Описание
Security update for OpenSSL
This OpenSSL update fixes the following issues:
Security Issues:
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
Ссылки
- Link for SUSE-SU-2015:1182-2
- E-Mail link for SUSE-SU-2015:1182-2
- SUSE Security Ratings
- SUSE Bug 859228
- SUSE Bug 859924
- SUSE Bug 860332
- SUSE Bug 862181
- SUSE Bug 869945
- SUSE Bug 870192
- SUSE Bug 879179
- SUSE Bug 880891
- SUSE Bug 890764
- SUSE Bug 890767
- SUSE Bug 890768
- SUSE Bug 890769
- SUSE Bug 890770
- SUSE Bug 892403
- SUSE Bug 901223
- SUSE Bug 901277
- SUSE Bug 912014
Описание
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Затронутые продукты
Ссылки
- CVE-2009-5146
- SUSE Bug 915976
- SUSE Bug 919648
- SUSE Bug 922647
Описание
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
Затронутые продукты
Ссылки
- CVE-2014-0076
- SUSE Bug 869945
- SUSE Bug 880891
- SUSE Bug 883126
- SUSE Bug 885777
- SUSE Bug 905106
Описание
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.
Затронутые продукты
Ссылки
- CVE-2014-0221
- SUSE Bug 880891
- SUSE Bug 883126
- SUSE Bug 885777
- SUSE Bug 905106
- SUSE Bug 915913
Описание
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
Затронутые продукты
Ссылки
- CVE-2014-0224
- SUSE Bug 1146657
- SUSE Bug 880891
- SUSE Bug 881743
- SUSE Bug 883126
- SUSE Bug 885777
- SUSE Bug 892403
- SUSE Bug 901237
- SUSE Bug 903703
- SUSE Bug 905018
- SUSE Bug 905106
- SUSE Bug 914447
- SUSE Bug 915913
- SUSE Bug 916239
Описание
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
Затронутые продукты
Ссылки
- CVE-2014-3470
- SUSE Bug 880891
- SUSE Bug 883126
- SUSE Bug 885777
- SUSE Bug 905106
- SUSE Bug 915913
Описание
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition.
Затронутые продукты
Ссылки
- CVE-2014-3505
- SUSE Bug 890759
- SUSE Bug 890764
- SUSE Bug 890767
- SUSE Bug 905106
Описание
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
Затронутые продукты
Ссылки
- CVE-2014-3506
- SUSE Bug 890759
- SUSE Bug 890764
- SUSE Bug 890768
- SUSE Bug 905106
Описание
Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.
Затронутые продукты
Ссылки
- CVE-2014-3507
- SUSE Bug 890759
- SUSE Bug 890764
- SUSE Bug 890769
- SUSE Bug 905106
Описание
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
Затронутые продукты
Ссылки
- CVE-2014-3508
- SUSE Bug 890759
- SUSE Bug 890764
- SUSE Bug 905106
- SUSE Bug 950708
Описание
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite.
Затронутые продукты
Ссылки
- CVE-2014-3510
- SUSE Bug 890759
- SUSE Bug 890764
- SUSE Bug 890770
- SUSE Bug 905106
Описание
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Затронутые продукты
Ссылки
- CVE-2014-3566
- SUSE Bug 1011293
- SUSE Bug 1031023
- SUSE Bug 901223
- SUSE Bug 901254
- SUSE Bug 901277
- SUSE Bug 901748
- SUSE Bug 901757
- SUSE Bug 901759
- SUSE Bug 901889
- SUSE Bug 901968
- SUSE Bug 902229
- SUSE Bug 902233
- SUSE Bug 902476
- SUSE Bug 903405
- SUSE Bug 903684
- SUSE Bug 904889
- SUSE Bug 905106
- SUSE Bug 914041
- SUSE Bug 994144
Описание
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
Затронутые продукты
Ссылки
- CVE-2014-3567
- SUSE Bug 877506
- SUSE Bug 901277
- SUSE Bug 905106
Описание
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
Затронутые продукты
Ссылки
- CVE-2014-3568
- SUSE Bug 901277
- SUSE Bug 905106
- SUSE Bug 911399
- SUSE Bug 986238
Описание
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
Затронутые продукты
Ссылки
- CVE-2014-3570
- SUSE Bug 912296
- SUSE Bug 915848
- SUSE Bug 927623
- SUSE Bug 937891
- SUSE Bug 944456
Описание
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.
Затронутые продукты
Ссылки
- CVE-2014-3571
- SUSE Bug 912294
- SUSE Bug 915848
- SUSE Bug 927623
Описание
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.
Затронутые продукты
Ссылки
- CVE-2014-3572
- SUSE Bug 912015
- SUSE Bug 915848
- SUSE Bug 927623
- SUSE Bug 937891
Описание
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.
Затронутые продукты
Ссылки
- CVE-2014-8275
- SUSE Bug 912018
- SUSE Bug 915848
- SUSE Bug 927623
- SUSE Bug 937891
Описание
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
Затронутые продукты
Ссылки
- CVE-2015-0204
- SUSE Bug 912014
- SUSE Bug 920482
- SUSE Bug 920484
- SUSE Bug 927591
- SUSE Bug 927623
- SUSE Bug 936787
- SUSE Bug 952088
Описание
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.
Затронутые продукты
Ссылки
- CVE-2015-0205
- SUSE Bug 912293
- SUSE Bug 915848
- SUSE Bug 927623
- SUSE Bug 937891
Описание
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.
Затронутые продукты
Ссылки
- CVE-2015-0209
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 936586
- SUSE Bug 937891
Описание
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.
Затронутые продукты
Ссылки
- CVE-2015-0286
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 922496
- SUSE Bug 936586
- SUSE Bug 937891
- SUSE Bug 951391
Описание
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
Затронутые продукты
Ссылки
- CVE-2015-0287
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 922499
- SUSE Bug 936586
- SUSE Bug 937891
- SUSE Bug 968888
- SUSE Bug 991722
Описание
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.
Затронутые продукты
Ссылки
- CVE-2015-0288
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 920236
- SUSE Bug 936586
- SUSE Bug 937891
- SUSE Bug 951391
Описание
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.
Затронутые продукты
Ссылки
- CVE-2015-0289
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 922500
- SUSE Bug 936586
- SUSE Bug 937891
Описание
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.
Затронутые продукты
Ссылки
- CVE-2015-0292
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 922501
- SUSE Bug 936586
Описание
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
Затронутые продукты
Ссылки
- CVE-2015-0293
- SUSE Bug 912014
- SUSE Bug 919648
- SUSE Bug 922488
- SUSE Bug 936586
- SUSE Bug 968044
- SUSE Bug 968051
- SUSE Bug 968053
- SUSE Bug 986238
Описание
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.
Затронутые продукты
Ссылки
- CVE-2015-1788
- SUSE Bug 934487
- SUSE Bug 934666
- SUSE Bug 936586
- SUSE Bug 937891
- SUSE Bug 938432
Описание
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
Затронутые продукты
Ссылки
- CVE-2015-1789
- SUSE Bug 934489
- SUSE Bug 934666
- SUSE Bug 936586
- SUSE Bug 937891
- SUSE Bug 938432
- SUSE Bug 951391
Описание
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
Затронутые продукты
Ссылки
- CVE-2015-1790
- SUSE Bug 934491
- SUSE Bug 934666
- SUSE Bug 936586
- SUSE Bug 938432
Описание
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
Затронутые продукты
Ссылки
- CVE-2015-1791
- SUSE Bug 933911
- SUSE Bug 934666
- SUSE Bug 986238
- SUSE Bug 989464
Описание
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.
Затронутые продукты
Ссылки
- CVE-2015-1792
- SUSE Bug 934493
- SUSE Bug 934666
- SUSE Bug 937891
- SUSE Bug 986238
Описание
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
Затронутые продукты
Ссылки
- CVE-2015-3216
- SUSE Bug 933898
Описание
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Затронутые продукты
Ссылки
- CVE-2015-4000
- SUSE Bug 1074631
- SUSE Bug 1211968
- SUSE Bug 931600
- SUSE Bug 931698
- SUSE Bug 931723
- SUSE Bug 931845
- SUSE Bug 932026
- SUSE Bug 932483
- SUSE Bug 934789
- SUSE Bug 935033
- SUSE Bug 935540
- SUSE Bug 935979
- SUSE Bug 937202
- SUSE Bug 937766
- SUSE Bug 938248
- SUSE Bug 938432
- SUSE Bug 938895
- SUSE Bug 938905
- SUSE Bug 938906