <li><a href="http://man.openbsd.org/nc.1">nc(1)</a> now also
       supports OCSP stapling server side, and will show the stapling information        supports OCSP stapling server side, and will show the stapling information
       client side.        client side.
     <li>Both <a href="http://man.openbsd.org/relayd.8">relayd(8)</a> and      <li>Both <a href="http://man.openbsd.org/relayd.8">relayd(8)</a> and
         <a href="http://man.openbsd.org/httpd.8">httpd(8)</a> support now          <a href="http://man.openbsd.org/httpd.8">httpd(8)</a> support now
         TLS session resumption using TLS session tickets.          TLS session resumption using TLS session tickets.
Line 538 
Line 538 
           possibly resulting in granting access where it was not intended.            possibly resulting in granting access where it was not intended.
       <li>ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures        <li>ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures
           that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed.            that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed.
       <li>sftp-client(1): [portable OpenSSH only] On Cygwin, a client making  
           a recursive file transfer could be maniuplated by a hostile server to  
           perform a path-traversal attack. creating or modifying files outside  
           of the intended target directory.  
       </ul>        </ul>
     <li>New/changed features:      <li>New/changed features:
       <ul>        <ul>
Line 719 
Line 715 
 <p>  <p>
   
 <li>LibreSSL 2.5.3  <li>LibreSSL 2.5.3
   <ul>      <ul>
       <li>libtls now supports ALPN and SNI
   <li> libtls now supports ALPN and SNI      <li>libtls adds a new callback interface for integrating custom IO
           functions. Thanks to Tobias Pape.
   <li> libtls adds a new callback interface for integrating custom IO      <li>libtls now handles 4 cipher suite groups:
     functions. Thanks to Tobias Pape.          <ul>
           <li>"secure" (TLSv1.2+AEAD+PFS)
   <li> libtls now handles 4 cipher suite groups:          <li>"compat" (HIGH:!aNULL)
     <Ul>          <li>"legacy" (HIGH:MEDIUM:!aNULL)
       <li> "secure" (TLSv1.2+AEAD+PFS)          <li>"insecure" (ALL:!aNULL:!eNULL)
       <li> "compat" (HIGH:!aNULL)          </ul>
       <li> "legacy" (HIGH:MEDIUM:!aNULL)          This allows for flexibility and finer grained control, rather than
       <li> "insecure" (ALL:!aNULL:!eNULL)          having two extremes (an issue raised by Marko Kreen some time ago).
     </ul>      <li>Tightened error handling for tls_config_set_ciphers().
       This allows for flexibility and finer grained control, rather than      <li>libtls now always loads CA, key and certificate files at the time the
       having two extremes (an issue raised by Marko Kreen some time ago).          configuration function is called. This simplifies code and results in
           a single memory based code path being used to provide data to libssl.
   <li> Tightened error handling for tls_config_set_ciphers().      <li>Add support for OCSP intermediate certificates.
       <li>Added functions used by stunnel and exim from BoringSSL - this
   <li> libtls now always loads CA, key and certificate files at the time the          brings in X509_check_host, X509_check_email, X509_check_ip, and
     configuration function is called. This simplifies code and results in          X509_check_ip_asc.
     a single memory based code path being used to provide data to libssl.      <li>Added initial support for iOS, thanks to Jacob Berkman.
       <li>Improved behavior of arc4random on Windows when using memory leak
   <li> Add support for OCSP intermediate certificates.          analysis software.
       <li>Correctly handle an EOF that occurs prior to the TLS handshake
   <li> Added functions used by stunnel and exim from BoringSSL - this          completing. Reported by Vasily Kolobkov, based on a diff from Marko
     brings in X509_check_host, X509_check_email, X509_check_ip, and          Kreen.
     X509_check_ip_asc.      <li>Limit the support of the "backward compatible" ssl2 handshake to
           only be used if TLS 1.0 is enabled.
   <li> Added initial support for iOS, thanks to Jacob Berkman.      <li>Fix incorrect results in certain cases on 64-bit systems when
           BN_mod_word() can return incorrect results. BN_mod_word() now can
   <li> Improved behavior of arc4random on Windows when using memory leak          return an error condition. Thanks to Brian Smith.
     analysis software.      <li>Added constant-time updates to address CVE-2016-0702
       <li>Fixed undefined behavior in BN_GF2m_mod_arr()
   <li> Correctly handle an EOF that occurs prior to the TLS handshake      <li>Removed unused Cryptographic Message Support (CMS)
     completing. Reported by Vasily Kolobkov, based on a diff from Marko      <li>More conversions of long long idioms to time_t
     Kreen.      <li>Improved compatibility by avoiding printing NULL strings with
           printf.
   <li> Limit the support of the "backward compatible" ssl2 handshake to      <li>Reverted change that cleans up the EVP cipher context in
     only be used if TLS 1.0 is enabled.         EVP_EncryptFinal() and EVP_DecryptFinal(). Some software relies on the
          previous behaviour.
   <li> Fix incorrect results in certain cases on 64-bit systems when      <li>Avoid unbounded memory growth in libssl, which can be triggered
     BN_mod_word() can return incorrect results. BN_mod_word() now can          by a TLS client repeatedly renegotiating and sending OCSP Status
     return an error condition. Thanks to Brian Smith.          Request TLS extensions.
       <li>Avoid falling back to a weak digest for (EC)DH when using SNI
   <li> Added constant-time updates to address CVE-2016-0702          with libssl.
       <li>X509_cmp_time() now passes a malformed GeneralizedTime field as
   <li> Fixed undefined behavior in BN_GF2m_mod_arr()          an error. Reported by Theofilos Petsios.
       <li>Detect zero-length encrypted session data early, instead of when
   <li> Removed unused Cryptographic Message Support (CMS)          malloc(0) fails or the HMAC check fails.
       <li>Check for and handle failure of HMAC_{Update,Final} or
  <li> More conversions of long long idioms to time_t          EVP_DecryptUpdate().
       <li>Massive update and normalization of manpages, conversion to
  <li> Improved compatibility by avoiding printing NULL strings with          mandoc format. Many pages were rewritten for clarity and accuracy.
   printf.          Portable doc links are up-to-date with a new conversion tool.
       <li>Curve25519 Key Exchange support.
  <li> Reverted change that cleans up the EVP cipher context in      <li>Support for alternate chains for certificate verification.
     EVP_EncryptFinal() and EVP_DecryptFinal(). Some software relies on the      <li>Code cleanups, CBB conversions, further unification of DTLS/SSL
     previous behaviour.          handshake code, further ASN1 macro expansion and removal.
       <li>Private symbols are now hidden in libssl and libcrypto.
  <li> Avoid unbounded memory growth in libssl, which can be triggered      <li>Friendly certificate verification error messages in libtls, peer
     by a TLS client repeatedly renegotiating and sending OCSP Status          verification is now always enabled.
     Request TLS extensions.      <li>Added OCSP stapling support to libtls and nc.
       <li>Added ocspcheck utility to validate a certificate against its OCSP
  <li> Avoid falling back to a weak digest for (EC)DH when using SNI          responder and save the reply for stapling
   with libssl.      <li>Enhanced regression tests and error handling for libtls.
       <li>Added explicit constant and non-constant time BN functions,
  <li> X509_cmp_time() now passes a malformed GeneralizedTime field as          defaulting to constant time wherever possible.
      an error. Reported by Theofilos Petsios.      <li>Moved many leaked implementation details in public structs behind
           opaque pointers.
  <li> Detect zero-length encrypted session data early, instead of when      <li>Added ticket support to libtls.
      malloc(0) fails or the HMAC check fails. Noted independently by      <li>Added support for setting the supported EC curves via
      jsing@ and Kurt Cancemi.          SSL{_CTX}_set1_groups{_list}() - also provide defines for the
           previous SSL{_CTX}_set1_curves{_list} names. This also changes
  <li> Check for and handle failure of HMAC_{Update,Final} or          the default list of curves to be X25519, P-256 and P-384. All
     EVP_DecryptUpdate().          other curves must be manually enabled.
       <li>Added -groups option to openssl(1) s_client for specifying the
  <li> Massive update and normalization of manpages, conversion to          curves to be used in a colon-separated list.
     mandoc format. Many pages were rewritten for clarity and accuracy.      <li>Merged client/server version negotiation code paths into one,
     Portable doc links are up-to-date with a new conversion tool.          reducing much duplicate code.
       <li>Removed error function codes from libssl and libcrypto.
  <li> Curve25519 Key Exchange support.      <li>Fixed an issue where a truncated packet could crash via an OOB
           read.
  <li> Support for alternate chains for certificate verification.      <li>Added SSL_OP_NO_CLIENT_RENEGOTIATION option that disallows
           client-initiated renegotiation. This is the default for libtls
  <li> Code cleanups, CBB conversions, further unification of DTLS/SSL          servers.
       handshake code, further ASN1 macro expansion and removal.      <li>Avoid a side-channel cache-timing attack that can leak the ECDSA
           private keys when signing. This is due to BN_mod_inverse() being
  <li> Private symbols are now hidden in libssl and libcrypto.          used without the constant time flag being set. Reported by Cesar
           Pereida Garcia and Billy Brumley (Tampere University of
  <li> Friendly certificate verification error messages in libtls, peer          Technology).  The fix was developed by Cesar Pereida Garcia.
     verification is now always enabled.      <li>iOS and MacOS compatibility updates from Simone Basso and Jacob
           Berkman.
  <li> Added OCSP stapling support to libtls and nc.      <li>Added the recallocarray(3) memory allocation function, and
           converted various places in the library to use it, such as CBB
  <li> Added ocspcheck utility to validate a certificate against its OCSP          and BUF_MEM_grow.  recallocarray(3) is similar to
       responder and save the reply for stapling          reallocarray. Newly allocated memory is cleared similar to
           calloc(3). Memory that becomes unallocated while shrinking or
  <li> Enhanced regression tests and error handling for libtls.          moving existing allocations is explicitly discarded by unmapping
           or clearing to 0.
  <li> Added explicit constant and non-constant time BN functions,      <li>Added new root CAs from SECOM Trust Systems / Security
       defaulting to constant time wherever possible.          Communication of Japan.
       <li>Added EVP interface for MD5+SHA1 hashes.
  <li> Moved many leaked implementation details in public structs behind      <li>Fixed DTLS client failures when the server sends a certificate
       opaque pointers.          request.
       <li>Correct handling of padding when upgrading an SSLv2 challenge
  <li> Added ticket support to libtls.          into an SSLv3/TLS connection.
       <li>Allow protocols and ciphers to be set on a TLS config object in
  <li> Added support for setting the supported EC curves via          libtls.
       SSL{_CTX}_set1_groups{_list}() - also provide defines for the      <li>Improved nc(1) TLS handshake CPU usage and server-side error
       previous SSL{_CTX}_set1_curves{_list} names. This also changes          reporting.
       the default list of curves to be X25519, P-256 and P-384. All      <li>Add a constant time version of BN_gcd and use it default for
       other curves must be manually enabled.          BN_gcd to avoid the possibility of sidechannel timing attacks
           against RSA private key generation - Thanks to Alejandro
  <li> Added -groups option to openssl(1) s_client for specifying the          Cabrera <aldaya@gmail.com>
       curves to be used in a colon-separated list.      </ul>
   
  <li> Merged client/server version negotiation code paths into one,  
       reducing much duplicate code.  
   
  <li> Removed error function codes from libssl and libcrypto.  
   
  <li> Fixed an issue where a truncated packet could crash via an OOB  
  read.  
   
  <li> Added SSL_OP_NO_CLIENT_RENEGOTIATION option that disallows  
       client-initiated renegotiation. This is the default for libtls  
       servers.  
   
  <li> Avoid a side-channel cache-timing attack that can leak the ECDSA  
       private keys when signing. This is due to BN_mod_inverse() being  
       used without the constant time flag being set. Reported by Cesar  
       Pereida Garcia and Billy Brumley (Tampere University of  
       Technology).  The fix was developed by Cesar Pereida Garcia.  
   
  <li> iOS and MacOS compatibility updates from Simone Basso and Jacob  
       Berkman.  
   
  <li> Added the recallocarray(3) memory allocation function, and  
       converted various places in the library to use it, such as CBB  
       and BUF_MEM_grow.  recallocarray(3) is similar to  
       reallocarray. Newly allocated memory is cleared similar to  
       calloc(3). Memory that becomes unallocated while shrinking or  
       moving existing allocations is explicitly discarded by unmapping  
       or clearing to 0.  
   
  <li> Added new root CAs from SECOM Trust Systems / Security  
       Communication of Japan.  
   
  <li> Added EVP interface for MD5+SHA1 hashes.  
   
  <li> Fixed DTLS client failures when the server sends a certificate  
       request.  
   
  <li> Correct handling of padding when upgrading an SSLv2 challenge  
       into an SSLv3/TLS connection.  
   
  <li> Allow protocols and ciphers to be set on a TLS config object in  
       libtls.  
   
  <li> Improved nc(1) TLS handshake CPU usage and server-side error  
    reporting.  
   
  <li> Add a constant time version of BN_gcd and use it default for  
    BN_gcd to avoid the possibility of sidechannel timing attacks  
    against RSA private key generation - Thanks to Alejandro  
    Cabrera <aldaya@gmail.com>  
   
  </ul>  
 <p>  <p>
   
 <li>mandoc 1.14.1  <li>mandoc 1.14.1
     <ul>      <ul>
     <li>New <a href="http://man.openbsd.org/mandoc.db.5">mandoc.db(5)</a>      <li>New <a href="http://man.openbsd.org/mandoc.db.5">mandoc.db(5)</a>
         file format: <a href="http://man.openbsd.org/man.1">man(1)</a>,          file format: <a href="http://man.openbsd.org/man.1">man(1)</a>,
         <a href="http://man.openbsd.org/apropos.1">apropos(1)</a>, and          <a href="http://man.openbsd.org/apropos.1">apropos(1)</a>, and
         <a href="http://man.openbsd.org/makewhatis.8">makewhatis(8)</a>          <a href="http://man.openbsd.org/makewhatis.8">makewhatis(8)</a>
         no longer need SQLite3.          no longer need SQLite3.
     <li>Much improved HTML output and CSS.      <li>Much improved HTML output and CSS.
     <li>In <a href="http://man.openbsd.org/man.1">man(1)</a>, internal      <li>In <a href="http://man.openbsd.org/man.1">man(1)</a>, internal
         searching with <a href="http://man.openbsd.org/less.1">less(1)</a>          searching with <a href="http://man.openbsd.org/less.1">less(1)</a>
         <code>:t</code> has been improved.          <code>:t</code> has been improved.
     <li>New <a href="http://man.openbsd.org/mandoc.1">mandoc(1)</a>      <li>New <a href="http://man.openbsd.org/mandoc.1">mandoc(1)</a>
         <code>-mdoc -T markdown</code> output mode          <code>-mdoc -T markdown</code> output mode
         (already a post-1.14.1 feature).          (already a post-1.14.1 feature).
     </ul>      </ul>
 <p>  <p>
   
Legend:
Removed from v.1.79  
changed lines
  Added in v.1.80