- It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle.
- A double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially-crafted policy extension data.
- An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection.
- It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake.
- Prior to this update, the openssl configuration file variables with "yes" or "no" values were parsed incorrectly. The value of "yes" was interpreted as "no". With this update, the "yes" or "no" values in the configuration file are now parsed correctly.
- Documentation of possible error states related to the FIPS mode is now included in the README.FIPS file.
- DigiCert Certification Authority certificates were added to the /etc/pki/tls/certs/ca-bundle.crt file that contains the certificates of trusted certification authorities.
- Known answer self-tests for the SHA2 algorithms (SHA256 and SHA512) were added to the FIPS mode start up self tests.
- The makefile for generating keys and certificates was updated to generate the private keys with a length of 2048 bits by default as the previous length of 1024 bits is now considered too weak.