Assigning to the base system maintainers

Changing current version in source rpm field, because:

[marja@localhost ~]$ rpm -qa lib64openssl3
lib64openssl3-3.1.4-1.mga10

Assignee: bugsquad => basesystem
Source RPM: openssl-3.0.12-1.mga9.src.rpm => openssl-3.1.4-1.mga10
CC: (none) => marja11

Since the update, I see in the journal:
postfix/smtps/smtpd[73070]: warning: run-time library vs. compile-time header version mismatch: OpenSSL 3.1.0 may not be compatible with OpenSSL 3.0.0

and sometimes:
postfix/smtps/smtpd[73070]: warning: TLS library problem: error:0A00010B:SSL routines::wrong version number:ssl/record/ssl3_record.c:354:

Should postfix be rebuilt ?

CC: (none) => guillaume.bedot

OpenSSL has issued an advisory on January 15:
https://www.openssl.org/news/secadv/20240115.txt

The next OpenSSL version will contain the fix.

The fix is also available in commit a830f551 (for 3.1) and commit 18c02492 (for 3.0).

Summary: openssl new security issue CVE-2023-5678 => openssl new security issues CVE-2023-5678 and CVE-2023-6237
CVE: (none) => CVE-2023-5678, CVE-2023-6237

OpenSSL has issued an advisory on January 25:
https://www.openssl.org/news/secadv/20240125.txt

The next OpenSSL version will contain the fix.

The fix is also available in commit d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c (for 3.1) and commit 09df4395b5071217b76dc7d3d2e630eb8c5a79c2 (for 3.0).

CVE: CVE-2023-5678, CVE-2023-6237 => CVE-2023-5678, CVE-2023-6237, CVE-2024-0727
Summary: openssl new security issues CVE-2023-5678 and CVE-2023-6237 => openssl new security issues CVE-2023-5678, CVE-2023-6237 and CVE-2024-0727

OpenSSL has issued an advisory on January 9:
https://www.openssl.org/news/secadv/20240109.txt

The next OpenSSL version will contain the fix.

The fix is also available in commit f3fc5808 (for 3.1) and commit 050d263 (for 3.0).

Summary: openssl new security issues CVE-2023-5678, CVE-2023-6237 and CVE-2024-0727 => openssl new security issues CVE-2023-5678, CVE-2023-6129, CVE-2023-6237 and CVE-2024-0727
CVE: CVE-2023-5678, CVE-2023-6237, CVE-2024-0727 => CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727

Suggested advisory:
========================

The updated packages fix security vulnerabilities:

Excessive time spent in DH check / generation with large Q parameter value. (CVE-2023-5678)

POLY1305 MAC implementation corrupts vector registers on PowerPC. (CVE-2023-6129)

Excessive time spent checking invalid RSA public keys. (CVE-2023-6237)

PKCS12 Decoding crashes. (CVE-2024-0727)

References:
https://www.openssl.org/news/secadv/20231106.txt
https://www.openssl.org/news/secadv/20240109.txt
https://www.openssl.org/news/secadv/20240115.txt
https://www.openssl.org/news/secadv/20240125.txt
========================

Updated packages in core/updates_testing:
========================
lib(64)openssl3-3.0.12-1.1.mga9
lib(64)openssl-devel-3.0.12-1.1.mga9
lib(64)openssl-static-devel-3.0.12-1.1.mga9
openssl-3.0.12-1.1.mga9
openssl-perl-3.0.12-1.1.mga9

from SRPM:
openssl-3.0.12-1.1.mga9.src.rpm

Whiteboard: MGA9TOO => (none)
Source RPM: openssl-3.1.4-1.mga10 => openssl-3.0.12-1.mga9.src.rpm
Status: NEW => ASSIGNED
Version: Cauldron => 9
Assignee: basesystem => qa-bugs

Installed and tested without issues.

Tested using:
- apache plus apache-mod_ssl as server;
- sslscan and https://www.ssllabs.com/ssltest/ as clients;
- sshd as server;
- ssh as client;
- openssl CLI to create keys and certificates;
- openssl CLI to inspect existing keys and certificates;
- openssl speed.
- certbot.

No issues noticed.

System server: Mageia 9, x86_64, Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz.
System client: Mageia 9, x86_64, AMD Ryzen 5 5600G with Radeon Graphics.


#### Server side ####
$ uname -a
Linux marte 6.6.14-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sat Jan 27 01:13:53 UTC 2024 x86_64 GNU/Linux
$ rpm -qa | grep openssl.*3.0.12
lib64openssl3-3.0.12-1.1.mga9
lib64openssl-devel-3.0.12-1.1.mga9
openssl-3.0.12-1.1.mga9



#### Client side ####
$ uname -a
Linux jupiter 6.6.14-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sat Jan 27 01:13:53 UTC 2024 x86_64 GNU/Linux
$ rpm -qa | grep openssl.*3.0.12 | sort
lib64openssl3-3.0.12-1.1.mga9
lib64openssl-devel-3.0.12-1.1.mga9
libopenssl3-3.0.12-1.1.mga9
openssl-3.0.12-1.1.mga9

When selecting the static-devel I get: The following package has to be removed for others to be upgraded:
lib64nss-static-devel-3.97.0-1.mga9.x86_64
 (due to conflicts with libopenssl-static-devel)
Continuing without the openssl-static-devel

CC: (none) => herman.viaene

MGA9-64  Plasma Wayland on HP Pavillion
No further installation issues
Following the wiki
$ openssl version
OpenSSL 3.0.12 24 Oct 2023 (Library: OpenSSL 3.0.12 24 Oct 2023)
$ openssl version -a
OpenSSL 3.0.12 24 Oct 2023 (Library: OpenSSL 3.0.12 24 Oct 2023)
built on: Tue Jan 30 09:14:41 2024 UTC
platform: linux-x86_64
options:  bn(64,64)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -O2 -g -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -fstack-protector-all -fasynchronous-unwind-tables -O2 -g -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -fstack-protector-all -fasynchronous-unwind-tables -Wa,--noexecstack -Wa,--generate-missing-build-notes=yes -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DZLIB -DNDEBUG -DPURIFY -DDEVRANDOM="\"/dev/urandom\"" -DSYSTEM_CIPHERS_FILE="/etc/crypto-policies/back-ends/openssl.config"
OPENSSLDIR: "/etc/pki/tls"
ENGINESDIR: "/usr/lib64/engines-3"
MODULESDIR: "/usr/lib64/ossl-modules"
Seeding source: os-specific
CPUINFO: OPENSSL_ia32cap=0x43d8e3bfefebffff:0x2282

$ openssl ciphers -v
TLS_AES_256_GCM_SHA384         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(256)            Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256   TLSv1.3 Kx=any      Au=any   Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(128)            Mac=AEAD
TLS_AES_128_CCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESCCM(128)            Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256)            Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2 Kx=ECDH     Au=RSA   Enc=AESGCM(256)            Mac=AEAD
etc.......

HA384         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(256)            Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256   TLSv1.3 Kx=any      Au=any   Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(128)            Mac=AEAD
TLS_AES_128_CCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESCCM(128)            Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256)            Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2 Kx=ECDH     Au=RSA   Enc=AESGCM(256)            Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305  TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
etc....
$ openssl ciphers -v 'HIGH'
TLS_AES_256_GCM_SHA384         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(256)            Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256   TLSv1.3 Kx=any      Au=any   Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(128)            Mac=AEAD
TLS_AES_128_CCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESCCM(128)            Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256)            Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2 Kx=ECDH     Au=RSA   Enc=AESGCM(256)            Mac=AEAD
.....

$ openssl ciphers -v 'AES+HIGH'
TLS_AES_256_GCM_SHA384         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(256)            Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256   TLSv1.3 Kx=any      Au=any   Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(128)            Mac=AEAD
TLS_AES_128_CCM_SHA256         TLSv1.3 Kx=any      Au=any   Enc=AESCCM(128)            Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256)            Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2 Kx=ECDH     Au=RSA   Enc=AESGCM(256)            Mac=AEAD
DHE-DSS-AES256-GCM-SHA384      TLSv1.2 Kx=DH       Au=DSS   Enc=AESGCM(256)            Mac=AEAD
DHE-RSA-AES256-GCM-SHA384      TLSv1.2 Kx=DH       Au=RSA   Enc=AESGCM(256)            Mac=AEAD
ECDHE-ECDSA-AES256-CCM8        TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESCCM8(256)           Mac=AEAD
ECDHE-ECDSA-AES256-CCM         TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESCCM(256)            Mac=AEAD
......
Continuing later on

$ openssl speed
Doing md5 for 3s on 16 size blocks: 4921863 md5's in 2.99s
Doing md5 for 3s on 64 size blocks: 3798258 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 2375907 md5's in 3.00s
Doing md5 for 3s on 1024 size blocks: 945750 md5's in 3.00s
Doing md5 for 3s on 8192 size blocks: 143241 md5's in 3.00s
Doing md5 for 3s on 16384 size blocks: 72213 md5's in 2.98s
and a lot more, seems to work OK

$ openssl speed
Doing md5 for 3s on 16 size blocks: 4948902 md5's in 2.99s
Doing md5 for 3s on 64 size blocks: 3804689 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 2380392 md5's in 3.00s
Doing md5 for 3s on 1024 size blocks: 946997 md5's in 3.00s
Doing md5 for 3s on 8192 size blocks: 143321 md5's in 3.00s
Doing md5 for 3s on 16384 size blocks: 72726 md5's in 3.00s
etc ......

From  bug 32112
$ openssl s_client -connect mageia.org:443
CONNECTED(00000003)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
verify return:1
depth=0 CN = *.mageia.org
verify return:1
---
Certificate chain
etc....
and
SSL handshake has read 3670 bytes and written 394 bytes
Verification: OK
---
and more....

AFAICS and regarding tests from PC LX, good to go.

Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0020.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED