LibreSSL 2.1.4 released
4 March, 2015 by busterb@gmail.com | openbsd
We have released LibreSSL 2.1.4, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This release adds a number of new security features, makes building privilege-separated programs simpler, and improves the libtls API. This release also includes a binary package for convenience integrating LibreSSL on Windows platforms, and the latest source tarball is signed with GPG and signify for easier integration into existing build systems. Feedback is welcome. Bugs, patches, and features requests can be reported to tech@openbsd.org or at https://github.com/libressl-portable/portable/issues As the OpenBSD 5.7 development effort comes to a close, so does the LibreSSL 2.1.x branch. The next release will begin the 2.2.x development branch. User-visible features: * Improvements to libtls: - a new API for loading CA chains directly from memory instead of a file, allowing verification with privilege separation in a chroot without direct access to CA certificate files. - Ciphers default to TLSv1.2 with AEAD and PFS. - Improved error handling and message generation - New APIs and improved documentation * Added X509_STORE_load_mem API for loading certificates from memory. This facilitates accessing certificates from a chrooted environment. * New AEAD "MAC alias" allows configuring TLSv1.2 AEAD ciphers by using 'TLSv1.2+AEAD' as the cipher selection string. * New openssl(1) command 'certhash' replaces the c_rehash script. * Server-side support for TLS_FALLBACK_SCSV for compatibility with various auditor and vulnerability scanners. Code improvements: * Dead and disabled code removal including MD5, Netscape workarounds, non-POSIX IO, SCTP, RFC 3779 support, "#if 0" sections, and more. * The ASN1 macros are expanded to aid readability and maintainability. * Various NULL pointer asserts removed in favor of letting the OS/signal handler catch them. * Refactored argument handling in openssl(1) for consistency and maintainability. * Support for building with OPENSSL_NO_DEPRECATED * Dozens of issues found with the Coverity scanner fixed. Security updates: - Fix a minor information leak that was introduced in t1_lib.c r1.71, whereby an additional 28 bytes of .rodata (or .data) is provided to the network. In most cases this is a non-issue since the memory content is already public. Issue found and reported by Felix Groebert of the Google Security Team. - Fixes for the following low-severity issues were integrated into LibreSSL from OpenSSL 1.0.1k: CVE-2015-0205 - DH client certificates accepted without verification CVE-2014-3570 - Bignum squaring may produce incorrect results CVE-2014-8275 - Certificate fingerprints can be modified CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client] Reported by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The following CVEs were fixed in earlier LibreSSL releases: CVE-2015-0206 - Memory leak handling repeated DLTS records CVE-2014-3510 - Flaw handling DTLS anonymous EC(DH) ciphersuites. The following CVEs did not apply to LibreSSL: CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record CVE-2014-3569 - no-ssl3 configuration sets method to NULL CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.