Bug 38692 - openssl: Multiple issues (3.2)
openssl: Multiple issues (3.2)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-6-errata
Assigned To: Arvid Requate
Stefan Gohmann
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-06-11 21:25 CEST by Arvid Requate
Modified: 2015-08-21 13:14 CEST (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:
requate: Patch_Available+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2015-06-11 21:25:12 CEST
+++ This bug was initially created as a clone of Bug #38691 +++

New issues have been discovered in openssl:

* Invalid free in DTLS (CVE-2014-8176)
* Malformed ECParameters causes infinite loop (CVE-2015-1788)
* Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
* PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
* race condition in NewSessionTicket (CVE-2015-1791)
* CMS verify infinite loop with unknown hash function (CVE-2015-1792)

* The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. (CVE-2015-4000)
Comment 1 Arvid Requate univentionstaff 2015-06-22 19:05:00 CEST
Upstream Debian package version 0.9.8o-4squeeze21 fixes all issues noted above.
Comment 2 Arvid Requate univentionstaff 2015-08-18 16:55:01 CEST
Not affected by CVE-2015-1788.

Advisory: 2015-08-18-openssl.yaml
Comment 3 Stefan Gohmann univentionstaff 2015-08-19 16:56:41 CEST
YAML: OK

Build log / Patches: OK

Inst / Update i386: OK

Inst / Update amd64: OK

ucs-test: OK
Comment 4 Janek Walkenhorst univentionstaff 2015-08-21 13:14:09 CEST
<http://errata.univention.de/ucs/3.2/360.html>