Mandriva Linux Security Advisory 2011-137 - The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages, which allows remote attackers to cause a denial of service via out-of-order messages that violate the TLS protocol.
83fe8b76f3683d9eb0fcf02ef6b3ea18f900160bf76d8b38af1184c342723125
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:137
http://www.mandriva.com/security/
_______________________________________________________________________
Package : openssl
Date : September 28, 2011
Affected: 2010.1, 2011.
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in openssl:
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and
earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA)
is used for the ECDHE_ECDSA cipher suite, does not properly implement
curves over binary fields, which makes it easier for context-dependent
attackers to determine private keys via a timing attack and a lattice
calculation (CVE-2011-1945).
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not
initialize certain structure members, which makes it easier for
remote attackers to bypass CRL validation by using a nextUpdate value
corresponding to a time in the past (CVE-2011-3207).
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through
0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during
processing of handshake messages, which allows remote attackers
to cause a denial of service (application crash) via out-of-order
messages that violate the TLS protocol (CVE-2011-3210).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3210
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
bd60d1b484309734bc8071f8d56c78d4 2010.1/i586/libopenssl1.0.0-1.0.0a-1.8mdv2010.2.i586.rpm
db2a2d676ab59df2a7077f0888cbc7f5 2010.1/i586/libopenssl1.0.0-devel-1.0.0a-1.8mdv2010.2.i586.rpm
bbf3789a5da46dc0dde527352f15bb2d 2010.1/i586/libopenssl1.0.0-static-devel-1.0.0a-1.8mdv2010.2.i586.rpm
9a757b9d019b952696fbbf1bdb80571e 2010.1/i586/libopenssl-engines1.0.0-1.0.0a-1.8mdv2010.2.i586.rpm
2527313d11471e17bac3309941f7aaf8 2010.1/i586/openssl-1.0.0a-1.8mdv2010.2.i586.rpm
e9dbe57d404042917b3ed2bf233f2e41 2010.1/SRPMS/openssl-1.0.0a-1.8mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
6c11f02b7a582a4ff2129f3f4183ffdd 2010.1/x86_64/lib64openssl1.0.0-1.0.0a-1.8mdv2010.2.x86_64.rpm
16eb55a62466f8c8bb7b642011dea54a 2010.1/x86_64/lib64openssl1.0.0-devel-1.0.0a-1.8mdv2010.2.x86_64.rpm
080662986ef9f21128c2c4bca3d9e0aa 2010.1/x86_64/lib64openssl1.0.0-static-devel-1.0.0a-1.8mdv2010.2.x86_64.rpm
b58cfdb41d740a2176ea2f9d2a33cae5 2010.1/x86_64/lib64openssl-engines1.0.0-1.0.0a-1.8mdv2010.2.x86_64.rpm
6a8f48aea469d9183725bd22acfab8cc 2010.1/x86_64/openssl-1.0.0a-1.8mdv2010.2.x86_64.rpm
e9dbe57d404042917b3ed2bf233f2e41 2010.1/SRPMS/openssl-1.0.0a-1.8mdv2010.2.src.rpm
Mandriva Linux 2011:
5fd58662d6a52ac88efe81f989fc9ede 2011/i586/libopenssl1.0.0-1.0.0d-2.1-mdv2011.0.i586.rpm
aa9043268df01b6785c988947731908b 2011/i586/libopenssl-devel-1.0.0d-2.1-mdv2011.0.i586.rpm
3b749c8a41b714e84bd7732cd6ee5089 2011/i586/libopenssl-engines1.0.0-1.0.0d-2.1-mdv2011.0.i586.rpm
77d9dbad979416dd1b4af54b463c9858 2011/i586/libopenssl-static-devel-1.0.0d-2.1-mdv2011.0.i586.rpm
fb567a8bafc6b42337c85a0f33ff33cb 2011/i586/openssl-1.0.0d-2.1-mdv2011.0.i586.rpm
175e8639972a6d4fd2a632ef77a879b2 2011/SRPMS/openssl-1.0.0d-2.1.src.rpm
Mandriva Linux 2011/X86_64:
93891e6f060d2079ea9a4a949fe40a25 2011/x86_64/lib64openssl1.0.0-1.0.0d-2.1-mdv2011.0.x86_64.rpm
02a059bdb85b00ebcf029ed62142b5f6 2011/x86_64/lib64openssl-devel-1.0.0d-2.1-mdv2011.0.x86_64.rpm
136b35ff7bff01b4791b7b366cff6c88 2011/x86_64/lib64openssl-engines1.0.0-1.0.0d-2.1-mdv2011.0.x86_64.rpm
1aaf1d105b86c1be2a367d4189c12c3b 2011/x86_64/lib64openssl-static-devel-1.0.0d-2.1-mdv2011.0.x86_64.rpm
766878bba443c3d2163451d383591e79 2011/x86_64/openssl-1.0.0d-2.1-mdv2011.0.x86_64.rpm
175e8639972a6d4fd2a632ef77a879b2 2011/SRPMS/openssl-1.0.0d-2.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOgzHYmqjQ0CJFipgRAsTZAKDW2iAKcrQ2Wn3WUQOZKyrtR0wF/gCdE7Wq
p8MJC4PHvZEv/WH8jrDBGB0=
=oOhw
-----END PGP SIGNATURE-----