Univention Bugzilla – Attachment 7509 Details for
Bug 40189
openssl: Denial of service (3.2)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
CVE-2016-0800.patch
CVE-2016-0800.patch (text/plain), 4.58 KB, created by
Arvid Requate
on 2016-03-01 16:52:23 CET
(
hide
)
Description:
CVE-2016-0800.patch
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2016-03-01 16:52:23 CET
Size:
4.58 KB
patch
obsolete
>commit 56f1acf5ef8a432992497a04792ff4b3b2c6f286 >Author: Viktor Dukhovni <openssl-users@dukhovni.org> >Date: Wed Feb 17 21:37:15 2016 -0500 > > Disable SSLv2 default build, default negotiation and weak ciphers. > > SSLv2 is by default disabled at build-time. Builds that are not > configured with "enable-ssl2" will not support SSLv2. Even if > "enable-ssl2" is used, users who want to negotiate SSLv2 via the > version-flexible SSLv23_method() will need to explicitly call either > of: > > SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); > or > SSL_clear_options(ssl, SSL_OP_NO_SSLv2); > > as appropriate. Even if either of those is used, or the application > explicitly uses the version-specific SSLv2_method() or its client > or server variants, SSLv2 ciphers vulnerable to exhaustive search > key recovery have been removed. Specifically, the SSLv2 40-bit > EXPORT ciphers, and SSLv2 56-bit DES are no longer available. > > Mitigation for CVE-2016-0800 > > Reviewed-by: Emilia Käsper <emilia@openssl.org> > >diff --git a/CHANGES b/CHANGES >index b95a3ed..f209b3e 100644 >--- a/CHANGES >+++ b/CHANGES >@@ -4,6 +4,23 @@ > > Changes between 1.0.1r and 1.0.1s [xx XXX xxxx] > >+ * Disable SSLv2 default build, default negotiation and weak ciphers. SSLv2 >+ is by default disabled at build-time. Builds that are not configured with >+ "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used, >+ users who want to negotiate SSLv2 via the version-flexible SSLv23_method() >+ will need to explicitly call either of: >+ >+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); >+ or >+ SSL_clear_options(ssl, SSL_OP_NO_SSLv2); >+ >+ as appropriate. Even if either of those is used, or the application >+ explicitly uses the version-specific SSLv2_method() or its client and >+ server variants, SSLv2 ciphers vulnerable to exhaustive search key >+ recovery have been removed. Specifically, the SSLv2 40-bit EXPORT >+ ciphers, and SSLv2 56-bit DES are no longer available. >+ [Viktor Dukhovni] >+ > *) Disable SRP fake user seed to address a server memory leak. > > Add a new method SRP_VBASE_get1_by_user that handles the seed properly. >diff --git a/Configure b/Configure >index 0a5ffac..ea74c91 100755 >--- a/Configure >+++ b/Configure >@@ -724,8 +724,9 @@ my %disabled = ( # "what" => "comment" [or special keyword "experimental > "md2" => "default", > "rc5" => "default", > "rfc3779" => "default", >- "sctp" => "default", >+ "sctp" => "default", > "shared" => "default", >+ "ssl2" => "default", > "store" => "experimental", > "unit-test" => "default", > "zlib" => "default", >diff --git a/NEWS b/NEWS >index 4340554..ce256ae 100644 >--- a/NEWS >+++ b/NEWS >@@ -7,7 +7,7 @@ > > Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [under development] > >- o >+ o Disable SSLv2 default build, default negotiation and weak ciphers. > > Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016] > >diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c >index 7e3674a..82c1731 100644 >--- a/ssl/s2_lib.c >+++ b/ssl/s2_lib.c >@@ -156,6 +156,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { > 128, > }, > >+# if 0 > /* RC4_128_EXPORT40_WITH_MD5 */ > { > 1, >@@ -171,6 +172,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { > 40, > 128, > }, >+# endif > > /* RC2_128_CBC_WITH_MD5 */ > { >@@ -188,6 +190,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { > 128, > }, > >+# if 0 > /* RC2_128_CBC_EXPORT40_WITH_MD5 */ > { > 1, >@@ -203,6 +206,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { > 40, > 128, > }, >+# endif > > # ifndef OPENSSL_NO_IDEA > /* IDEA_128_CBC_WITH_MD5 */ >@@ -222,6 +226,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { > }, > # endif > >+# if 0 > /* DES_64_CBC_WITH_MD5 */ > { > 1, >@@ -237,6 +242,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { > 56, > 56, > }, >+# endif > > /* DES_192_EDE3_CBC_WITH_MD5 */ > { >diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c >index 93d1cbe..33c52ac 100644 >--- a/ssl/ssl_lib.c >+++ b/ssl/ssl_lib.c >@@ -1896,6 +1896,13 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) > */ > ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; > >+ /* >+ * Disable SSLv2 by default, callers that want to enable SSLv2 will have to >+ * explicitly clear this option via either of SSL_CTX_clear_options() or >+ * SSL_clear_options(). >+ */ >+ ret->options |= SSL_OP_NO_SSLv2; >+ > return (ret); > err: > SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 40189
: 7509 |
7510
|
7511
|
7512
|
7513