| Summary: | <dev-libs/openssl-{1.0.0m,1.0.1g}: crash when using TLS 1.2 (CVE-2013-{6449,6450}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | base-system |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest | ||
| See Also: | https://bugzilla.redhat.com/show_bug.cgi?id=1045363 | ||
| Whiteboard: | A3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
Commit message: Add fix from upstream for crashes w/TLS 1.2 http://sources.gentoo.org/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch?rev=1.1 http://sources.gentoo.org/dev-libs/openssl/openssl-1.0.1e-r3.ebuild?rev=1.1 CVE-2013-6449 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6449): The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. Please advise when ready for stabilization. from https://bugzilla.redhat.com/show_bug.cgi?id=1047840 : Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6450 to the following vulnerability: The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. Upstream commit: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3462896 CVE-2013-6450 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6450): The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. From https://www.openssl.org/news/vulnerabilities.html#2013-6449: CVE-2013-6449: 14th December 2013 A flaw in OpenSSL can cause an application using OpenSSL to crash when using TLS version 1.2. This issue only affected OpenSSL 1.0.1 versions. Reported by Ron Barber. Fixed in OpenSSL 1.0.1f (git commit) (Affected 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) CVE-2013-6450: 13th December 2013 A flaw in DTLS handling can cause an application using OpenSSL and DTLS to crash. This is not a vulnerability for OpenSSL prior to 1.0.0. Reported by Dmitry Sobinov. Fixed in OpenSSL 1.0.1f (git commit) (Affected 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) Fixed in OpenSSL 1.0.0l (Affected 1.0.0k, 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0) ## Vulnerable versions have already been been stabilized and cleaned up, GLSA request created. This issue was resolved and addressed in GLSA 201412-39 at http://security.gentoo.org/glsa/glsa-201412-39.xml by GLSA coordinator Sean Amoss (ackle). |
From ${URL} : A flaw was reported for OpenSSL 1.0.1e, that can cause application using OpenSSL to crash when using TLS version 1.2. Issue was reported via the following OpenSSL upstream ticket: http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest and also as bug for Apache Traffic Server: https://issues.apache.org/jira/browse/TS-2355 Fix is now committed in upstream git: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ca98926 Related to the above ticket, upstream also added this fix to improve error checks in OpenSSL: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0294b2b @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.