SciLinux: CVE-2007-3108 openssl SL5.x i386/x86_64
Summary
Date: Thu, 18 Oct 2007 16:43:05 -0500Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for openssl on SL5.x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Important: openssl security updateIssue date: 2007-10-12CVE Names: CVE-2007-3108 CVE-2007-4995 CVE-2007-5135OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) andTransport Layer Security (TLS v1) protocols as well as a full-strengthgeneral purpose cryptography library. Datagram TLS (DTLS) is a protocolbased on TLS that is capable of securing datagram transport (UDP forinstance).The OpenSSL security team discovered a flaw in DTLS support. An attackercould create a malicious client or server that could trigger a heapoverflow. This is possibly exploitable to run arbitrary code, but it hasnot been verified (CVE-2007-5135). Note that this flaw only affectsapplications making use of DTLS. Scientific Linux does not ship any DTLS client or server applications.A flaw was found in the SSL_get_shared_ciphers() utility function. Anattacker could send a list of ciphers to an application that used thisfunction and overrun a buffer with a single byte (CVE-2007-4995). Fewapplications make use of this vulnerable function and generally it is usedonly when applications are compiled for debugging.A number of possible side-channel attacks were discovered affectingOpenSSL. A local attacker could possibly obtain RSA private keys beingused on a system. In practice these attacks would be difficult to performoutside of a lab environment. This update contains backported patchesdesigned to mitigate these issues. (CVE-2007-3108).Users of OpenSSL should upgrade to these updated packages, which containbackported patches to resolve these issues.Please note that the fix for the DTLS flaw involved an overhaul of the DTLShandshake processing which may introduce incompatibilities if a new clientis used with an older server.After installing this update, users are advised to either restart allservices that use OpenSSL or restart their system.SL 5.x SRPMS:openssl-0.9.8b-8.3.el5.2.src.rpm i386:openssl-0.9.8b-8.3.el5.2.i386.rpmopenssl-0.9.8b-8.3.el5.2.i686.rpmopenssl-devel-0.9.8b-8.3.el5.2.i386.rpmopenssl-perl-0.9.8b-8.3.el5.2.i386.rpm x86_64:openssl-0.9.8b-8.3.el5.2.i686.rpmopenssl-0.9.8b-8.3.2.x86_64.rpmopenssl-devel-0.9.8b-8.3.el5.2.i386.rpmopenssl-devel-0.9.8b-8.3.2.x86_64.rpmopenssl-perl-0.9.8b-8.3.2.x86_64.rpm-Connie Sieh-Troy Dawson