OpenSSL 1.0.1j and 0.9.8zc updates are available for download now. These are primarily security updates and it is suggested that you update your server as soon as possible.
Update packages can be found on our download page (http://www.apachehaus.com/cgi-bin/download.plx).
OpenSSL 0.9.8zc Changes
*) Same as below for OpenSSL 1.0.1j
*) NOTE: OpenSSL 0.9.8 branch will be End Of Life at the end of the year (2014).
This may be the last release of the 0.9.8 branch.
OpenSSL 1.0.1j Changes
*) SRTP Memory Leak. (CVE-2014-3513)
A flaw in the DTLS SRTP extension parsing code allows an attacker, who
sends a carefully crafted handshake message, to cause OpenSSL to fail
to free up to 64k of memory causing a memory leak. This could be
exploited in a Denial Of Service attack. This issue affects OpenSSL
1.0.1 server implementations for both SSL/TLS and DTLS regardless of
whether SRTP is used or configured. Implementations of OpenSSL that
have been compiled with OPENSSL_NO_SRTP defined are not affected.
The fix was developed by the OpenSSL team.
*) Session Ticket Memory Leak. (CVE-2014-3567)
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
integrity of that ticket is first verified. In the event of a session
ticket integrity check failing, OpenSSL will fail to free memory
causing a memory leak. By sending a large number of invalid session
tickets an attacker could exploit this issue in a Denial Of Service
attack. [Steve Henson]
*) Build option no-ssl3 is incomplete. (CVE-2014-3568)
When OpenSSL is configured with "no-ssl3" as a build option, servers
could accept and complete a SSL 3.0 handshake, and clients could be
configured to send them. [Akamai and the OpenSSL team]
*) Add support for TLS_FALLBACK_SCSV. (CVE-2014-3566)
Client applications doing fallback retries should call
SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
[Adam Langley, Bodo Moeller]
*) Add additional DigestInfo checks.
Reencode DigestInto in DER and check against the original when
verifying RSA signature: this will reject any improperly encoded
DigestInfo structures.
Note: this is a precautionary measure and no attacks are currently known.
[Steve Henson]