diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-15:26.openssl.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-SA-15:26.openssl.asc | 168 |
1 files changed, 0 insertions, 168 deletions
diff --git a/share/security/advisories/FreeBSD-SA-15:26.openssl.asc b/share/security/advisories/FreeBSD-SA-15:26.openssl.asc deleted file mode 100644 index aa9a314dd9..0000000000 --- a/share/security/advisories/FreeBSD-SA-15:26.openssl.asc +++ /dev/null @@ -1,168 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -============================================================================= -FreeBSD-SA-15:26.openssl Security Advisory - The FreeBSD Project - -Topic: Multiple OpenSSL vulnerabilities - -Category: contrib -Module: openssl -Announced: 2015-12-05 -Affects: All supported versions of FreeBSD. -Corrected: 2015-12-03 21:18:48 UTC (stable/10, 10.2-STABLE) - 2015-12-05 09:53:58 UTC (releng/10.2, 10.2-RELEASE-p8) - 2015-12-05 09:53:58 UTC (releng/10.1, 10.1-RELEASE-p25) - 2015-12-03 21:24:40 UTC (stable/9, 9.3-STABLE) - 2015-12-05 09:53:58 UTC (releng/9.3, 9.3-RELEASE-p31) -CVE Name: CVE-2015-3194, CVE-2015-3195, CVE-2015-3196 - -For general information regarding FreeBSD Security Advisories, -including descriptions of the fields above, security branches, and the -following sections, please visit <URL:https://security.FreeBSD.org/>. - -I. Background - -FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is -a collaborative effort to develop a robust, commercial-grade, full-featured -Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) -and Transport Layer Security (TLS v1) protocols as well as a full-strength -general purpose cryptography library. - -II. Problem Description - -The signature verification routines will crash with a NULL pointer dereference -if presented with an ASN.1 signature using the RSA PSS algorithm and absent -mask generation function parameter. [CVE-2015-3194] - -When presented with a malformed X509_ATTRIBUTE structure, OpenSSL will leak -memory. [CVE-2015-3195] - -If PSK identity hints are received by a multi-threaded client then the values -are incorrectly updated in the parent SSL_CTX structure. [CVE-2015-3196] - -III. Impact - -A remote attacker who can present a specifically crafted certificate may -cause a OpenSSL client or server application that performs certificate -signature verification to crash with a NULL pointer dereference, resulting -in a Denial of Service. [CVE-2015-3194] This affects FreeBSD 10.x only. - -An attacker who is able to feed specifically crafted PKCS#7/CMS data to an -OpenSSL application can cause memory leak which may eventually result in a -Denial of Service. [CVE-2015-3195] - -A remote attacker who can send PSK identity hints to a multi-thread client -may trigger a double fault of hint data, which may lead to crash the client -application. [CVE-2015-3196]. This affects FreeBSD 10.1 only. - -IV. Workaround - -No workaround is available. - -V. Solution - -Perform one of the following: - -1) Upgrade your vulnerable system to a supported FreeBSD stable or -release / security branch (releng) dated after the correction date. - -Reboot is optional but recommended. - -2) To update your vulnerable system via a binary patch: - -Systems running a RELEASE version of FreeBSD on the i386 or amd64 -platforms can be updated via the freebsd-update(8) utility: - -# freebsd-update fetch -# freebsd-update install - -Reboot is optional but recommended. - -3) To update your vulnerable system via a source code patch: - -The following patches have been verified to apply to the applicable -FreeBSD release branches. - -a) Download the relevant patch from the location below, and verify the -detached PGP signature using your PGP utility. - -[FreeBSD 9.3] -# fetch https://security.FreeBSD.org/patches/SA-15:26/openssl-9.3.patch -# fetch https://security.FreeBSD.org/patches/SA-15:26/openssl-9.3.patch.asc -# gpg --verify openssl-9.3.patch.asc - -[FreeBSD 10.1] -# fetch https://security.FreeBSD.org/patches/SA-15:26/openssl-10.1.patch -# fetch https://security.FreeBSD.org/patches/SA-15:26/openssl-10.1.patch.asc -# gpg --verify openssl-10.1.patch.asc - -[FreeBSD 10.2] -# fetch https://security.FreeBSD.org/patches/SA-15:26/openssl-10.2.patch -# fetch https://security.FreeBSD.org/patches/SA-15:26/openssl-10.2.patch.asc -# gpg --verify openssl-10.2.patch.asc - -b) Apply the patch. Execute the following commands as root: - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile the operating system using buildworld and installworld as -described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. - -Restart all deamons using the library, or reboot the system. - -VI. Correction details - -The following list contains the correction revision numbers for each -affected branch. - -Branch/path Revision -- ------------------------------------------------------------------------- -stable/9/ r291722 -releng/9.3/ r291854 -stable/10/ r291721 -releng/10.1/ r291854 -releng/10.2/ r291854 -- ------------------------------------------------------------------------- - -To see which files were modified by a particular revision, run the -following command, replacing NNNNNN with the revision number, on a -machine with Subversion installed: - -# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base - -Or visit the following URL, replacing NNNNNN with the revision number: - -<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> - -VII. References - -<URL:https://www.openssl.org/news/secadv/20151203.txt> - -<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194> - -<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195> - -<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196> - -The latest revision of this advisory is available at -<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:26.openssl.asc> ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.1.8 (FreeBSD) - -iQIcBAEBCgAGBQJWYrWXAAoJEO1n7NZdz2rnLS8QAJvvKkFk/l4lvh34dmy9rGU5 -pEoeR47Mw9KGirjARBwuOerqykBO+2vUPAnOFUMcQTuG4V23s9u2v9T8dO70feu8 -o6eTtYrOyliECEywoGmuKmTVjtpGnXTg5BeAuG6i/C2XphEB+6Qq7eCz64n8TZQN -NB9emfqE6p0/ndxf3oyrcgw6gLgawmfBH4cWGa07Vd9X2XVc6sPjODDoXmXS8uj3 -xtPNFy7L48YfMAhd6l55hO9qxqTY5Pq8EkvZVWPlCYSET+4FBwIIU6Nwpzgpr8bd -viTHhwk/pf5wk1rMZzQVbrriQ7vAW4TG6oVsbTHLLC/prNzmTvW2KPqXyWWscRHS -2HWQ1at/b0brA+0rnzEVMQk/nH2031AuXy8o1gizNJoLItuS9Lp7P6xOPaogqss5 -J1wmaEkWRSItCGlCIJAxiw1dqbk5tH8Isy1Axno7doTKloeLFanhdPoJP5BexLuo -Vbl7A92xQVJLJKLoklVy3QaiKmcbJ/tdgSeI7e3gP8MDkblvSd6UIvHQfUigrA5B -JXYQWQgsHpc3tIGaDsbnrkV27O0yUXNipnj8PAEgaknXX5n6Zpyz9Z9Vitfnj1tC -1LAGo/kW8+L1hAX3W5XgsIOe9jWxae19uTGOoaM8tnVtH5bQpjjdWFE2zunzzfJe -bCPjBJfZw5z5rvQAkBuY -=p0x+ ------END PGP SIGNATURE----- |