Bugzilla – Bug 584292
VUL-0: OpenSSL version 0.9.8m release
Last modified: 2012-03-15 10:19:45 UTC
openssl was released with the tls renegotiation extension. Since we've switched off tls renegotiations completely with a previous patch, therefore breaking some setups we should now backport the extension ASAP. Date: Thu, 25 Feb 2010 18:48:51 +0100 (CET) From: openssl@master.openssl.org (OpenSSL) To: openssl-announce@master.openssl.org, openssl-dev@master.openssl.org, openssl-users@master.openssl.org Subject: OpenSSL version 0.9.8m release -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenSSL version 0.9.8m released =============================== OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 0.9.8m of our open source toolkit for SSL/TLS. This new OpenSSL version is a security and bugfix release which implements RFC5746 to address renegotiation vulnerabilities mentioned in CVE-2009-3555. For a complete list of changes, please see http://www.openssl.org/source/exp/CHANGES. We consider OpenSSL 0.9.8m to be the best version of OpenSSL available and we strongly recommend that users of older versions upgrade as soon as possible. OpenSSL 0.9.8m is available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under http://www.openssl.org/source/mirror.html): * http://www.openssl.org/source/ * ftp://ftp.openssl.org/source/ The distribution file names are: o openssl-0.9.8m.tar.gz Size: 3767604 MD5 checksum: 898bf125370926d5f692a2201124f8ec SHA1 checksum: 2511c709a47f34d5fa6cd1a1c9cb1699bdffa912 The checksums were calculated using the following commands: openssl md5 openssl-0.9.*.tar.gz openssl sha1 openssl-0.9.*.tar.gz Yours, The OpenSSL Project Team... Mark J. Cox Nils Larsch Ulf Möller Ralf S. Engelschall Ben Laurie Andy Polyakov Dr. Stephen Henson Richard Levitte Geoff Thorpe Lutz Jänicke Bodo Möller -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEVAwUBS4a3ZaLSm3vylcdZAQKlvgf+NSkdicVCIXAzpEFcsVm6ZgcvgPMZ73eX 27OnIo6fIPc7uTt4uuCXQjp6yTBhSRFlsQw/KVT0vRujST+762Yq+uOKAPL7AqxI olGiz5hxMkNGnOybZvLKG3rVzKPFGGos5IRpIhORIXX6P/ks45EK8OOih1QgmybN EeUs8pvILDT/DPxdvieCWwD02OdK9DfmDvWeSqMgelFF22ASsR/HbHDq4MN8Ga39 NvLKiKybQO35Px2v0avDU1/kdUR08BUCo4xb8ezi7BXPHJTesUlYTwO97gvcirx8 MZpYDPPq0WWv/1cEMYo+UXNtsx4DxJcHpMFJ4ENxS6EOgWxC9zfRyA== =S925 -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majordomo@openssl.org
submitted to sle11-sp1.
*** Bug 588671 has been marked as a duplicate of this bug. ***
submitted to sle11,openSuSE11.1.
for sle10sp2 and sle10sp3,and openSuSE11.0, they have different openssl versions.So,it will take some time to patch them.
is it possible to update the openssl package to the same version in sle10sp2 and sle10sp3,and openSuSE11.0? thanks a lot.
sle10sp2 and sp3 have the same version already. I don't think we can version upgrade there. For 11.2 we have to ask maintenance.
(In reply to comment #11) > for openSuSE 11.2,it's better to update the version to the latest 0.9.8m. Why? Is the backport too difficult? (In reply to comment #0) > openssl was released with the tls renegotiation extension. > Since we've switched off tls renegotiations completely with a previous patch, > therefore breaking some setups we should now backport the extension ASAP. Seems so that the patch is also on 11.2 at the moment. Is it not too dangerous to upgrade?
can you also sbumit 0.9.8m to factory, so we get it before its crypto freeze?
(In reply to comment #15) > (In reply to comment #11) > > for openSuSE 11.2,it's better to update the version to the latest 0.9.8m. > > Why? Is the backport too difficult? for this issuse,there is a long code stream in upstream.so,it's a little difficult. > > (In reply to comment #0) > > openssl was released with the tls renegotiation extension. > > Since we've switched off tls renegotiations completely with a previous patch, > > therefore breaking some setups we should now backport the extension ASAP. > > Seems so that the patch is also on 11.2 at the moment. Is it not too dangerous > to upgrade? yes,the patch is on 11.2. Version 0.9.8m is a more security version,it includes security renegotiation implementation,so,it's not just a backport,it's an enhancement.
(In reply to comment #16) > can you also sbumit 0.9.8m to factory, so we get it before its crypto freeze? ok, submitted soon.
submitted to Base:System,including merged patches from 0.9.8k. thanks.
I can not add the security renegotiation enhancement to sle10,and openSuSE11.0,the package version differ greatly.
the Base:System/openssl submission fails in the testsuite: Write out database with 1 new entries Data Base Updated ../apps/CA.sh: line 79: 13650 Segmentation fault $CA -create_serial -out ${CATOP}/$CACERT $CADAYS -batch -keyfile ${CATOP}/private/$CAKEY -selfsign -extensions v3_ca -infiles ${CATOP}/$CAREQ make[1]: *** [test_ca] Error 1 make[1]: Leaving directory `/usr/src/packages/BUILD/openssl-0.9.8m/test' please check.
(In reply to comment #26) > the Base:System/openssl submission fails in the testsuite: > > Write out database with 1 new entries > Data Base Updated > ../apps/CA.sh: line 79: 13650 Segmentation fault $CA -create_serial -out > ${CATOP}/$CACERT $CADAYS -batch -keyfile ${CATOP}/private/$CAKEY -selfsign > -extensions v3_ca -infiles ${CATOP}/$CAREQ > make[1]: *** [test_ca] Error 1 > make[1]: Leaving directory `/usr/src/packages/BUILD/openssl-0.9.8m/test' > > please check. seems like bug#590833.
(In reply to comment #26) > the Base:System/openssl submission fails in the testsuite: > > Write out database with 1 new entries > Data Base Updated > ../apps/CA.sh: line 79: 13650 Segmentation fault $CA -create_serial -out > ${CATOP}/$CACERT $CADAYS -batch -keyfile ${CATOP}/private/$CAKEY -selfsign > -extensions v3_ca -infiles ${CATOP}/$CAREQ > make[1]: *** [test_ca] Error 1 > make[1]: Leaving directory `/usr/src/packages/BUILD/openssl-0.9.8m/test' > > please check. thanks a lot for the info.Just checked,it has been updated.
Created attachment 350762 [details] redhats openssl-cve-2009-3555.patch Patch that backports the renegotiation support that Redhat released yesterday.
Created attachment 350763 [details] patch ported to SLES 10 version of openssl i merged this patch to our openssl version in SLES 10 SP2/SP3 only ssl.h had conflicts, some #defines changed and make it not apply directly.
as redhat released openssl patches yesterday we got access tpo their patch. it nearly applied to sles10, some jiggling was necessary for ssl.h. both are attached above. I applied it to the SLES10 SP2 and SP3 openssl versions and submitted the fixed packages to autobuild.
Notes for QA: Generate a CA, client and server cert (e.g. with tinyca2 or yast ca module) server: openssl s_server -CAfile ca.pem -cert server.pem -key server.key \ -tls1 client: openssl s_client -CAfile ca.pem -cert client.pem -key client.key \ -tls1 -connect remotehost:4433 (adding -debug shows packet dumps) Pressing 'R' on either side starts a renegotiation. On Server side it also requests a client certificate. 1 - openssl without any reneg patches (0.9.8k) 2 - openssl with disabled reneg (0.9.8l) 3 - openssl with safe reneg (0.9.8m) y - reneg done n - no reneg i - remote ignores reneg request x - connection dead f - fail client initiated 1 2 3 < server 1 y¹ x x 2 n n n 3 y x y ^ client server initiated 1 2 3 < server 1 y¹ n f 2 i n f 3 y n y ^ client [1] renegotiation request reaches peer but no actual certificates seem to be exchanged. Maybe bug? For the apache case where certain URLs require a client cert the reneg is server initiated. This means i -> connection hangs n,f -> connection abort with ssl exception To make apache require client certs for a certain location use e.g. <Location /foo> SSLVerifyClient require SSLVerifyDepth 3 </Location>
One more thing. Since firefox doesn't support renegotiation yet, testing against apache can be done with s_client by pasting somethig like this: GET / HTTP/1.1 Host: remotehost GET https://tanana.suse.de/foo/ HTTP/1.1 Host: remotehost
w3m can also be used as client: $ w3m -v -o ssl_cert_file=client.pem -o ssl_key_file=client.key https://hostname
Created attachment 351166 [details] openssl-0.9.7a-cve-2009-3555.patch patch extracted from Redhats update, supplied by Dirk Mueller
Created attachment 351168 [details] patch from redhat ported to SLES 9 (openssl-CVE-2009-3555.patch) patch ported to SLES9 (one hunk failing), package has been submitted to autobuild too.
Update released for: openssl, openssl-devel, openssl-doc Products: SLE-DEBUGINFO 10-SP2 (i386, ia64, ppc, s390x, x86_64) SLE-DESKTOP 10-SP2 (i386, x86_64) SLE-SAP-AIO 10-SP2 (x86_64) SLE-SDK 10-SP2 (i386, ia64, ppc, s390x, x86_64) SLE-SERVER 10-SP2 (i386, ia64, ppc, s390x, x86_64)
Update released for: openssl, openssl-32bit, openssl-64bit, openssl-debuginfo, openssl-devel, openssl-devel-32bit, openssl-devel-64bit, openssl-doc, openssl-x86 Products: SLE-DEBUGINFO 10-SP3 (i386, ia64, ppc, s390x, x86_64) SLE-DESKTOP 10-SP3 (i386, x86_64) SLE-SAP-APL 10-SP3 (x86_64) SLE-SDK 10-SP3 (i386, ia64, ppc, s390x, x86_64) SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)
Update released for: openssl, openssl-devel, openssl-doc Products: Novell-Linux-POS 9 (i386) Open-Enterprise-Server 9 (i386) SUSE-CORE 9 (i386, ia64, ppc, s390, s390x, x86_64)
Update released for: libopenssl-devel, libopenssl0_9_8, libopenssl0_9_8-32bit, libopenssl0_9_8-x86, openssl, openssl-debuginfo, openssl-debugsource, openssl-doc Products: SLE-DEBUGINFO 11 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11 (i386, x86_64) SLE-SDK 11 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11 (i386, ia64, ppc64, s390x, x86_64)
Update released for: libopenssl-devel, libopenssl0_9_8, libopenssl0_9_8-debuginfo, openssl, openssl-certs, openssl-debuginfo, openssl-debugsource, openssl-doc Products: openSUSE 11.1 (debug, i586, ppc, ppc64, x86_64) openSUSE 11.2 (debug, i586, x86_64)
btw, i had to apply some fixes to the sle11 packages (also merged to 11.1 and 11.2), the old cve-2009-3555 was still enabled and making renegotiation impossible and also 2 smaller hunks were missing. I took sles 10 and sles9 from the redhat patches + minor adjustments.
we did not update: opensuse 11.0 (too hard to backport, and soon out of maintenance) we did not update: compat-openssl098g (only serving as compat lib and should really not be used anymore), also backporting too hard for now.
This is an autogenerated message for OBS integration: This bug (584292) was mentioned in https://build.opensuse.org/request/show/101073 Evergreen:11.1 / openssl
This is an autogenerated message for OBS integration: This bug (584292) was mentioned in https://build.opensuse.org/request/show/102566 Evergreen:11.1 / openssl