From $URL: OpenSSL Ciphersuite Downgrade Attack ===================================== A flaw has been found in the OpenSSL SSL/TLS server code where an old bug workaround allows malicous clients to modify the stored session cache ciphersuite. In some cases the ciphersuite can be downgraded to a weaker one on subsequent connections. The OpenSSL security team would like to thank Martin Rex for reporting this issue. This vulnerability is tracked as CVE-2010-4180 OpenSSL JPAKE validation error =============================== Sebastian Martini found an error in OpenSSL's J-PAKE implementation which could lead to successful validation by someone with no knowledge of the shared secret. This error is fixed in 1.0.0c. Details of the problem can be found here: http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf Note that the OpenSSL Team still consider our implementation of J-PAKE to be experimental and is not compiled by default. This issue is tracked as CVE-2010-4252. Mike, thank you for being on top of the version bump. Arches, please test and mark stable: =dev-libs/openssl-1.0.0c Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" =dev-libs/openssl-0.9.8q Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
x86 stable
amd64 ok
(In reply to comment #0) > Arches, please test and mark stable: > =dev-libs/openssl-1.0.0c > Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" Stable for HPPA PPC. > =dev-libs/openssl-0.9.8q > Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" If I recall correctly, most arches don't need this. Skipped for HPPA PPC. Readd us if you think this is in error.
I am a bit worried about the dual target too
(In reply to comment #4) > I am a bit worried about the dual target too > Thanks. From another recent openssl bug, bug 345767: >(In reply to comment #5) >> Arches, please test and mark stable: >> =dev-libs/openssl-0.9.8p >> Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" > >Do note that SLOT="0.9.8" is only for binary programs, and only amd64 and x86 >has such dependencies in tree. >Others may wish to skip SLOT="0.9.8" and only get SLOT="0" to avoid unnecessary >testing. So here are the revised targets. =dev-libs/openssl-0.9.8q Target keywords : "amd64 x86" Already stabled : "x86" Missing keywords: "amd64" =dev-libs/openssl-1.0.0c Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" Already stabled : "hppa ppc x86" Missing keywords: "alpha amd64 arm ia64 m68k ppc64 s390 sh sparc" Thanks, folks.
amd64 done. Thanks Agostino
arm stable
s390 stable
alpha/ia64/m68k/sh/sparc stable
ppc64 done
Thanks, folks. GLSA Vote, Yes.
GLSA Vote: no.
CVE-2010-4180 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180): OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
GLSA vote: YES; request filed.
This issue was resolved and addressed in 201110-01 at http://security.gentoo.org/glsa/glsa-201110-01.xml by GLSA coordinator Tobias Heinlein (keytoaster).
