Univention Bugzilla – Full Text Bug Listing |
Summary: | openssl: multiple issues (4.1) | ||
---|---|---|---|
Product: | UCS | Reporter: | Felix Botner <botner> |
Component: | Security updates | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann |
Version: | UCS 4.1 | ||
Target Milestone: | UCS 4.1-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
URL: | https://www.openssl.org/blog/blog/2016/08/24/sweet32/ | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=42925 | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | Yes | |
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2016092321000391 | Bug group (optional): | Security |
Max CVSS v3 score: | |||
Bug Depends on: | 41197 | ||
Bug Blocks: | 42487 |
Description
Felix Botner
2016-09-23 13:42:35 CEST
We need the 1.0.2j version, the 1.0.2i introduced a regression: https://www.openssl.org/news/secadv/20160926.txt Bug 40187 already fixed these: 02_CVE-2015-3193 03_CVE-2015-3194 04_CVE-2015-3195 06_CVE-2016-0702 07_CVE-2016-0705 08_CVE-2016-0797 09_CVE-2016-0798 10_CVE-2016-0799 11_CVE-2016-0800 Bug 41197 already fixed these: - Fixes CVE-2016-2107 - Fixes CVE-2016-2105 - Fixes CVE-2016-2106 - Fixes CVE-2016-2109 Bug 40187 also fixed: 05_CVE-2016-0701.patch Not affected by CVE-2015-3196 (fixed in 1.0.2d-1). I backported the corresponding commits from the source git repository, plus some additional upstream commits that made clean patch application possible. All modifications are mentioned in the advisory (openssl.yaml). There are a couple of additional memory leak patches upstream. Maybe it makes more sense to apply the full git diff OpenSSL_1_0_2d..OpenSSL_1_0_2j at some point? Anyway, handing over for QA. Please have a look at the test case 23_apache/22_ssl-order: http://jenkins.knut.univention.de:8080/job/UCS-4.1/job/UCS-4.1-3/job/AutotestJoin/77/SambaVersion=s3,Systemrolle=master/testReport/23_apache/22_ssl-order/test/ [2016-10-06 20:29:24.909898] Create apache2/ssl/honorcipherorder [2016-10-06 20:29:25.082959] File: /etc/apache2/mods-available/ssl.conf (2016-10-06 20:29:25.345772) Syntax OK [2016-10-06 20:29:26.020505] Cipher : ECDHE-RSA-AES256-GCM-SHA384 [2016-10-06 20:29:26.066782] Setting apache2/ssl/honorcipherorder [2016-10-06 20:29:26.245571] File: /etc/apache2/mods-available/ssl.conf (2016-10-06 20:29:26.506777) Syntax OK (2016-10-06 20:29:27.020121) error 2016-10-06 20:29:27 no=PSK-3DES-EDE-CBC-SHA (2016-10-06 20:29:27.025113) error 2016-10-06 20:29:27 **************** Test failed above this line (1) **************** [2016-10-06 20:29:27.066837] Unsetting apache2/ssl/honorcipherorder [2016-10-06 20:29:27.066917] Unsetting apache2/ssl/honorcipherorder [2016-10-06 20:29:27.234218] File: /etc/apache2/mods-available/ssl.conf One of the CVE-2016-2183*.quilt patches causes this, I'm still trying to understand why the server (apache2) doesn't select the 3DES cipher here that the client lists first. The CVE-2016-2183 patch is supposed to degrade all ciphers using 3DES from HIGH to MEDIUM, but that shouldn't apache2 cause to drop them, because the default for apache2/ssl/ciphersuite is HIGH:MEDIUM:!aNULL:!MD5:!RC4. It's something about the ordering of "PSK-3DES-EDE-CBC-SHA:DES-CBC3-SHA", the server prefers DES-CBC3-SHA for some reason over the first. I disabled the patches for CVE-2016-2183 since they don't raise the security baseline of UCS. Customers worried about this issue can disable 3DES explicitely, e.g. for apache2: apache2/ssl/ciphersuite='HIGH:MEDIUM:!aNULL:!MD5:!RC4:!3DES' Advisory adjusted. OK: 23_apache/22_ssl-order OK: aptitude install '?source-package(openssl)~i' OK: apt-get install libssl-dev OK: zless /usr/share/doc/openssl/changelog.Debian.gz OK: openssl s_client -connect localhost:636 # 443 OK: openssl s_client -connect localhost:443 -ssl3 OK: ldapsearch -ZZZ -x -D `ucr get ldap/hostdn` -y /etc/machine.secret dn OK: univention-certificate new -name test -days 1 OK: univention-certificate check -name test OK: univention-certificate dump -name test OK: univention-certificate list OK: openssl x509 -noout -text -in /etc/univention/ssl/ucsCA/CAcert.pem OK: mutt -f imaps://Administrator@$(dnsdomainname)@$(hostname -f)/ OK: w3m https://$(hostname -f)/ucs-overview/ OK: lynx https://$(hostname -f)/ucs-overview/ OK: curl -k https://$(hostname -f)/ucs-overview/ OK: errata-announce -V --only openssl.yaml OK: openssl.yaml Fixes: OK: CVE-2016-2177 OK: CVE-2016-2178 OK: CVE-2016-2179 OK: CVE-2016-2180 OK: CVE-2016-2181 OK: CVE-2016-2182 OK: CVE-2016-6302 OK: CVE-2016-6303 OK: CVE-2016-6304 OK: CVE-2016-6306 OK: CVE-2016-7052 Unfixed: OK: CVE-2016-2183 DISABLED ???: CVE-2015-7575 <https://security-tracker.debian.org/tracker/CVE-2015-7575> <https://git.openssl.org/?p=openssl.git;a=commitdiff;h=5e1ff664f95ab4c9176b3e86b5111e5777bad61a> Already fixed: OK: CVE-2016-2107,CVE-2016-2105,CVE-2016-2106,CVE-2016-2109 OK: CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0702,CVE-2016-0705 OK: CVE-2016-0800,CVE-2016-0701 OK: CVE-2016-0701,CVE-2015-3193,CVE-2015-3194,CVE-2015-3195 Not affected: OK: CVE-2015-3196 OK: CVE-2016-2176 <https://git.openssl.org/?p=openssl.git;a=commit;h=ea96ad5a206b7b5f25dad230333e8> |