Univention Bugzilla – Bug 38692
openssl: Multiple issues (3.2)
Last modified: 2015-08-21 13:14:09 CEST
+++ This bug was initially created as a clone of Bug #38691 +++ New issues have been discovered in openssl: * Invalid free in DTLS (CVE-2014-8176) * Malformed ECParameters causes infinite loop (CVE-2015-1788) * Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) * PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) * race condition in NewSessionTicket (CVE-2015-1791) * CMS verify infinite loop with unknown hash function (CVE-2015-1792) * The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. (CVE-2015-4000)
Upstream Debian package version 0.9.8o-4squeeze21 fixes all issues noted above.
Not affected by CVE-2015-1788. Advisory: 2015-08-18-openssl.yaml
YAML: OK Build log / Patches: OK Inst / Update i386: OK Inst / Update amd64: OK ucs-test: OK
<http://errata.univention.de/ucs/3.2/360.html>