Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 536042 - <dev-libs/openssl-1.0.1k multiple vulnerabilities (CVE-2014-{3569,3570,3571,3572,8275},CVE-2015-{0204,0205,0206})
Summary: <dev-libs/openssl-1.0.1k multiple vulnerabilities (CVE-2014-{3569,3570,3571,3...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: http://openssl.org/news/secadv_201501...
Whiteboard: A3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-01-08 16:33 UTC by Hanno Böck
Modified: 2015-03-20 22:44 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2015-01-08 16:33:46 UTC
Openssl has a new release fixing multiple security vulnerabilities.

Nothing too serious. 1.0.1k (and 1.0.0p, 0.9.8zd) fix eight vulnerabilities.
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2015-01-08 17:33:50 UTC
+*openssl-1.0.1k (08 Jan 2015)
+*openssl-1.0.0p (08 Jan 2015)
+*openssl-0.9.8z_p4 (08 Jan 2015)
+
+  08 Jan 2015; Lars Wendler <polynomial-c@gentoo.org>
+  +openssl-0.9.8z_p4.ebuild, -openssl-1.0.0o.ebuild, +openssl-1.0.0p.ebuild,
+  -openssl-1.0.1i.ebuild, +openssl-1.0.1k.ebuild:
+  Security bump (bug #536042). Removed old.
+

Arches please test and mark stable the following list of ebuilds:

=dev-libs/openssl-0.9.8z_p4 (=openssl-0.9.8zd)
=dev-libs/openssl-1.0.1k

Target KEYWORDS are:

alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux
Comment 2 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-01-08 20:21:01 UTC
amd64 stable
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2015-01-08 23:27:16 UTC
Stable for HPPA.
Comment 4 Agostino Sarubbo gentoo-dev 2015-01-09 08:38:47 UTC
ppc stable
Comment 5 Tobias Klausmann (RETIRED) gentoo-dev 2015-01-09 10:12:06 UTC
Stable on alpha.
Comment 6 Andreas Schürch gentoo-dev 2015-01-09 12:48:20 UTC
x86 done.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2015-01-10 16:33:38 UTC
CVE-2015-0206 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0206):
  Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0
  before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a
  denial of service (memory consumption) by sending many duplicate records for
  the next epoch, leading to failure of replay detection.

CVE-2015-0205 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0205):
  The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before
  1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a
  Diffie-Hellman (DH) certificate without requiring a CertificateVerify
  message, which allows remote attackers to obtain access without knowledge of
  a private key via crafted TLS Handshake Protocol traffic to a server that
  recognizes a Certification Authority with DH support.

CVE-2015-0204 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0204):
  The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd,
  1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to
  conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force
  decryption by offering a weak ephemeral RSA key in a noncompliant role.

CVE-2014-8275 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8275):
  OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does
  not enforce certain constraints on certificate data, which allows remote
  attackers to defeat a fingerprint-based certificate-blacklist protection
  mechanism by including crafted data within a certificate's unsigned portion,
  related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c,
  crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.

CVE-2014-3572 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3572):
  The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd,
  1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to
  conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward
  secrecy by omitting the ServerKeyExchange message.

CVE-2014-3571 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3571):
  OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows
  remote attackers to cause a denial of service (NULL pointer dereference and
  application crash) via a crafted DTLS message that is processed with a
  different read operation for the handshake header than for the handshake
  body, related to the dtls1_get_record function in d1_pkt.c and the
  ssl3_read_n function in s3_pkt.c.

CVE-2014-3570 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3570):
  The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p,
  and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM
  value, which might make it easier for remote attackers to defeat
  cryptographic protection mechanisms via unspecified vectors, related to
  crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
Comment 8 Markus Meier gentoo-dev 2015-01-11 21:13:53 UTC
arm stable
Comment 9 Agostino Sarubbo gentoo-dev 2015-01-13 10:22:15 UTC
sparc stable
Comment 10 Agostino Sarubbo gentoo-dev 2015-01-14 13:52:47 UTC
ppc64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2015-01-16 08:09:30 UTC
ia64 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 12 Tobias Heinlein (RETIRED) gentoo-dev 2015-03-20 16:51:20 UTC
Superseded by bug 543552.