tnozaki / NetBSD / issues / #196 - [OpenSSL-1.0.2] CVE-2020-1968 - Raccoon Attack — Bitbucket

Issue #196 resolved

Takehiko NOZAKI repo owner created an issue 2021-01-09

detailed info:
https://www.openssl.org/news/secadv/20200909.txt

fix:
https://github.com/openssl/openssl/commit/c66ce5eb23f7611bd2822650d6ffeacbe0671072
https://github.com/openssl/openssl/commit/bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb
https://github.com/openssl/openssl/commit/7b6434ae035262991adf140365b69119499b5a7c

Comments (4)

Takehiko NOZAKI reporter
- edited description
- 2021-01-09T08:27:18+00:00
Takehiko NOZAKI reporter
- edited description
- 2021-01-10T08:58:27+00:00
Takehiko NOZAKI reporter
- edited description
- 2021-01-10T09:27:31+00:00
Takehiko NOZAKI reporter
BUGFIX: Issue ~~#196~~ - CVE-2020-1968 - Raccoon Attack

detailed info: https://www.openssl.org/news/secadv/20200909.txt

cherry-picked from OpenSSL_1_1_1-stable branch with some modification by me: https://github.com/openssl/openssl/commit/bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb https://github.com/openssl/openssl/commit/7b6434ae035262991adf140365b69119499b5a7c

Remove fixed DH ciphersuites.

Remove all fixed DH ciphersuites and associated logic.

Reviewed-by: Matt Caswell matt@openssl.org

(cherry-picked from commit bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb)

Stop using unimplemented cipher classes. Add comments to no longer usable ciphers.

Reviewed-by: Rich Salz rsalz@openssl.org (Merged from https://github.com/openssl/openssl/pull/5023)

(cherry picked from commit 7b6434ae035262991adf140365b69119499b5a7c)

→ <<cset a874fa3b6e90>>
- 2021-01-11T03:38:03+00:00
Log in to comment

Assignee: Takehiko NOZAKI

Type: bug

Priority: major

Status: resolved

Votes: 0

Watchers: 1