Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 629290 (CVE-2017-3735)

Summary: <dev-libs/openssl-{1.0.2m,1.1.0g}: Malformed X.509 IPAdressFamily could cause OOB read
Product: Gentoo Security Reporter: Kristian Fiskerstrand (RETIRED) <k_f>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: base-system
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.openssl.org/news/secadv/20170828.txt
Whiteboard: A3 [glsa cve blocked]
Package list:
Runtime testing required: ---
Bug Depends on: 636264    
Bug Blocks:    

Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2017-08-29 14:01:52 UTC
OpenSSL Security Advisory [28 Aug 2017]
========================================

Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)
===================================================================

Severity: Low

If an X.509 certificate has a malformed IPAddressFamily extension,
OpenSSL could do a one-byte buffer overread. The most likely result
would be an erroneous display of the certificate in text format.

As this is a low severity fix, no release is being made. The fix can be
found in the source repository (1.0.2, 1.1.0, and master branches); see
https://github.com/openssl/openssl/pull/4276. This bug has been present
since 2006.


This issue was found by Google's OSS-Fuzz project on August 22.
The fix was developed by Rich Salz of the OpenSSL development team.

Note
====

Support for version 1.0.1 ended on 31st December 2016. Support for versions
0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer
receiving security updates.

References
==========

URL for this Security Advisory:
https://www.openssl.org/news/secadv/20170828.txt

Note: the online version of the advisory may be updated with additional details
over time.

For details of OpenSSL severity classifications please see:
https://www.openssl.org/policies/secpolicy.html
Comment 1 Larry the Git Cow gentoo-dev 2017-11-02 15:58:06 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ddc7a2854b198ea1377a9b109a1d366e4c3099e0

commit ddc7a2854b198ea1377a9b109a1d366e4c3099e0
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2017-11-02 15:57:41 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2017-11-02 15:57:55 +0000

    dev-libs/openssl: Bump for CVE-2017-{3735,3736}
    
    Bug: https://bugs.gentoo.org/629290
    Bug: https://bugs.gentoo.org/636264
    Package-Manager: Portage-2.3.13, Repoman-2.3.4

 dev-libs/openssl/Manifest              |   2 +
 dev-libs/openssl/openssl-1.0.2m.ebuild | 254 +++++++++++++++++++++++++++++++++
 dev-libs/openssl/openssl-1.1.0g.ebuild | 240 +++++++++++++++++++++++++++++++
 3 files changed, 496 insertions(+)}
Comment 2 Thomas Deutschmann gentoo-dev 2017-11-24 02:21:22 UTC
Added to an existing GLSA request.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-12-14 18:25:14 UTC
This issue was resolved and addressed in
 GLSA 201712-03 at https://security.gentoo.org/glsa/201712-03
by GLSA coordinator Thomas Deutschmann (whissi).