Univention Bugzilla – Bug 35579
openssl: Multiple issues (3.2)
Last modified: 2014-08-07 17:50:13 CEST
Information leak in pretty printing functions (CVE-2014-3508) Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) Double Free when processing DTLS packets (CVE-2014-3505) DTLS memory exhaustion (CVE-2014-3506) DTLS memory leak from zero-length fragments (CVE-2014-3507) OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) OpenSSL TLS protocol downgrade attack (CVE-2014-3511) SRP buffer overrun (CVE-2014-3512)
(In reply to Moritz Mühlenhoff from comment #0) > Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) This only applies to 1.0.1 > Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) This only applies to 1.0.0 and 1.0.1 > OpenSSL TLS protocol downgrade attack (CVE-2014-3511) This only applies to 1.0.1 > SRP buffer overrun (CVE-2014-3512) This only applies to 1.0.1 <https://www.openssl.org/news/secadv_20140806.txt>
(In reply to Moritz Mühlenhoff from comment #0) > Information leak in pretty printing functions (CVE-2014-3508) > Double Free when processing DTLS packets (CVE-2014-3505) > DTLS memory exhaustion (CVE-2014-3506) > DTLS memory leak from zero-length fragments (CVE-2014-3507) > OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) Fixed with new version. This version also includes: Fix CVE-2012-4929 (CRiME) by disabling zlib compression by default. It can be enabled again by setting the environment variable OPENSSL_NO_DEFAULT_ZLIB. Advisory: 2014-08-07-openssl.yaml Tests (amd64): OK
Verified: * 0.9.8o-4squeeze17 has been imported from upstream squeeze repo and replaces 0.9.8o-4squeeze15 (imported for errata 124). * The upstream version contains patches for the CVEs in the advisory. * The advisory is up to date and the errata will be published into errata3.2-1 and errata3.2-2. * Installation was successful.
http://errata.univention.de/ucs/3.2/177.html