diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-06:23.openssl.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-SA-06:23.openssl.asc | 287 |
1 files changed, 0 insertions, 287 deletions
diff --git a/share/security/advisories/FreeBSD-SA-06:23.openssl.asc b/share/security/advisories/FreeBSD-SA-06:23.openssl.asc deleted file mode 100644 index c0997813bf..0000000000 --- a/share/security/advisories/FreeBSD-SA-06:23.openssl.asc +++ /dev/null @@ -1,287 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -============================================================================= -FreeBSD-SA-06:23.openssl Security Advisory - The FreeBSD Project - -Topic: Multiple problems in crypto(3) - -Category: contrib -Module: openssl -Announced: 2006-09-28 -Credits: Dr S N Henson, Tavis Ormandy, Will Drewry - Stephen Kiernan (Juniper SIRT) -Affects: All FreeBSD releases. -Corrected: 2006-09-29 13:44:03 UTC (RELENG_6, 6.2-PRERELEASE) - 2006-09-29 13:44:31 UTC (RELENG_6_1, 6.1-RELEASE-p9) - 2006-09-29 13:44:45 UTC (RELENG_6_0, 6.0-RELEASE-p14) - 2006-09-29 13:45:01 UTC (RELENG_5, 5.5-STABLE) - 2006-09-29 13:45:43 UTC (RELENG_5_5, 5.5-RELEASE-p7) - 2006-09-29 13:45:59 UTC (RELENG_5_4, 5.4-RELEASE-p21) - 2006-09-29 13:46:10 UTC (RELENG_5_3, 5.3-RELEASE-p36) - 2006-09-29 13:46:23 UTC (RELENG_4, 4.11-STABLE) - 2006-09-29 13:46:41 UTC (RELENG_4_11, 4.11-RELEASE-p24) -CVE Name: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4343 - -For general information regarding FreeBSD Security Advisories, -including descriptions of the fields above, security branches, and the -following sections, please visit <URL:http://security.FreeBSD.org/>. - -0. Revision History - -v1.0 2006-09-28 Initial release. -v1.1 2006-09-29 Corrected patch. - -I. Background - -FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is -a collaborative effort to develop a robust, commercial-grade, full-featured, -and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) -and Transport Layer Security (TLS v1) protocols as well as a full-strength -general purpose cryptography library. - -II. Problem Description - -Several problems have been found in OpenSSL: - -1. During the parsing of certain invalid ASN1 structures an error condition -is mishandled, possibly resulting in an infinite loop. [CVE-2006-2937] - -2. A buffer overflow exists in the SSL_get_shared_ciphers function. -[CVE-2006-3738] - -3. A NULL pointer may be dereferenced in the SSL version 2 client code. -[CVE-2006-4343] - -In addition, many applications using OpenSSL do not perform any validation -of the lengths of public keys being used. [CVE-2006-2940] - -III. Impact - -Servers which parse ASN1 data from untrusted sources may be vulnerable to -a denial of service attack. [CVE-2006-2937] - -An attacker accessing a server which uses SSL version 2 may be able to -execute arbitrary code with the privileges of that server. [CVE-2006-3738] - -A malicious SSL server can cause clients connecting using SSL version 2 to -crash. [CVE-2006-4343] - -Applications which perform public key operations using untrusted keys may -be vulnerable to a denial of service attack. [CVE-2006-2940] - -IV. Workaround - -No workaround is available, but not all of the vulnerabilities mentioned -affect all applications. - -V. Solution - -Perform one of the following: - -1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE, -or to the RELENG_6_1, RELENG_6_0, RELENG_5_5, RELENG_5_4, RELENG_5_3, -or RELENG_4_11 security branch dated after the correction date. - -2) To patch your present system: - -The following patch has been verified to apply to FreeBSD 4.11, 5.3, -5.4, 5.5, 6.0, and 6.1 systems. - -a) Download the patch from the location below, and verify the detached -PGP signature using your PGP utility. - -# fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch -# fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch.asc - -NOTE: The patch distributed at the time of the original advisory was -incorrect. Systems to which the original patch was applied should be -patched with the following corrective patch, which contains only the -changes between the original and updated patch: - -# fetch http://security.FreeBSD.org/patches/SA-06:23/openssl-correction.patch -# fetch http://security.FreeBSD.org/patches/SA-06:23/openssl-correction.patch.asc - -b) Execute the following commands as root: - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile the operating system as described in -<URL: http://www.freebsd.org/handbook/makeworld.html> and reboot the -system. - -NOTE: Any third-party applications, including those installed from the -FreeBSD ports collection, which are statically linked to libcrypto(3) -should be recompiled in order to use the corrected code. - -NOTE ALSO: The above patch reduces the functionality of libcrypto(3) by -prohibiting the use of exceptionally large public keys. It is believed -that no existing applications legitimately use such key lengths as would -be affected by this change. - -VI. Correction details - -The following list contains the revision numbers of each file that was -corrected in FreeBSD. - -Branch Revision - Path -- ------------------------------------------------------------------------- -RELENG_4 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.1.2.3 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.1.2.5 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.1.2.4 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.1.2.9 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.1.2.5 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.1.2.4 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.1.2.8 - src/crypto/openssl/crypto/rsa/rsa.h 1.2.2.9 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.2.4.9 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.1.2.4 - src/crypto/openssl/ssl/s2_clnt.c 1.2.2.9 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.1.2.10 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.1.2.9 -RELENG_4_11 - src/UPDATING 1.73.2.91.2.25 - src/sys/conf/newvers.sh 1.44.2.39.2.28 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.1.2.2.6.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.1.2.4.8.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.1.2.3.8.1 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.1.2.7.6.2 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.1.2.4.8.1 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.1.2.3.8.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.1.2.7.6.1 - src/crypto/openssl/crypto/rsa/rsa.h 1.2.2.8.4.1 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.2.4.8.4.1 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.1.2.3.8.1 - src/crypto/openssl/ssl/s2_clnt.c 1.2.2.8.4.1 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.1.2.9.4.1 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.1.2.8.4.1 -RELENG_5 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.4.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.6.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.6.2 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.4.3 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.6.2 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.6.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.4.2 - src/crypto/openssl/crypto/rsa/rsa.h 1.10.4.2 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.4.2 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.6.1 - src/crypto/openssl/ssl/s2_clnt.c 1.12.2.2 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.2.2 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.2 -RELENG_5_5 - src/UPDATING 1.342.2.35.2.7 - src/sys/conf/newvers.sh 1.62.2.21.2.9 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.16.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.18.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.6.1.4.1 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.4.1.4.2 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.6.1.4.1 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.18.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.4.1.4.1 - src/crypto/openssl/crypto/rsa/rsa.h 1.10.4.1.4.1 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.4.1.4.1 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.18.1 - src/crypto/openssl/ssl/s2_clnt.c 1.12.2.1.4.1 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.2.1.4.1 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.4.1 -RELENG_5_4 - src/UPDATING 1.342.2.24.2.30 - src/sys/conf/newvers.sh 1.62.2.18.2.26 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.8.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.10.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.6.1.2.1 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.4.1.2.2 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.6.1.2.1 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.10.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.4.1.2.1 - src/crypto/openssl/crypto/rsa/rsa.h 1.10.4.1.2.1 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.4.1.2.1 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.10.1 - src/crypto/openssl/ssl/s2_clnt.c 1.12.2.1.2.1 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.2.1.2.1 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.2.1.2.1 -RELENG_5_3 - src/UPDATING 1.342.2.13.2.39 - src/sys/conf/newvers.sh 1.62.2.15.2.41 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.6.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.8.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.4.8.1 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.8.6.2 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.6.8.1 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.8.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.7.6.1 - src/crypto/openssl/crypto/rsa/rsa.h 1.10.6.1 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.12.6.1 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.8.1 - src/crypto/openssl/ssl/s2_clnt.c 1.12.4.1 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.13.4.1 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.11.4.1 -RELENG_6 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.10.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.12.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.5.2.1 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.9.2.2 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.7.2.1 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.12.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.8.2.1 - src/crypto/openssl/crypto/rsa/rsa.h 1.11.2.1 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.13.2.1 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.12.1 - src/crypto/openssl/ssl/s2_clnt.c 1.13.2.1 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.2.1 -RELENG_6_1 - src/UPDATING 1.416.2.22.2.11 - src/sys/conf/newvers.sh 1.69.2.11.2.11 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.14.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.16.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.5.6.1 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.9.6.2 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.7.6.1 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.16.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.8.6.1 - src/crypto/openssl/crypto/rsa/rsa.h 1.11.6.1 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.13.6.1 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.16.1 - src/crypto/openssl/ssl/s2_clnt.c 1.13.6.1 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.6.1 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.6.1 -RELENG_6_0 - src/UPDATING 1.416.2.3.2.19 - src/sys/conf/newvers.sh 1.69.2.8.2.15 - src/crypto/openssl/crypto/asn1/tasn_dec.c 1.1.1.2.12.1 - src/crypto/openssl/crypto/dh/dh.h 1.1.1.6.14.1 - src/crypto/openssl/crypto/dh/dh_err.c 1.1.1.5.4.1 - src/crypto/openssl/crypto/dh/dh_key.c 1.1.1.9.4.2 - src/crypto/openssl/crypto/dsa/dsa.h 1.1.1.7.4.1 - src/crypto/openssl/crypto/dsa/dsa_err.c 1.1.1.4.14.1 - src/crypto/openssl/crypto/dsa/dsa_ossl.c 1.1.1.8.4.1 - src/crypto/openssl/crypto/rsa/rsa.h 1.11.4.1 - src/crypto/openssl/crypto/rsa/rsa_eay.c 1.13.4.1 - src/crypto/openssl/crypto/rsa/rsa_err.c 1.1.1.4.14.1 - src/crypto/openssl/ssl/s2_clnt.c 1.13.4.1 - src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.4.1 - src/crypto/openssl/ssl/ssl_lib.c 1.1.1.12.4.1 -- ------------------------------------------------------------------------- - -VII. References - -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 - -The latest revision of this advisory is available at -http://security.FreeBSD.org/advisories/FreeBSD-SA-06:23.openssl.asc ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.3 (FreeBSD) - -iD8DBQFFHSVwFdaIBMps37IRApTZAJ9YY6pldJ52FwtYHbMxsW5363NUgwCgl4tb -3jFuSkTKR6xVJ6ui4POBjkI= -=Bn+e ------END PGP SIGNATURE----- |