Openssl has a new release fixing multiple security vulnerabilities. Nothing too serious. 1.0.1k (and 1.0.0p, 0.9.8zd) fix eight vulnerabilities.
+*openssl-1.0.1k (08 Jan 2015) +*openssl-1.0.0p (08 Jan 2015) +*openssl-0.9.8z_p4 (08 Jan 2015) + + 08 Jan 2015; Lars Wendler <polynomial-c@gentoo.org> + +openssl-0.9.8z_p4.ebuild, -openssl-1.0.0o.ebuild, +openssl-1.0.0p.ebuild, + -openssl-1.0.1i.ebuild, +openssl-1.0.1k.ebuild: + Security bump (bug #536042). Removed old. + Arches please test and mark stable the following list of ebuilds: =dev-libs/openssl-0.9.8z_p4 (=openssl-0.9.8zd) =dev-libs/openssl-1.0.1k Target KEYWORDS are: alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux
amd64 stable
Stable for HPPA.
ppc stable
Stable on alpha.
x86 done.
CVE-2015-0206 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0206): Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection. CVE-2015-0205 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0205): The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support. CVE-2015-0204 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0204): The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role. CVE-2014-8275 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8275): OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c. CVE-2014-3572 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3572): The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. CVE-2014-3571 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3571): OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c. CVE-2014-3570 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3570): The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
arm stable
sparc stable
ppc64 stable
ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Superseded by bug 543552.