ID

VAR-201602-0272

CVE

CVE-2015-3197

TITLE

OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol

DESCRIPTION

ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. OpenSSL Security Advisory [28th Jan 2016] ========================================= NOTE: SUPPORT FOR VERSION 1.0.1 WILL BE ENDING ON 31ST DECEMBER 2016. NO SECURITY FIXES WILL BE PROVIDED AFTER THAT DATE. UNTIL THAT TIME SECURITY FIXES ONLY ARE BEING APPLIED. DH small subgroups (CVE-2016-0701) ================================== Severity: High Historically OpenSSL usually only ever generated DH parameters based on "safe" primes. More recently (in version 1.0.2) support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be "safe". Where an application is using DH configured with parameters based on primes that are not "safe" then an attacker could use this fact to find a peer's private DH exponent. This attack requires that the attacker complete multiple handshakes in which the peer uses the same private DH exponent. For example this could be used to discover a TLS server's private DH exponent if it's reusing the private DH exponent or it's using a static DH ciphersuite. OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in TLS. It is not on by default. If the option is not set then the server reuses the same private DH exponent for the life of the server process and would be vulnerable to this attack. It is believed that many popular applications do set this option and would therefore not be at risk. OpenSSL before 1.0.2f will reuse the key if: - SSL_CTX_set_tmp_dh()/SSL_set_tmp_dh() is used and SSL_OP_SINGLE_DH_USE is not set. - SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used, and both the parameters and the key are set and SSL_OP_SINGLE_DH_USE is not used. This is an undocumted feature and parameter files don't contain the key. - Static DH ciphersuites are used. The key is part of the certificate and so it will always reuse it. This is only supported in 1.0.2. It will not reuse the key for DHE ciphers suites if: - SSL_OP_SINGLE_DH_USE is set - SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used and the callback does not provide the key, only the parameters. The callback is almost always used like this. Non-safe primes are generated by OpenSSL when using: - genpkey with the dh_rfc5114 option. This will write an X9.42 style file including the prime-order subgroup size "q". This is supported since the 1.0.2 version. Older versions can't read files generated in this way. - dhparam with the -dsaparam option. This has always been documented as requiring the single use. The fix for this issue adds an additional check where a "q" parameter is available (as is the case in X9.42 based parameters). This detects the only known attack, and is the only possible defense for static DH ciphersuites. This could have some performance impact. Additionally the SSL_OP_SINGLE_DH_USE option has been switched on by default and cannot be disabled. This could have some performance impact. This issue affects OpenSSL version 1.0.2. OpenSSL 1.0.2 users should upgrade to 1.0.2f OpenSSL 1.0.1 is not affected by this CVE because it does not support X9.42 based parameters. It is possible to generate parameters using non "safe" primes, but this option has always been documented as requiring single use and is not the default or believed to be common. However, as a precaution, the SSL_OP_SINGLE_DH_USE change has also been backported to 1.0.1r. This issue was reported to OpenSSL on 12 January 2016 by Antonio Sanso (Adobe). The fix was developed by Matt Caswell of the OpenSSL development team (incorporating some work originally written by Stephen Henson of the OpenSSL core team). SSLv2 doesn't block disabled ciphers (CVE-2015-3197) ==================================================== Severity: Low A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2f OpenSSL 1.0.1 users should upgrade to 1.0.1r This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram and Sebastian Schinzel. The fix was developed by Nimrod Aviram with further development by Viktor Dukhovni of the OpenSSL development team. An update on DHE man-in-the-middle protection (Logjam) ==================================================================== A previously published vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000). OpenSSL added Logjam mitigation for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits in releases 1.0.2b and 1.0.1n. This limit has been increased to 1024 bits in this release, to offer stronger cryptographic assurance for all TLS connections using ephemeral Diffie-Hellman key exchange. OpenSSL 1.0.2 users should upgrade to 1.0.2f OpenSSL 1.0.1 users should upgrade to 1.0.1r The fix was developed by Kurt Roeckx of the OpenSSL development team. Note ==== As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade. Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20160128.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . Relevant releases/architectures: RHEL 7-based RHEV-H - noarch RHEV Hypervisor for RHEL-6 - noarch 3. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. (CVE-2015-3197) A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to recover RSA private keys. (CVE-2016-0702) A double-free flaw was found in the way OpenSSL parsed certain malformed DSA (Digital Signature Algorithm) private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. (CVE-2016-0705) An integer overflow flaw, leading to a NULL pointer dereference or a heap-based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code. Changes to the rhev-hypervisor component: * Previously, a race between services during boot prevented network configuration from upgrading correctly. The risk for the race has now been reduced significantly to allow the upgrade of the network configuration to complete correctly. (BZ#1194068) * Previously, using the text user interface (TUI) to log in to the administrator account of Red Hat Enterprise Virtualization Hypervisor failed with a Python backtrace. This update makes the "six" module correctly importable under all circumstances, which ensures that logging in to Red Hat Enterprise Virtualization Hypervisor using TUI proceeds as expected. (BZ#1246836) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0305-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0305.html Issue date: 2016-03-01 CVE Names: CVE-2015-3197 CVE-2016-0800 ===================================================================== 1. Summary: Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 6.6 and 7.1 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.1) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.6) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. (CVE-2016-0800) Note: This issue was addressed by disabling the SSLv2 protocol by default when using the 'SSLv23' connection methods, and removing support for weak SSLv2 cipher suites. For more information, refer to the knowledge base article linked to in the References section. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197) Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original reporters. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers 1310593 - CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN) 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.6): Source: openssl-1.0.1e-30.el6_6.12.src.rpm x86_64: openssl-1.0.1e-30.el6_6.12.i686.rpm openssl-1.0.1e-30.el6_6.12.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.6): x86_64: openssl-debuginfo-1.0.1e-30.el6_6.12.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.12.i686.rpm openssl-devel-1.0.1e-30.el6_6.12.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.12.x86_64.rpm openssl-static-1.0.1e-30.el6_6.12.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.6): Source: openssl-1.0.1e-30.el6_6.12.src.rpm i386: openssl-1.0.1e-30.el6_6.12.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.i686.rpm openssl-devel-1.0.1e-30.el6_6.12.i686.rpm ppc64: openssl-1.0.1e-30.el6_6.12.ppc.rpm openssl-1.0.1e-30.el6_6.12.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.12.ppc.rpm openssl-devel-1.0.1e-30.el6_6.12.ppc64.rpm s390x: openssl-1.0.1e-30.el6_6.12.s390.rpm openssl-1.0.1e-30.el6_6.12.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.s390x.rpm openssl-devel-1.0.1e-30.el6_6.12.s390.rpm openssl-devel-1.0.1e-30.el6_6.12.s390x.rpm x86_64: openssl-1.0.1e-30.el6_6.12.i686.rpm openssl-1.0.1e-30.el6_6.12.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.12.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.12.i686.rpm openssl-devel-1.0.1e-30.el6_6.12.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.6): i386: openssl-debuginfo-1.0.1e-30.el6_6.12.i686.rpm openssl-perl-1.0.1e-30.el6_6.12.i686.rpm openssl-static-1.0.1e-30.el6_6.12.i686.rpm ppc64: openssl-debuginfo-1.0.1e-30.el6_6.12.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.12.ppc64.rpm openssl-static-1.0.1e-30.el6_6.12.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-30.el6_6.12.s390x.rpm openssl-perl-1.0.1e-30.el6_6.12.s390x.rpm openssl-static-1.0.1e-30.el6_6.12.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-30.el6_6.12.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.12.x86_64.rpm openssl-static-1.0.1e-30.el6_6.12.x86_64.rpm Red Hat Enterprise Linux ComputeNode EUS (v. 7.1): Source: openssl-1.0.1e-42.el7_1.10.src.rpm x86_64: openssl-1.0.1e-42.el7_1.10.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.10.i686.rpm openssl-libs-1.0.1e-42.el7_1.10.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1): x86_64: openssl-debuginfo-1.0.1e-42.el7_1.10.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.10.i686.rpm openssl-devel-1.0.1e-42.el7_1.10.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.10.x86_64.rpm openssl-static-1.0.1e-42.el7_1.10.i686.rpm openssl-static-1.0.1e-42.el7_1.10.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.1): Source: openssl-1.0.1e-42.el7_1.10.src.rpm ppc64: openssl-1.0.1e-42.el7_1.10.ppc64.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.ppc64.rpm openssl-devel-1.0.1e-42.el7_1.10.ppc.rpm openssl-devel-1.0.1e-42.el7_1.10.ppc64.rpm openssl-libs-1.0.1e-42.el7_1.10.ppc.rpm openssl-libs-1.0.1e-42.el7_1.10.ppc64.rpm s390x: openssl-1.0.1e-42.el7_1.10.s390x.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.s390x.rpm openssl-devel-1.0.1e-42.el7_1.10.s390.rpm openssl-devel-1.0.1e-42.el7_1.10.s390x.rpm openssl-libs-1.0.1e-42.el7_1.10.s390.rpm openssl-libs-1.0.1e-42.el7_1.10.s390x.rpm x86_64: openssl-1.0.1e-42.el7_1.10.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.10.i686.rpm openssl-devel-1.0.1e-42.el7_1.10.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.10.i686.rpm openssl-libs-1.0.1e-42.el7_1.10.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.1): Source: openssl-1.0.1e-42.ael7b_1.10.src.rpm ppc64le: openssl-1.0.1e-42.ael7b_1.10.ppc64le.rpm openssl-debuginfo-1.0.1e-42.ael7b_1.10.ppc64le.rpm openssl-devel-1.0.1e-42.ael7b_1.10.ppc64le.rpm openssl-libs-1.0.1e-42.ael7b_1.10.ppc64le.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.1): ppc64: openssl-debuginfo-1.0.1e-42.el7_1.10.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.ppc64.rpm openssl-perl-1.0.1e-42.el7_1.10.ppc64.rpm openssl-static-1.0.1e-42.el7_1.10.ppc.rpm openssl-static-1.0.1e-42.el7_1.10.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-42.el7_1.10.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.s390x.rpm openssl-perl-1.0.1e-42.el7_1.10.s390x.rpm openssl-static-1.0.1e-42.el7_1.10.s390.rpm openssl-static-1.0.1e-42.el7_1.10.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-42.el7_1.10.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.10.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.10.x86_64.rpm openssl-static-1.0.1e-42.el7_1.10.i686.rpm openssl-static-1.0.1e-42.el7_1.10.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.1): ppc64le: openssl-debuginfo-1.0.1e-42.ael7b_1.10.ppc64le.rpm openssl-perl-1.0.1e-42.ael7b_1.10.ppc64le.rpm openssl-static-1.0.1e-42.ael7b_1.10.ppc64le.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-3197 https://access.redhat.com/security/cve/CVE-2016-0800 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2176731 https://drownattack.com/ https://openssl.org/news/secadv/20160128.txt https://openssl.org/news/secadv/20160301.txt 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFW1cKJXlSAg2UNWIIRAvEbAKCjEgYyIk4LLd+D90N9p8H+1R+GmACfWjVT QT6RoMNlqziq9pzdSbPTfk4= =2KJ2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1r-i486-1_slack14.1.txz: Upgraded. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1r-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1r-i486-1_slack14.0.txz Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1r-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1r-x86_64-1_slack14.0.txz Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1r-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1r-i486-1_slack14.1.txz Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1r-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1r-x86_64-1_slack14.1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2f-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2f-i586-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2f-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2f-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 packages: 0d6e8d3b27326c84b9996ed189868eba openssl-1.0.1r-i486-1_slack14.0.txz e3cb0b75e9df4be9d8fd1cfcd2fbd306 openssl-solibs-1.0.1r-i486-1_slack14.0.txz Slackware x86_64 14.0 packages: 7b52f4a43b42703a6840945d55f503ee openssl-1.0.1r-x86_64-1_slack14.0.txz eee92cb549bacae21e63bee22b9bb8d4 openssl-solibs-1.0.1r-x86_64-1_slack14.0.txz Slackware 14.1 packages: 5be72ab551b2064aa34c83b42a07ff85 openssl-1.0.1r-i486-1_slack14.1.txz b28e00a7124822258cfd137ab5ce0572 openssl-solibs-1.0.1r-i486-1_slack14.1.txz Slackware x86_64 14.1 packages: 8e0273b1e99e8caa48fcab2547f051e9 openssl-1.0.1r-x86_64-1_slack14.1.txz 60f3994c35679455cab7a984493d1fdb openssl-solibs-1.0.1r-x86_64-1_slack14.1.txz Slackware -current packages: 509771b1f7d58a682feb2099fdf3eb5d a/openssl-solibs-1.0.2f-i586-1.txz d72c0188f4223d1dc2d6080f8d99d92e n/openssl-1.0.2f-i586-1.txz Slackware x86_64 -current packages: 0c6653d3c37271f9f1a58a8c0e1f7b40 a/openssl-solibs-1.0.2f-x86_64-1.txz e4ebd1204644ea58e1779187fe071428 n/openssl-1.0.2f-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.0.1r-i486-1_slack14.1.txz openssl-solibs-1.0.1r-i486-1_slack14.1.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201601-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: January 29, 2016 Bugs: #572854 ID: 201601-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.2f >= 1.0.2f Description =========== Multiple vulnerabilities have been discovered in OpenSSL. Please review the upstream advisory and CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2f" References ========== [ 1 ] CVE-2015-3197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3197 [ 2 ] CVE-2016-0701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0701 [ 3 ] OpenSSL Security Advisory [28th Jan 2016] http://openssl.org/news/secadv/20160128.txt Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201601-05 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . (CVE-2016-0800) A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages

AFFECTED PRODUCTS