Red Hat: RHSA-2007:0964-01 Important OpenSSL Buffer Overflow Issue

Updated OpenSSL packages that correct several security issues are now available for Red Hat Enterprise 5. This update has been rated as having important security impact by the Red Hat Security Response Team.

- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Important: openssl security update
Advisory ID:       RHSA-2007:0964-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0964.html
Issue date:        2007-10-12
Updated on:        2007-10-12
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-3108 CVE-2007-4995 CVE-2007-5135 
- ---------------------------------------------------------------------1. Summary:

Updated OpenSSL packages that correct several security issues are now
available for Red Hat Enterprise 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and
Transport Layer Security (TLS v1) protocols as well as a full-strength
general purpose cryptography library. Datagram TLS (DTLS) is a protocol
based on TLS that is capable of securing datagram transport (UDP for
instance). 

The OpenSSL security team discovered a flaw in DTLS support.  An attacker
could create a malicious client or server that could trigger a heap
overflow. This is possibly exploitable to run arbitrary code, but it has
not been verified  (CVE-2007-5135). Note that this flaw only affects
applications making use of DTLS. Red Hat does not ship any DTLS client or
server applications in Red Hat Enterprise Linux.

A flaw was found in the SSL_get_shared_ciphers() utility function. An
attacker could send a list of ciphers to an application that used this
function and overrun a buffer with a single byte (CVE-2007-4995). Few
applications make use of this vulnerable function and generally it is used
only when applications are compiled for debugging.

A number of possible side-channel attacks were discovered affecting
OpenSSL. A local attacker could possibly obtain RSA private keys being
used on a system. In practice these attacks would be difficult to perform
outside of a lab environment. This update contains backported patches
designed to mitigate these issues.  (CVE-2007-3108).

Users of OpenSSL should upgrade to these updated packages, which contain
backported patches to resolve these issues.  

Please note that the fix for the DTLS flaw involved an overhaul of the DTLS
handshake processing which may introduce incompatibilities if a new client
is used with an older server.

After installing this update, users are advised to either restart all
services that use OpenSSL or restart their system.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

245732 - CVE-2007-3108 RSA side-channel attack
309801 - CVE-2007-5135 openssl SSL_get_shared_ciphers() off-by-one
321191 - CVE-2007-4995 openssl dtls out of order vulnerabilitiy

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
0e1fead78b32ddfbd8f6e18dee20e8a0  openssl-0.9.8b-8.3.el5_0.2.src.rpm

i386:
66c597116250ca9316fb20bfc6065ce4  openssl-0.9.8b-8.3.el5_0.2.i386.rpm
1d73ecb68c0a68f2320d668076dcbec5  openssl-0.9.8b-8.3.el5_0.2.i686.rpm
ad1cb84a2d9618962f5564b9db03cb0e  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm
a45f8be73ac51f64c01d8c4704e89476  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm
998eaa38bde4414f7bfa9cc8394660f4  openssl-perl-0.9.8b-8.3.el5_0.2.i386.rpm

x86_64:
1d73ecb68c0a68f2320d668076dcbec5  openssl-0.9.8b-8.3.el5_0.2.i686.rpm
33d947406912ffb50948ddf17cc9e529  openssl-0.9.8b-8.3.el5_0.2.x86_64.rpm
a45f8be73ac51f64c01d8c4704e89476  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm
05725c88ab3d0d1abced8ec3556e0e05  openssl-debuginfo-0.9.8b-8.3.el5_0.2.x86_64.rpm
2e1118104315fd3e5387b5e0ca969266  openssl-perl-0.9.8b-8.3.el5_0.2.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
0e1fead78b32ddfbd8f6e18dee20e8a0  openssl-0.9.8b-8.3.el5_0.2.src.rpm

i386:
ad1cb84a2d9618962f5564b9db03cb0e  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm
2457b8ad85d2197e1195ece6d9688bc2  openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm

x86_64:
ad1cb84a2d9618962f5564b9db03cb0e  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm
05725c88ab3d0d1abced8ec3556e0e05  openssl-debuginfo-0.9.8b-8.3.el5_0.2.x86_64.rpm
2457b8ad85d2197e1195ece6d9688bc2  openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm
168a74a6be63fc1beb9b828da91bdfe5  openssl-devel-0.9.8b-8.3.el5_0.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
0e1fead78b32ddfbd8f6e18dee20e8a0  openssl-0.9.8b-8.3.el5_0.2.src.rpm

i386:
66c597116250ca9316fb20bfc6065ce4  openssl-0.9.8b-8.3.el5_0.2.i386.rpm
1d73ecb68c0a68f2320d668076dcbec5  openssl-0.9.8b-8.3.el5_0.2.i686.rpm
ad1cb84a2d9618962f5564b9db03cb0e  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm
a45f8be73ac51f64c01d8c4704e89476  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm
2457b8ad85d2197e1195ece6d9688bc2  openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm
998eaa38bde4414f7bfa9cc8394660f4  openssl-perl-0.9.8b-8.3.el5_0.2.i386.rpm

ia64:
1d73ecb68c0a68f2320d668076dcbec5  openssl-0.9.8b-8.3.el5_0.2.i686.rpm
b025d862ca952a0289f55e04156cedb0  openssl-0.9.8b-8.3.el5_0.2.ia64.rpm
a45f8be73ac51f64c01d8c4704e89476  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm
d0998e6d8191b972a01ddab5e222c0c8  openssl-debuginfo-0.9.8b-8.3.el5_0.2.ia64.rpm
e8766e171cebbc2897f0642a0add2244  openssl-devel-0.9.8b-8.3.el5_0.2.ia64.rpm
270be09d92822984dee0c4d7e786fce3  openssl-perl-0.9.8b-8.3.el5_0.2.ia64.rpm

ppc:
1141cf40960ae39388e4e8eeebc801b2  openssl-0.9.8b-8.3.el5_0.2.ppc.rpm
e30551ffb11d12b7252f95fa3a5a10c5  openssl-0.9.8b-8.3.el5_0.2.ppc64.rpm
83d060df03f60db508c5c8e7aaf35a3c  openssl-debuginfo-0.9.8b-8.3.el5_0.2.ppc.rpm
db703c98b117309f1c3a51524e1f9889  openssl-debuginfo-0.9.8b-8.3.el5_0.2.ppc64.rpm
a9b31f8ab0d0be84bf4a4c6a7f061187  openssl-devel-0.9.8b-8.3.el5_0.2.ppc.rpm
ae7a02136749eb6add2064d575fe2358  openssl-devel-0.9.8b-8.3.el5_0.2.ppc64.rpm
9552d697daafba170ecd82a0e265292a  openssl-perl-0.9.8b-8.3.el5_0.2.ppc.rpm

s390x:
b82c768d8fbb7ed7d62d867df39b96e5  openssl-0.9.8b-8.3.el5_0.2.s390.rpm
56868f24204f584792594cbec2744517  openssl-0.9.8b-8.3.el5_0.2.s390x.rpm
eb5842143f9b0cd8e801969784673e07  openssl-debuginfo-0.9.8b-8.3.el5_0.2.s390.rpm
16125099c4d353a157e231cbb178ada4  openssl-debuginfo-0.9.8b-8.3.el5_0.2.s390x.rpm
d1fdcc96b1e94d70339efe6ae9850ab7  openssl-devel-0.9.8b-8.3.el5_0.2.s390.rpm
f7ee8f120dbbebbc5a0a51b3e9f6a86b  openssl-devel-0.9.8b-8.3.el5_0.2.s390x.rpm
e543b01864c8ef794d90fc680ba1698d  openssl-perl-0.9.8b-8.3.el5_0.2.s390x.rpm

x86_64:
1d73ecb68c0a68f2320d668076dcbec5  openssl-0.9.8b-8.3.el5_0.2.i686.rpm
33d947406912ffb50948ddf17cc9e529  openssl-0.9.8b-8.3.el5_0.2.x86_64.rpm
ad1cb84a2d9618962f5564b9db03cb0e  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm
a45f8be73ac51f64c01d8c4704e89476  openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm
05725c88ab3d0d1abced8ec3556e0e05  openssl-debuginfo-0.9.8b-8.3.el5_0.2.x86_64.rpm
2457b8ad85d2197e1195ece6d9688bc2  openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm
168a74a6be63fc1beb9b828da91bdfe5  openssl-devel-0.9.8b-8.3.el5_0.2.x86_64.rpm
2e1118104315fd3e5387b5e0ca969266  openssl-perl-0.9.8b-8.3.el5_0.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://access.redhat.com/security/team/key#package

7. References:

https://www.cve.org/CVERecord?id=CVE-2007-3108
https://www.cve.org/CVERecord?id=CVE-2007-4995
https://www.cve.org/CVERecord?id=CVE-2007-5135
https://access.redhat.com/security/updates/classification#important

8. Contact:

The Red Hat security contact is .  More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

Red Hat: RHSA-2007:0964-01 Important OpenSSL Buffer Overflow Issue

red hat

October 12, 2007

Updated OpenSSL packages that correct several security issues are now available for Red Hat Enterprise 5. This update has been rated as having important security impact by the Re...

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

245732 - CVE-2007-3108 RSA side-channel attack 309801 - CVE-2007-5135 openssl SSL_get_shared_ciphers() off-by-one 321191 - CVE-2007-4995 openssl dtls out of order vulnerabilitiy

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS: 0e1fead78b32ddfbd8f6e18dee20e8a0 openssl-0.9.8b-8.3.el5_0.2.src.rpm

i386: 66c597116250ca9316fb20bfc6065ce4 openssl-0.9.8b-8.3.el5_0.2.i386.rpm 1d73ecb68c0a68f2320d668076dcbec5 openssl-0.9.8b-8.3.el5_0.2.i686.rpm ad1cb84a2d9618962f5564b9db03cb0e openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm a45f8be73ac51f64c01d8c4704e89476 openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm 998eaa38bde4414f7bfa9cc8394660f4 openssl-perl-0.9.8b-8.3.el5_0.2.i386.rpm

x86_64: 1d73ecb68c0a68f2320d668076dcbec5 openssl-0.9.8b-8.3.el5_0.2.i686.rpm 33d947406912ffb50948ddf17cc9e529 openssl-0.9.8b-8.3.el5_0.2.x86_64.rpm a45f8be73ac51f64c01d8c4704e89476 openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm 05725c88ab3d0d1abced8ec3556e0e05 openssl-debuginfo-0.9.8b-8.3.el5_0.2.x86_64.rpm 2e1118104315fd3e5387b5e0ca969266 openssl-perl-0.9.8b-8.3.el5_0.2.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS: 0e1fead78b32ddfbd8f6e18dee20e8a0 openssl-0.9.8b-8.3.el5_0.2.src.rpm

i386: ad1cb84a2d9618962f5564b9db03cb0e openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm 2457b8ad85d2197e1195ece6d9688bc2 openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm

x86_64: ad1cb84a2d9618962f5564b9db03cb0e openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm 05725c88ab3d0d1abced8ec3556e0e05 openssl-debuginfo-0.9.8b-8.3.el5_0.2.x86_64.rpm 2457b8ad85d2197e1195ece6d9688bc2 openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm 168a74a6be63fc1beb9b828da91bdfe5 openssl-devel-0.9.8b-8.3.el5_0.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS: 0e1fead78b32ddfbd8f6e18dee20e8a0 openssl-0.9.8b-8.3.el5_0.2.src.rpm

i386: 66c597116250ca9316fb20bfc6065ce4 openssl-0.9.8b-8.3.el5_0.2.i386.rpm 1d73ecb68c0a68f2320d668076dcbec5 openssl-0.9.8b-8.3.el5_0.2.i686.rpm ad1cb84a2d9618962f5564b9db03cb0e openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm a45f8be73ac51f64c01d8c4704e89476 openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm 2457b8ad85d2197e1195ece6d9688bc2 openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm 998eaa38bde4414f7bfa9cc8394660f4 openssl-perl-0.9.8b-8.3.el5_0.2.i386.rpm

ia64: 1d73ecb68c0a68f2320d668076dcbec5 openssl-0.9.8b-8.3.el5_0.2.i686.rpm b025d862ca952a0289f55e04156cedb0 openssl-0.9.8b-8.3.el5_0.2.ia64.rpm a45f8be73ac51f64c01d8c4704e89476 openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm d0998e6d8191b972a01ddab5e222c0c8 openssl-debuginfo-0.9.8b-8.3.el5_0.2.ia64.rpm e8766e171cebbc2897f0642a0add2244 openssl-devel-0.9.8b-8.3.el5_0.2.ia64.rpm 270be09d92822984dee0c4d7e786fce3 openssl-perl-0.9.8b-8.3.el5_0.2.ia64.rpm

ppc: 1141cf40960ae39388e4e8eeebc801b2 openssl-0.9.8b-8.3.el5_0.2.ppc.rpm e30551ffb11d12b7252f95fa3a5a10c5 openssl-0.9.8b-8.3.el5_0.2.ppc64.rpm 83d060df03f60db508c5c8e7aaf35a3c openssl-debuginfo-0.9.8b-8.3.el5_0.2.ppc.rpm db703c98b117309f1c3a51524e1f9889 openssl-debuginfo-0.9.8b-8.3.el5_0.2.ppc64.rpm a9b31f8ab0d0be84bf4a4c6a7f061187 openssl-devel-0.9.8b-8.3.el5_0.2.ppc.rpm ae7a02136749eb6add2064d575fe2358 openssl-devel-0.9.8b-8.3.el5_0.2.ppc64.rpm 9552d697daafba170ecd82a0e265292a openssl-perl-0.9.8b-8.3.el5_0.2.ppc.rpm

s390x: b82c768d8fbb7ed7d62d867df39b96e5 openssl-0.9.8b-8.3.el5_0.2.s390.rpm 56868f24204f584792594cbec2744517 openssl-0.9.8b-8.3.el5_0.2.s390x.rpm eb5842143f9b0cd8e801969784673e07 openssl-debuginfo-0.9.8b-8.3.el5_0.2.s390.rpm 16125099c4d353a157e231cbb178ada4 openssl-debuginfo-0.9.8b-8.3.el5_0.2.s390x.rpm d1fdcc96b1e94d70339efe6ae9850ab7 openssl-devel-0.9.8b-8.3.el5_0.2.s390.rpm f7ee8f120dbbebbc5a0a51b3e9f6a86b openssl-devel-0.9.8b-8.3.el5_0.2.s390x.rpm e543b01864c8ef794d90fc680ba1698d openssl-perl-0.9.8b-8.3.el5_0.2.s390x.rpm

x86_64: 1d73ecb68c0a68f2320d668076dcbec5 openssl-0.9.8b-8.3.el5_0.2.i686.rpm 33d947406912ffb50948ddf17cc9e529 openssl-0.9.8b-8.3.el5_0.2.x86_64.rpm ad1cb84a2d9618962f5564b9db03cb0e openssl-debuginfo-0.9.8b-8.3.el5_0.2.i386.rpm a45f8be73ac51f64c01d8c4704e89476 openssl-debuginfo-0.9.8b-8.3.el5_0.2.i686.rpm 05725c88ab3d0d1abced8ec3556e0e05 openssl-debuginfo-0.9.8b-8.3.el5_0.2.x86_64.rpm 2457b8ad85d2197e1195ece6d9688bc2 openssl-devel-0.9.8b-8.3.el5_0.2.i386.rpm 168a74a6be63fc1beb9b828da91bdfe5 openssl-devel-0.9.8b-8.3.el5_0.2.x86_64.rpm 2e1118104315fd3e5387b5e0ca969266 openssl-perl-0.9.8b-8.3.el5_0.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

Topics Covered

security advisory security update buffer overflow important red hat enterprise openssl dtls

References

https://www.cve.org/CVERecord?id=CVE-2007-3108 https://www.cve.org/CVERecord?id=CVE-2007-4995 https://www.cve.org/CVERecord?id=CVE-2007-5135 https://access.redhat.com/security/updates/classification#important

Package List

Severity

important

Lowest

Low

Medium

High

Critical

Advisory ID: RHSA-2007:0964-01

Advisory URL: https://access.redhat.com/errata/RHSA-2007:0964.html

Issue date: 2007-10-12

Updated on: 2007-10-12

Product: Red Hat Enterprise Linux

Topic

Topics Covered

security advisory security update buffer overflow important red hat enterprise openssl dtls

Relevant Releases Architectures

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Red Hat: RHSA-2007:0964-01 Important OpenSSL Buffer Overflow Issue

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Red Hat: RHSA-2007:0964-01 Important OpenSSL Buffer Overflow Issue

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Red Hat: RHSA-2007:0964-01 Important OpenSSL Buffer Overflow Issue

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Red Hat: RHSA-2007:0964-01 Important OpenSSL Buffer Overflow Issue

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!