Fedora has issued an advisory on May 30: https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html That was for nss, but OpenSSL is also affected, and the RedHat bug linked from the advisory has a lot more details about that. This is also known popularly as LOGJAM. For OpenSSL, it will be fixed when 1.0.2b is released and we get that out for Mageia 5 (and 1.0.1n for Mageia 4). Mozilla has fixed it in NSS 3.19.1, which is what Fedora's advisory was. We'll of course include it in the next set of Mozilla updates. I'm not aware of any other packages planning fixes for this issue. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO, MGA4TOO
Ubuntu has issued an advisory related to this on June 1: http://www.ubuntu.com/usn/usn-2624-1/
URL: (none) => http://lwn.net/Vulnerabilities/646994/
Ubuntu's apache advisory from today (June 2) is also partially related: http://www.ubuntu.com/usn/usn-2625-1/
Qt 5.4.2 also has a fix for this: http://blog.qt.io/blog/2015/06/02/qt-5-4-2-released/
OpenSSL has issued an advisory today (June 11): http://openssl.org/news/secadv_20150611.txt They have issued version 1.0.2b and 1.0.1n, fixing LOGJAM and a handful of other moderate and low severity issues.
(In reply to David Walser from comment #4) > OpenSSL has issued an advisory today (June 11): > http://openssl.org/news/secadv_20150611.txt > > They have issued version 1.0.2b and 1.0.1n, fixing LOGJAM and a handful of > other moderate and low severity issues. The additional issues are CVE-2015-178[89] and CVE-2015-179[0-2]. Updates have been committed in SVN for Mageia 4 and Cauldron. Freeze push requested for Cauldron (for both openssl and nss).
(In reply to David Walser from comment #2) > Ubuntu's apache advisory from today (June 2) is also partially related: > http://www.ubuntu.com/usn/usn-2625-1/ This is only relevant for Apache 2.2, so we're not affected. (In reply to David Walser from comment #1) > Ubuntu has issued an advisory related to this on June 1: > http://www.ubuntu.com/usn/usn-2624-1/ Those fixes are already included in the OpenSSL versions we have.
Summary: openssl new security issue (LOGJAM) CVE-2015-4000 => openssl new security issues CVE-2015-4000 (LOGJAM), CVE-2015-178[89], and CVE-2015-179[0-2]
Updated packages uploaded for Mageia 4 and Cauldron. Testing procedure: https://wiki.mageia.org/en/QA_procedure:Openssl Advisory: ======================== Updated openssl packages fix security vulnerabilities: A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000). When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field. This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled (CVE-2015-1788). X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string. An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks (CVE-2015-1789). The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing (CVE-2015-1790). If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data (CVE-2015-1791). When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. This can be used to perform denial of service against any system which verifies signedData messages using the CMS code (CVE-2015-1792). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792 http://openssl.org/news/secadv_20150611.txt ======================== Updated packages in core/updates_testing: ======================== openssl-1.0.1n-1.mga4 libopenssl-engines1.0.0-1.0.1n-1.mga4 libopenssl1.0.0-1.0.1n-1.mga4 libopenssl-devel-1.0.1n-1.mga4 libopenssl-static-devel-1.0.1n-1.mga4 from openssl-1.0.1n-1.mga4.src.rpm
Version: Cauldron => 4Assignee: bugsquad => qa-bugsWhiteboard: MGA5TOO, MGA4TOO => has_procedure
Updated again to 1.0.2c and 1.0.1o to fix a small ABI breakage issue in the previous releases. Updated packages in core/updates_testing: ======================== openssl-1.0.1o-1.mga4 libopenssl-engines1.0.0-1.0.1o-1.mga4 libopenssl1.0.0-1.0.1o-1.mga4 libopenssl-devel-1.0.1o-1.mga4 libopenssl-static-devel-1.0.1o-1.mga4 from openssl-1.0.1o-1.mga4.src.rpm
LWN reference for CVE-2015-4000 (LOGJAM): http://lwn.net/Vulnerabilities/646994/ For the other issues fixed in this OpenSSL update, Ubuntu has issued an advisory on June 11: http://www.ubuntu.com/usn/usn-2639-1/ Reposting the advisory using Ubuntu's more concise CVE descriptions. Advisory: ======================== Updated openssl packages fix security vulnerabilities: A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000). Joseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters structures. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service (CVE-2015-1788). Robert Swiecki and Hanno Böck discovered that OpenSSL incorrectly handled certain ASN1_TIME strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service (CVE-2015-1789). Michal Zalewski discovered that OpenSSL incorrectly handled missing content when parsing ASN.1-encoded PKCS#7 blobs. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service (CVE-2015-1790). Emilia Käsper discovered that OpenSSL incorrectly handled NewSessionTicket when being used by a multi-threaded client. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service (CVE-2015-1791). Johannes Bauer discovered that OpenSSL incorrectly handled verifying signedData messages using the CMS code. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service (CVE-2015-1792). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792 http://openssl.org/news/secadv_20150611.txt http://www.ubuntu.com/usn/usn-2639-1/
URL: http://lwn.net/Vulnerabilities/646994/ => http://lwn.net/Vulnerabilities/648032/
CC: (none) => juan.baptiste
I'm going to test it inside a Mageia 4 x86-64 VM. Stay tuned. Then hopefully I'll do a 32-bit VM too.
CC: (none) => shlomif
(In reply to Shlomi Fish from comment #10) > I'm going to test it inside a Mageia 4 x86-64 VM. Stay tuned. Then hopefully > I'll do a 32-bit VM too. OK , I tested the new openssl on an x86-64 VM up to the point of running the HTTPS/TLS service, which I didn't know how to proceed because I couldn't find usable instructions on how to generate a certificate. Can someone provide those? Anyway, I'm now trying to build pypy which consumes a lot of RAM (over 4 GB) and so I cannot run the MGA4 VM. Shall I mark it as MGA4-64-OK? Regards, -- Shlomi Fish
The test procedure says if you don't have a server you can simulate one with an openssl command, so you don't really need an HTTPS server. However, our apache-mod_ssl package automatically triggers the creation of a certificate, so you shouldn't need to do that manually. If you deleted the certs for some reason, you can regenerate them with the /usr/share/rpm-helper/create-ssl-certificate script that it uses. (arguments are "apache 1 httpd")
(In reply to David Walser from comment #12) > The test procedure says if you don't have a server you can simulate one with > an openssl command, so you don't really need an HTTPS server. Yes, but the command given was incorrect and tripped me off. I now corrected it. > However, our > apache-mod_ssl package automatically triggers the creation of a certificate, > so you shouldn't need to do that manually. If you deleted the certs for > some reason, you can regenerate them with the > /usr/share/rpm-helper/create-ssl-certificate script that it uses. > (arguments are "apache 1 httpd") I see. ---- Anyway, I was eventually able to run the "openssl s_server" and check the connection. Marking as MGA4-64-OK because everything with the new openssl package seems fine there. Next I'm going to tackle i586.
Whiteboard: has_procedure => MGA4-64-OK has_procedure
Tested on an i586 VM. Marking as MGA4-32-OK. Can it be validated?
Whiteboard: MGA4-64-OK has_procedure => MGA4-64-OK has_procedure MGA4-32-OK
Yes, thanks Shlomi for your work. Please do. I'll add advisory when i get a chance.
Validating update per Claire/"MrsB"âs request.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Advisory uploaded. Someone from the sysadmin team please push this update.
CC: (none) => davidwhodginsWhiteboard: MGA4-64-OK has_procedure MGA4-32-OK => MGA4-64-OK has_procedure MGA4-32-OK advisory
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0246.html
Status: NEW => RESOLVEDResolution: (none) => FIXED