Description Sune Kloppenborg Jeppesen (RETIRED) 2006-09-22 08:11:20 UTC

This issue was previously communicated to you via NISCC as "parasitic
public keys" but without a patch.  Bodo and Steven have worked on a patch,
but it needs vendor testing.  Patch is attached and under embargo.

        Dr S N Henson of the OpenSSL core team and Open Network Security
        recently developed an ASN1 test suite for NISCC
        (www.niscc.gov.uk). When the test suite was run against OpenSSL a
        DoS was discovered.

        Certain types of public key can take disproportionate amounts of
        time to process. This could be used by an attacker in a denial of
        service attack. CVE-2006-2940

Now to correct this we put in place various limits, similar to what other
crypto libraries (such as NSS) do.

This patch is against 0.9.8.  Bodo said "Note that the ECC-related changes
can be omitted for 0.9.7, since the 0.9.7 branch contains a partial ECC
library, but does not integrate it into TLS and X.509!"

Please follow up on any testing to openssl-team as time is tight to get
this out by the embargo date, 20060928.  We'll come back next week with 
the final set of patches for all the 20060928 OpenSSL issues.