From ${URL} : A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed (re)initialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but seeds the PRNG with the output of time(NULL). The most important consequence is that servers using EC (ECDSA) or DSA certificates may under certain conditions leak their private key. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
As pe the discussion on the URL RedHat is not vulnerable to this vulnerability (this is where the original bug report came from). Maintainers can you take a look and see if we are vulnerable. From URL: As mentioned in the previous comments, this flaw does not affect the version of stunnel shipped with Red Hat Enterprise Linux 5 and 6, since these versions use POSIX threads (pthreads) and no not use fork().
Arch teams, please stabilize stunnel-5.01. KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 ~s390 sparc x86"
Arch teams, please test and mark stable: =net-misc/stunnel-5.02 Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Stable for HPPA. net-misc/stunnel - obsolete files/stunnel.rc6 files/stunnel-4.54-xforwarded-for.patch files/stunnel-4.54-listen-queue.patch
CVE-2014-0016 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0016): stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates.
(In reply to Jeroen Roovers from comment #3) > Arch teams, please test and mark stable: > =net-misc/stunnel-5.02 > Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 Okay with 5.02, I took care of arm ppc and ppc64.
amd64 stable
x86 stable
Stable on alpha.
ia64 stable
sparc stable. Maintainer(s), please cleanup. Security, please vote.
GLSA vote: no.
GLSA vote: yes.
Maintainer(s), please drop the vulnerable version. GLSA Vote: Yes Created a New GLSA request.
Arches and Maintainer(s), Thank you for your work.
This issue was resolved and addressed in GLSA 201408-14 at http://security.gentoo.org/glsa/glsa-201408-14.xml by GLSA coordinator Kristian Fiskerstrand (K_F).
