The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in
OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict
certain oracle behavior, which makes it easier for context-dependent
attackers to decrypt data via a Million Message Attack (MMA) adaptive
chosen ciphertext attack.
sbeattie> only affects CMS, PKCS #7, or S/MIME decryption, not SSL/TLS
mdeslaur> from oss-security: "If a Linux distribution picks up the fix for
mdeslaur> CVE-2012-0884 then they will want to pick up change 22161 at the
mdeslaur> same time since the fix for the security vulnerability will
mdeslaur> generally cause symmetric decryption errors when it kicks in and
mdeslaur> things get very confusing for the end user without change 22161"
mdeslaur> A second issue was fixed too, see:
Updated: 2014-04-18 13:15:46 UTC (commit 7949)