Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 44941

Summary: 2 Security Vulnerabilities in openssl (0.9.6c to 0.9.6k and 0.9.7a to 0.9.7c)
Product: Gentoo Security Reporter: Matthias Geerdsen (RETIRED) <vorlon>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: aliz, avenj, m.debruijne, tigger, wschlich
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://http://www.openssl.org/news/secadv_20040317.txt
Whiteboard:
Package list:
Runtime testing required: ---

Description Matthias Geerdsen (RETIRED) gentoo-dev 2004-03-17 05:58:36 UTC 
OpenSSL Security Advisory [17 March 2004]

Updated versions of OpenSSL are now available which correct two 
security issues:


1. Null-pointer assignment during SSL handshake
===============================================

Testing performed by the OpenSSL group using the Codenomicon TLS Test
Tool uncovered a null-pointer assignment in the
do_change_cipher_spec() function.  A remote attacker could perform a
carefully crafted SSL/TLS handshake against a server that used the
OpenSSL library in such a way as to cause OpenSSL to crash.  Depending
on the application this could lead to a denial of service.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0079 to this issue.

All versions of OpenSSL from 0.9.6c to 0.9.6k inclusive and from
0.9.7a to 0.9.7c inclusive are affected by this issue.  Any
application that makes use of OpenSSL's SSL/TLS library may be
affected.  Please contact your application vendor for details.


2. Out-of-bounds read affects Kerberos ciphersuites
===================================================

Stephen Henson discovered a flaw in SSL/TLS handshaking code when
using Kerberos ciphersuites.  A remote attacker could perform a
carefully crafted SSL/TLS handshake against a server configured to use
Kerberos ciphersuites in such a way as to cause OpenSSL to crash.
Most applications have no ability to use Kerberos ciphersuites and
will therefore be unaffected.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0112 to this issue.

Versions 0.9.7a, 0.9.7b, and 0.9.7c of OpenSSL are affected by this
issue.  Any application that makes use of OpenSSL's SSL/TLS library
may be affected.  Please contact your application vendor for details.

Recommendations
---------------

Upgrade to OpenSSL 0.9.7d or 0.9.6m.  Recompile any OpenSSL applications
statically linked to OpenSSL libraries.

OpenSSL 0.9.7d and OpenSSL 0.9.6m are available for download via HTTP and
FTP from the following master locations (you can find the various FTP
mirrors under http://www.openssl.org/source/mirror.html):

    ftp://ftp.openssl.org/source/

The distribution file names are:

    o openssl-0.9.7d.tar.gz
      MD5 checksum: 1b49e90fc8a75c3a507c0a624529aca5
    
    o openssl-0.9.6m.tar.gz [normal]
      MD5 checksum: 1b63bfdca1c37837dddde9f1623498f9
    o openssl-engine-0.9.6m.tar.gz [engine]
      MD5 checksum: 4c39d2524bd466180f9077f8efddac8c

The checksums were calculated using the following command:

    openssl md5 openssl-0.9*.tar.gz

Credits
-------

Patches for these issues were created by Dr Stephen Henson
(steve@openssl.org) of the OpenSSL core team.  The OpenSSL team would
like to thank Codenomicon for supplying the TLS Test Tool which was
used to discover these vulnerabilities, and Joe Orton of Red Hat for
performing the majority of the testing.

References
----------

http://www.codenomicon.com/testtools/tls/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20040317.txt


Reproducible: Always
Steps to Reproduce:
Comment 1 Aida Escriva-Sammer (RETIRED) gentoo-dev 2004-03-17 06:13:44 UTC 
Aliz - would you put together an ebuild for 0.97d and 0.96m?
Comment 2 Daniel Ahlberg (RETIRED) gentoo-dev 2004-03-17 08:32:31 UTC 
I'll have them ready within an hour. I'll mask them and let you guys unmask them when you're ready.
Comment 3 Daniel Ahlberg (RETIRED) gentoo-dev 2004-03-17 15:34:59 UTC 
0.9.7d and 0.9.6m are now unmasked. ~0.9.7c hardmasked in packages.mask
Comment 4 Christian Birchinger (RETIRED) gentoo-dev 2004-03-17 15:37:01 UTC 
Sparc64 works here. Sparc32 needs to be tested though (i can't)
Comment 5 solar (RETIRED) gentoo-dev 2004-03-17 15:41:29 UTC 
It took well over 30 mins to fetch openssl from any server so I pushed a 
copy of m & d out via out distfiles-local so end users wont have the
same problem at fetch time.

~arch 0.9.7d builds and seems to works correctly over here.
Comment 6 Aida Escriva-Sammer (RETIRED) gentoo-dev 2004-03-17 15:42:10 UTC 
Arch-Maintainers: Please test 0.9.7d and 0.9.6m (x86, ppc, sparc, mips, alpha, hppa) so we can push this through today.
Comment 7 Jason Wever (RETIRED) gentoo-dev 2004-03-17 16:19:18 UTC 
Please don't take this as being surly, as it's not.  But since both of the ebuilds are already stable, why ask for testing?  It doesn't seem we can go backwards.
Comment 8 Aida Escriva-Sammer (RETIRED) gentoo-dev 2004-03-17 17:16:58 UTC 
Sorry - I don't have CVS access, packages.g.o and viewcvs do not have it marked as stable.

GLSA to go out asap.