OpenSSL Security Advisory [28 Aug 2017] ======================================== Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) =================================================================== Severity: Low If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format. As this is a low severity fix, no release is being made. The fix can be found in the source repository (1.0.2, 1.1.0, and master branches); see https://github.com/openssl/openssl/pull/4276. This bug has been present since 2006. This issue was found by Google's OSS-Fuzz project on August 22. The fix was developed by Rich Salz of the OpenSSL development team. Note ==== Support for version 1.0.1 ended on 31st December 2016. Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20170828.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ddc7a2854b198ea1377a9b109a1d366e4c3099e0 commit ddc7a2854b198ea1377a9b109a1d366e4c3099e0 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2017-11-02 15:57:41 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2017-11-02 15:57:55 +0000 dev-libs/openssl: Bump for CVE-2017-{3735,3736} Bug: https://bugs.gentoo.org/629290 Bug: https://bugs.gentoo.org/636264 Package-Manager: Portage-2.3.13, Repoman-2.3.4 dev-libs/openssl/Manifest | 2 + dev-libs/openssl/openssl-1.0.2m.ebuild | 254 +++++++++++++++++++++++++++++++++ dev-libs/openssl/openssl-1.1.0g.ebuild | 240 +++++++++++++++++++++++++++++++ 3 files changed, 496 insertions(+)}
Added to an existing GLSA request.
This issue was resolved and addressed in GLSA 201712-03 at https://security.gentoo.org/glsa/201712-03 by GLSA coordinator Thomas Deutschmann (whissi).