
- --------------------------------------------------------------------------
Debian Security Advisory DSA 288-1                     security@debian.org 
Debian -- Security Information                              Martin Schulze
April 17th, 2003                         Debian -- Debian security FAQ 
- --------------------------------------------------------------------------

Package        : openssl
Vulnerability  : several vulnerabilities
Problem-Type   : remote
Debian-specific: no
CVE Id         : CAN-2003-0147 CAN-2003-0131

Researchers discovered two flaws in OpenSSL, a Secure Socket Layer
(SSL) library and related cryptographic tools.  Applications that are
linked against this library are generally vulnerable to attacks that
could leak the server's private key or make the encrypted session
decryptable otherwise.  The Common Vulnerabilities and Exposures (CVE)
project identified the following vulnerabilities:

CAN-2003-0147

   OpenSSL does not use RSA blinding by default, which allows local and
   remote attackers to obtain the server's private key.

CAN-2003-0131

   The SSL and allow remote attackers to perform an unauthorized RSA
   private key operation that cause OpenSSL to leak information
   regarding the relationship between ciphertext and the associated
   plaintext.

For the stable distribution (woody) these problems have been fixed in
version 0.9.6c-2.woody.3.

For the old stable distribution (potato) these problems have been
fixed in version 0.9.6c-0.potato.6.

For the unstable distribution (sid) these problems have been fixed in
version 0.9.7b-1 of openssl and version 0.9.6j-1 of openssl096.

We recommend that you upgrade your openssl packages immediately and
restart the applications that use OpenSSL.

Unfortunately, RSA blinding is not thread-safe and will cause failures
for programs that use threads and OpenSSL such as stunnel.  However,
since the proposed fix would change the binary interface (ABI),
programs that are dynamically linked against OpenSSL won't run
anymore.  This is a dilemma we can't solve.

You will have to decide whether you want the security update which is
not thread-safe and recompile all applications that apparently fail
after the upgrade, or fetch the additional source packages at the end
of this advisory, recompile it and use a thread-safe OpenSSL library
again, but also recompile all applications that make use of it (such
as apache-ssl, mod_ssl, ssh etc.).

However, since only very few packages use threads and link against the
OpenSSL library most users will be able to use packages from this
update without any problems.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Source archives:

      
      Size/MD5 checksum:      634 10591fc4770bca4a1f9ea379776d6984
      
      Size/MD5 checksum:    43587 0fe901b034e33fa6438f2eaa8ff944e8
      
      Size/MD5 checksum:  2153980 c8261d93317635d56df55650c6aeb3dc

  Architecture independent components:

      
      Size/MD5 checksum:      974 bec952e2a37b656b0a119d34b49e5b76

  Alpha architecture:

      
      Size/MD5 checksum:  1550896 18a0220e4fe8a40d284949fb152793d2
      
      Size/MD5 checksum:   591474 c7372983cf09686d71419432f441d975
      
      Size/MD5 checksum:   746872 dd4f597dd5bbd758cb1ba62d7dc9f859

  ARM architecture:

      
      Size/MD5 checksum:  1349872 91e13598de08a3644db2922a30a679ac
      
      Size/MD5 checksum:   470164 6fa5ef903dd2a8a0b29cd71f406fdc6f
      
      Size/MD5 checksum:   730160 1b35d2d5bbb68459fa63c5a7f2d6c10d

  Intel IA-32 architecture:

      
      Size/MD5 checksum:  1288032 3850ab8283aca40c94ca9a00647d6310
      
      Size/MD5 checksum:   464042 3a55b08aa1d4cf668ccb1293db131cb4
      
      Size/MD5 checksum:   724766 1d1a726fce6def52ceed5481dfbcfd16

  Motorola 680x0 architecture:

      
      Size/MD5 checksum:  1263766 978b891779cee8ec309333256f7c9359
      
      Size/MD5 checksum:   452710 7ad96d59e082d4eaa7d2f80c65a26eb0
      
      Size/MD5 checksum:   721640 f05db1fde1a6487f192c79e695afc498

  PowerPC architecture:

      
      Size/MD5 checksum:  1385386 c6b4d0b82af7e7da562e89836add31cd
      
      Size/MD5 checksum:   504304 f3f74025eb51a78191717d00ca2ed9bc
      
      Size/MD5 checksum:   727426 a166aa6d87cde7df75c62d92eb185b74

  Sun Sparc architecture:

      
      Size/MD5 checksum:  1343526 4918ae13675c2ac1f33324fa499e545b
      
      Size/MD5 checksum:   484244 923e7e5aa94449f5a659b43bc1332b36
      
      Size/MD5 checksum:   738452 4b94d3325744a8275922af9ff0c9977c


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

      
      Size/MD5 checksum:      632 c319c5b91489189a4cd08e2d5ad9db24
      
      Size/MD5 checksum:    44230 523138ce8166309cff8708422c45f25d
      
      Size/MD5 checksum:  2153980 c8261d93317635d56df55650c6aeb3dc

  Architecture independent components:

      
      Size/MD5 checksum:      974 7dec86ca4a69dc9f31b301e73b7caaf8

  Alpha architecture:

      
      Size/MD5 checksum:  1551332 9f26f7d9e8de5d10970d71380a1c4ac3
      
      Size/MD5 checksum:   571108 8f0ce22ecbe4258afe9da1854913236a
      
      Size/MD5 checksum:   736170 5f480e031750c0d342bfe39f85f5aca7

  ARM architecture:

      
      Size/MD5 checksum:  1357932 7d54731ce61c36fea971ac7b470f455e
      
      Size/MD5 checksum:   473936 84b8cf64bb93d762c46301a9ebb5bda1
      
      Size/MD5 checksum:   729648 14eb0ca3b7b1ed398429cb32973fa5d3

  Intel IA-32 architecture:

      
      Size/MD5 checksum:  1290214 0e2f917c1e6a5ddb0ce86ba5ab7db78d
      
      Size/MD5 checksum:   461564 48537d32b42d35ef1d716a10be1ae3b4
      
      Size/MD5 checksum:   722960 89f47586c8c141050bae0a53dfb5fc6d

  Intel IA-64 architecture:

      
      Size/MD5 checksum:  1615338 70bf2b0a8e890ae272266a5009d9e348
      
      Size/MD5 checksum:   710900 9d150d59bff981cdb3243c4f5351714d
      
      Size/MD5 checksum:   763438 b7029961edc6506e3721e5963a1a4e00

  HP Precision architecture:

      
      Size/MD5 checksum:  1434914 f8986d3f878776b79f2bbe0b03267bc2
      
      Size/MD5 checksum:   564778 fae0d532efb2e022bfe56a4823b98b0c
      
      Size/MD5 checksum:   741772 b3a93bc9f7003e1d691904f7ee795183

  Motorola 680x0 architecture:

      
      Size/MD5 checksum:  1266522 0a456cebb2b98edb7f83258a7dda52a3
      
      Size/MD5 checksum:   450532 7331cb9cfff14f8c676d566a2ea99da1
      
      Size/MD5 checksum:   720300 12f5e2cd2e9bc7e6754e8c5b2bb9a98a

  Big endian MIPS architecture:

      
      Size/MD5 checksum:  1416102 9e76c0e93e6a56aee5eb7c236cc2800c
      
      Size/MD5 checksum:   483556 39302c76273cd278f5ff3bddd79ac002
      
      Size/MD5 checksum:   717674 c0102138e017690bd2e2bacbbb7923e1

  Little endian MIPS architecture:

      
      Size/MD5 checksum:  1410154 2d8f191b102de75965d8027f9b9e59c3
      
      Size/MD5 checksum:   476594 e57c083d10e9480f4918b926c045277f
      
      Size/MD5 checksum:   716996 73e406755be34bcd4ab4375e32fe31b0

  PowerPC architecture:

      
      Size/MD5 checksum:  1386698 8b296b0c0c73592d9bc712cbc1623371
      
      Size/MD5 checksum:   502292 d2b5ab4e74589b60b3431ccf9878698c
      
      Size/MD5 checksum:   726550 894d497326cff93c1ea2598874dd3cf6

  IBM S/390 architecture:

      
      Size/MD5 checksum:  1326332 e2bd80e76e1143879ea3108bcbfd8dbf
      
      Size/MD5 checksum:   510344 3995f9758870aef5910e2a6c2f9131f7
      
      Size/MD5 checksum:   731512 f3f492d0fba0f3705b25bd338898194b

  Sun Sparc architecture:

      
      Size/MD5 checksum:  1344130 f4170862c53fa45168eeb37472b8f156
      
      Size/MD5 checksum:   484622 6e7c3a1af508ac8108bbc000aab920aa
      
      Size/MD5 checksum:   737048 92a5777b5fc869bc6af8632b3e0f6b82


  These files will probably be moved into the stable distribution on
  its next revision.


Debian GNU/Linux 2.2 alias potato
- ---------------------------------

      
      Size/MD5 checksum:      634 625fa03d0b4f5a78f6ef87785882a586
      
      Size/MD5 checksum:    45821 7eacbcb7c936d6c710e8b1344698f5aa
      
      Size/MD5 checksum:  2153980 c8261d93317635d56df55650c6aeb3dc
      
      Size/MD5 checksum:     8350 e82621f5cad4cfa4dbff4d39556f85f3

Debian GNU/Linux 3.0 alias woody
- --------------------------------

      
      Size/MD5 checksum:      632 9fbbff3117baf67823df792ba68875fb
      
      Size/MD5 checksum:    46397 4dcd653f6295191c25c71f30b0150109
      
      Size/MD5 checksum:  2153980 c8261d93317635d56df55650c6aeb3dc
      
      Size/MD5 checksum:     8327 a6d1d8bbe917661d426f0669fbf0c78c


- ---------------------------------------------------------------------------------
For apt-get: deb  Debian -- Security Information  stable/updates main
For dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/

Debian: openssl multiple vulnerabilities

April 17, 2003

Applications that are linked against the openssl library are generally vulnerable to attacks that could leak the server's private key or make the encrypted sessiondecryptable other...

Summary

Researchers discovered two flaws in OpenSSL, a Secure Socket Layer
(SSL) library and related cryptographic tools. Applications that are
linked against this library are generally vulnerable to attacks that
could leak the server's private key or make the encrypted session
decryptable otherwise. The Common Vulnerabilities and Exposures (CVE)
project identified the following vulnerabilities:

CAN-2003-0147

OpenSSL does not use RSA blinding by default, which allows local and
remote attackers to obtain the server's private key.

CAN-2003-0131

The SSL and allow remote attackers to perform an unauthorized RSA
private key operation that cause OpenSSL to leak information
regarding the relationship between ciphertext and the associated
plaintext.

For the stable distribution (woody) these problems have been fixed in
version 0.9.6c-2.woody.3.

For the old stable distribution (potato) these problems have been
fixed in version 0.9.6c-0.potato.6.

For the unstable distribution (sid) these problems have been fixed in
version 0.9.7b-1 of openssl and version 0.9.6j-1 of openssl096.

We recommend that you upgrade your openssl packages immediately and
restart the applications that use OpenSSL.

Unfortunately, RSA blinding is not thread-safe and will cause failures
for programs that use threads and OpenSSL such as stunnel. However,
since the proposed fix would change the binary interface (ABI),
programs that are dynamically linked against OpenSSL won't run
anymore. This is a dilemma we can't solve.

You will have to decide whether you want the security update which is
not thread-safe and recompile all applications that apparently fail
after the upgrade, or fetch the additional source packages at the end
of this advisory, recompile it and use a thread-safe OpenSSL library
again, but also recompile all applications that make use of it (such
as apache-ssl, mod_ssl, ssh etc.).

However, since only very few packages use threads and link against the
OpenSSL library most users will be able to use packages from this
update without any problems.

Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 2.2 alias potato

Source archives:

Size/MD5 checksum: 634 10591fc4770bca4a1f9ea379776d6984

Size/MD5 checksum: 43587 0fe901b034e33fa6438f2eaa8ff944e8

Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc

Architecture independent components:

Size/MD5 checksum: 974 bec952e2a37b656b0a119d34b49e5b76

Alpha architecture:

Size/MD5 checksum: 1550896 18a0220e4fe8a40d284949fb152793d2

Size/MD5 checksum: 591474 c7372983cf09686d71419432f441d975

Size/MD5 checksum: 746872 dd4f597dd5bbd758cb1ba62d7dc9f859

ARM architecture:

Size/MD5 checksum: 1349872 91e13598de08a3644db2922a30a679ac

Size/MD5 checksum: 470164 6fa5ef903dd2a8a0b29cd71f406fdc6f

Size/MD5 checksum: 730160 1b35d2d5bbb68459fa63c5a7f2d6c10d

Intel IA-32 architecture:

Size/MD5 checksum: 1288032 3850ab8283aca40c94ca9a00647d6310

Size/MD5 checksum: 464042 3a55b08aa1d4cf668ccb1293db131cb4

Size/MD5 checksum: 724766 1d1a726fce6def52ceed5481dfbcfd16

Motorola 680x0 architecture:

Size/MD5 checksum: 1263766 978b891779cee8ec309333256f7c9359

Size/MD5 checksum: 452710 7ad96d59e082d4eaa7d2f80c65a26eb0

Size/MD5 checksum: 721640 f05db1fde1a6487f192c79e695afc498

PowerPC architecture:

Size/MD5 checksum: 1385386 c6b4d0b82af7e7da562e89836add31cd

Size/MD5 checksum: 504304 f3f74025eb51a78191717d00ca2ed9bc

Size/MD5 checksum: 727426 a166aa6d87cde7df75c62d92eb185b74

Sun Sparc architecture:

Size/MD5 checksum: 1343526 4918ae13675c2ac1f33324fa499e545b

Size/MD5 checksum: 484244 923e7e5aa94449f5a659b43bc1332b36

Size/MD5 checksum: 738452 4b94d3325744a8275922af9ff0c9977c

Debian GNU/Linux 3.0 alias woody

Source archives:

Size/MD5 checksum: 632 c319c5b91489189a4cd08e2d5ad9db24

Size/MD5 checksum: 44230 523138ce8166309cff8708422c45f25d

Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc

Architecture independent components:

Size/MD5 checksum: 974 7dec86ca4a69dc9f31b301e73b7caaf8

Alpha architecture:

Size/MD5 checksum: 1551332 9f26f7d9e8de5d10970d71380a1c4ac3

Size/MD5 checksum: 571108 8f0ce22ecbe4258afe9da1854913236a

Size/MD5 checksum: 736170 5f480e031750c0d342bfe39f85f5aca7

ARM architecture:

Size/MD5 checksum: 1357932 7d54731ce61c36fea971ac7b470f455e

Size/MD5 checksum: 473936 84b8cf64bb93d762c46301a9ebb5bda1

Size/MD5 checksum: 729648 14eb0ca3b7b1ed398429cb32973fa5d3

Intel IA-32 architecture:

Size/MD5 checksum: 1290214 0e2f917c1e6a5ddb0ce86ba5ab7db78d

Size/MD5 checksum: 461564 48537d32b42d35ef1d716a10be1ae3b4

Size/MD5 checksum: 722960 89f47586c8c141050bae0a53dfb5fc6d

Intel IA-64 architecture:

Size/MD5 checksum: 1615338 70bf2b0a8e890ae272266a5009d9e348

Size/MD5 checksum: 710900 9d150d59bff981cdb3243c4f5351714d

Size/MD5 checksum: 763438 b7029961edc6506e3721e5963a1a4e00

HP Precision architecture:

Size/MD5 checksum: 1434914 f8986d3f878776b79f2bbe0b03267bc2

Size/MD5 checksum: 564778 fae0d532efb2e022bfe56a4823b98b0c

Size/MD5 checksum: 741772 b3a93bc9f7003e1d691904f7ee795183

Motorola 680x0 architecture:

Size/MD5 checksum: 1266522 0a456cebb2b98edb7f83258a7dda52a3

Size/MD5 checksum: 450532 7331cb9cfff14f8c676d566a2ea99da1

Size/MD5 checksum: 720300 12f5e2cd2e9bc7e6754e8c5b2bb9a98a

Big endian MIPS architecture:

Size/MD5 checksum: 1416102 9e76c0e93e6a56aee5eb7c236cc2800c

Size/MD5 checksum: 483556 39302c76273cd278f5ff3bddd79ac002

Size/MD5 checksum: 717674 c0102138e017690bd2e2bacbbb7923e1

Little endian MIPS architecture:

Size/MD5 checksum: 1410154 2d8f191b102de75965d8027f9b9e59c3

Size/MD5 checksum: 476594 e57c083d10e9480f4918b926c045277f

Size/MD5 checksum: 716996 73e406755be34bcd4ab4375e32fe31b0

PowerPC architecture:

Size/MD5 checksum: 1386698 8b296b0c0c73592d9bc712cbc1623371

Size/MD5 checksum: 502292 d2b5ab4e74589b60b3431ccf9878698c

Size/MD5 checksum: 726550 894d497326cff93c1ea2598874dd3cf6

IBM S/390 architecture:

Size/MD5 checksum: 1326332 e2bd80e76e1143879ea3108bcbfd8dbf

Size/MD5 checksum: 510344 3995f9758870aef5910e2a6c2f9131f7

Size/MD5 checksum: 731512 f3f492d0fba0f3705b25bd338898194b

Sun Sparc architecture:

Size/MD5 checksum: 1344130 f4170862c53fa45168eeb37472b8f156

Size/MD5 checksum: 484622 6e7c3a1af508ac8108bbc000aab920aa

Size/MD5 checksum: 737048 92a5777b5fc869bc6af8632b3e0f6b82

These files will probably be moved into the stable distribution on
its next revision.

Debian GNU/Linux 2.2 alias potato

Size/MD5 checksum: 634 625fa03d0b4f5a78f6ef87785882a586

Size/MD5 checksum: 45821 7eacbcb7c936d6c710e8b1344698f5aa

Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc

Size/MD5 checksum: 8350 e82621f5cad4cfa4dbff4d39556f85f3

Debian GNU/Linux 3.0 alias woody

Size/MD5 checksum: 632 9fbbff3117baf67823df792ba68875fb

Size/MD5 checksum: 46397 4dcd653f6295191c25c71f30b0150109

Size/MD5 checksum: 2153980 c8261d93317635d56df55650c6aeb3dc

Size/MD5 checksum: 8327 a6d1d8bbe917661d426f0669fbf0c78c

For apt-get: deb Debian -- Security Information stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/