Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 629290 (CVE-2017-3735) - <dev-libs/openssl-{1.0.2m,1.1.0g}: Malformed X.509 IPAdressFamily could cause OOB read
Summary: <dev-libs/openssl-{1.0.2m,1.1.0g}: Malformed X.509 IPAdressFamily could cause...
Status: RESOLVED FIXED
Alias: CVE-2017-3735
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.openssl.org/news/secadv/2...
Whiteboard: A3 [glsa cve blocked]
Keywords:
Depends on: CVE-2017-3736
Blocks:
  Show dependency tree
 
Reported: 2017-08-29 14:01 UTC by Kristian Fiskerstrand (RETIRED)
Modified: 2017-12-14 18:25 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2017-08-29 14:01:52 UTC
OpenSSL Security Advisory [28 Aug 2017]
========================================

Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)
===================================================================

Severity: Low

If an X.509 certificate has a malformed IPAddressFamily extension,
OpenSSL could do a one-byte buffer overread. The most likely result
would be an erroneous display of the certificate in text format.

As this is a low severity fix, no release is being made. The fix can be
found in the source repository (1.0.2, 1.1.0, and master branches); see
https://github.com/openssl/openssl/pull/4276. This bug has been present
since 2006.


This issue was found by Google's OSS-Fuzz project on August 22.
The fix was developed by Rich Salz of the OpenSSL development team.

Note
====

Support for version 1.0.1 ended on 31st December 2016. Support for versions
0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer
receiving security updates.

References
==========

URL for this Security Advisory:
https://www.openssl.org/news/secadv/20170828.txt

Note: the online version of the advisory may be updated with additional details
over time.

For details of OpenSSL severity classifications please see:
https://www.openssl.org/policies/secpolicy.html
Comment 1 Larry the Git Cow gentoo-dev 2017-11-02 15:58:06 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ddc7a2854b198ea1377a9b109a1d366e4c3099e0

commit ddc7a2854b198ea1377a9b109a1d366e4c3099e0
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2017-11-02 15:57:41 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2017-11-02 15:57:55 +0000

    dev-libs/openssl: Bump for CVE-2017-{3735,3736}
    
    Bug: https://bugs.gentoo.org/629290
    Bug: https://bugs.gentoo.org/636264
    Package-Manager: Portage-2.3.13, Repoman-2.3.4

 dev-libs/openssl/Manifest              |   2 +
 dev-libs/openssl/openssl-1.0.2m.ebuild | 254 +++++++++++++++++++++++++++++++++
 dev-libs/openssl/openssl-1.1.0g.ebuild | 240 +++++++++++++++++++++++++++++++
 3 files changed, 496 insertions(+)}
Comment 2 Thomas Deutschmann gentoo-dev Security 2017-11-24 02:21:22 UTC
Added to an existing GLSA request.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-12-14 18:25:14 UTC
This issue was resolved and addressed in
 GLSA 201712-03 at https://security.gentoo.org/glsa/201712-03
by GLSA coordinator Thomas Deutschmann (whissi).