Date:         Thu, 18 Oct 2007 16:43:05 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for openssl on SL5.x i386/x86_64
Comments: To: scientific-linux-errata@fnal.gov

Synopsis:	Important: openssl security update
Issue date:	2007-10-12
CVE Names:	CVE-2007-3108 CVE-2007-4995 CVE-2007-5135

OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and
Transport Layer Security (TLS v1) protocols as well as a full-strength
general purpose cryptography library. Datagram TLS (DTLS) is a protocol
based on TLS that is capable of securing datagram transport (UDP for
instance).

The OpenSSL security team discovered a flaw in DTLS support.  An attacker
could create a malicious client or server that could trigger a heap
overflow. This is possibly exploitable to run arbitrary code, but it has
not been verified  (CVE-2007-5135). Note that this flaw only affects
applications making use of DTLS. Scientific Linux does not ship any DTLS client 
or server applications.

A flaw was found in the SSL_get_shared_ciphers() utility function. An
attacker could send a list of ciphers to an application that used this
function and overrun a buffer with a single byte (CVE-2007-4995). Few
applications make use of this vulnerable function and generally it is used
only when applications are compiled for debugging.

A number of possible side-channel attacks were discovered affecting
OpenSSL. A local attacker could possibly obtain RSA private keys being
used on a system. In practice these attacks would be difficult to perform
outside of a lab environment. This update contains backported patches
designed to mitigate these issues.  (CVE-2007-3108).

Users of OpenSSL should upgrade to these updated packages, which contain
backported patches to resolve these issues.

Please note that the fix for the DTLS flaw involved an overhaul of the DTLS
handshake processing which may introduce incompatibilities if a new client
is used with an older server.

After installing this update, users are advised to either restart all
services that use OpenSSL or restart their system.

SL 5.x

   SRPMS:
openssl-0.9.8b-8.3.el5.2.src.rpm
   i386:
openssl-0.9.8b-8.3.el5.2.i386.rpm
openssl-0.9.8b-8.3.el5.2.i686.rpm
openssl-devel-0.9.8b-8.3.el5.2.i386.rpm
openssl-perl-0.9.8b-8.3.el5.2.i386.rpm
   x86_64:
openssl-0.9.8b-8.3.el5.2.i686.rpm
openssl-0.9.8b-8.3.2.x86_64.rpm
openssl-devel-0.9.8b-8.3.el5.2.i386.rpm
openssl-devel-0.9.8b-8.3.2.x86_64.rpm
openssl-perl-0.9.8b-8.3.2.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2007-3108 openssl SL5.x i386/x86_64

Important: openssl security update

Summary

Date:         Thu, 18 Oct 2007 16:43:05 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA for openssl on SL5.x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis:	Important: openssl security updateIssue date:	2007-10-12CVE Names:	CVE-2007-3108 CVE-2007-4995 CVE-2007-5135OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) andTransport Layer Security (TLS v1) protocols as well as a full-strengthgeneral purpose cryptography library. Datagram TLS (DTLS) is a protocolbased on TLS that is capable of securing datagram transport (UDP forinstance).The OpenSSL security team discovered a flaw in DTLS support.  An attackercould create a malicious client or server that could trigger a heapoverflow. This is possibly exploitable to run arbitrary code, but it hasnot been verified  (CVE-2007-5135). Note that this flaw only affectsapplications making use of DTLS. Scientific Linux does not ship any DTLS client or server applications.A flaw was found in the SSL_get_shared_ciphers() utility function. Anattacker could send a list of ciphers to an application that used thisfunction and overrun a buffer with a single byte (CVE-2007-4995). Fewapplications make use of this vulnerable function and generally it is usedonly when applications are compiled for debugging.A number of possible side-channel attacks were discovered affectingOpenSSL. A local attacker could possibly obtain RSA private keys beingused on a system. In practice these attacks would be difficult to performoutside of a lab environment. This update contains backported patchesdesigned to mitigate these issues.  (CVE-2007-3108).Users of OpenSSL should upgrade to these updated packages, which containbackported patches to resolve these issues.Please note that the fix for the DTLS flaw involved an overhaul of the DTLShandshake processing which may introduce incompatibilities if a new clientis used with an older server.After installing this update, users are advised to either restart allservices that use OpenSSL or restart their system.SL 5.x   SRPMS:openssl-0.9.8b-8.3.el5.2.src.rpm   i386:openssl-0.9.8b-8.3.el5.2.i386.rpmopenssl-0.9.8b-8.3.el5.2.i686.rpmopenssl-devel-0.9.8b-8.3.el5.2.i386.rpmopenssl-perl-0.9.8b-8.3.el5.2.i386.rpm   x86_64:openssl-0.9.8b-8.3.el5.2.i686.rpmopenssl-0.9.8b-8.3.2.x86_64.rpmopenssl-devel-0.9.8b-8.3.el5.2.i386.rpmopenssl-devel-0.9.8b-8.3.2.x86_64.rpmopenssl-perl-0.9.8b-8.3.2.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved