Publishing details

• Published on 2017-02-27

Changelog

openssl (1.0.1f-1ubuntu11.7) vivid-security; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731
  * SECURITY UPDATE: Constant time flag not preserved in DSA signing
    - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
      crypto/dsa/dsa_ossl.c.
    - CVE-2016-2178
  * SECURITY UPDATE: DTLS buffered message DoS
    - debian/patches/CVE-2016-2179.patch: fix queue handling in
      ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
      ssl/ssl_locl.h.
    - CVE-2016-2179
  * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
    - debian/patches/CVE-2016-2180.patch: fix text handling in
      crypto/ts/ts_lib.c.
    - CVE-2016-2180
  * SECURITY UPDATE: DTLS replay protection DoS
    - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
      records in ssl/d1_pkt.c.
    - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
      in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
    - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
    - CVE-2016-2181
  * SECURITY UPDATE: OOB write in BN_bn2dec()
    - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
      crypto/bn/bn_print.c.
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.
    - CVE-2016-2182
  * SECURITY UPDATE: SWEET32 Mitigation
    - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
      to MEDIUM in ssl/s3_lib.c.
    - CVE-2016-2183
  * SECURITY UPDATE: Malformed SHA512 ticket DoS
    - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
      ssl/t1_lib.c.
    - CVE-2016-6302
  * SECURITY UPDATE: OOB write in MDC2_Update()
    - debian/patches/CVE-2016-6303.patch: avoid overflow in
      crypto/mdc2/mdc2dgst.c.
    - CVE-2016-6303
  * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
    - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
      handshake in ssl/t1_lib.c.
    - CVE-2016-6304
  * SECURITY UPDATE: Certificate message OOB reads
    - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
      ssl/s3_srvr.c.
    - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
      larger in ssl/d1_both.c, ssl/s3_both.c.
    - CVE-2016-6306
  * SECURITY REGRESSION: DTLS regression (LP: #1622500)
    - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
      read_ahead is set in ssl/s3_pkt.c.

 -- Emily Ratliff <email address hidden>  Mon, 27 Feb 2017 12:58:39 -0600

Builds

• amd64
• arm64
• armhf
• i386
• powerpc
• ppc64el

Built packages

• libcrypto1.0.0-udeb Secure Sockets Layer toolkit - libcrypto udeb

• libssl-dev Secure Sockets Layer toolkit - development files

• libssl-doc Secure Sockets Layer toolkit - development documentation

• libssl1.0.0 Secure Sockets Layer toolkit - shared libraries

• libssl1.0.0-dbg Secure Sockets Layer toolkit - debug information

• libssl1.0.0-udeb ssl shared library - udeb

• openssl Secure Sockets Layer toolkit - cryptographic utility

Package files

• libcrypto1.0.0-udeb_1.0.1f-1ubuntu11.7_amd64.udeb (615.7 KiB)
• libcrypto1.0.0-udeb_1.0.1f-1ubuntu11.7_arm64.udeb (469.8 KiB)
• libcrypto1.0.0-udeb_1.0.1f-1ubuntu11.7_armhf.udeb (472.1 KiB)
• libcrypto1.0.0-udeb_1.0.1f-1ubuntu11.7_i386.udeb (612.2 KiB)
• libcrypto1.0.0-udeb_1.0.1f-1ubuntu11.7_powerpc.udeb (494.9 KiB)
• libcrypto1.0.0-udeb_1.0.1f-1ubuntu11.7_ppc64el.udeb (566.9 KiB)
• libssl-dev_1.0.1f-1ubuntu11.7_amd64.deb (1.0 MiB)
• libssl-dev_1.0.1f-1ubuntu11.7_arm64.deb (935.6 KiB)
• libssl-dev_1.0.1f-1ubuntu11.7_armhf.deb (907.7 KiB)
• libssl-dev_1.0.1f-1ubuntu11.7_i386.deb (1.0 MiB)
• libssl-dev_1.0.1f-1ubuntu11.7_powerpc.deb (926.0 KiB)
• libssl-dev_1.0.1f-1ubuntu11.7_ppc64el.deb (1.1 MiB)
• libssl-doc_1.0.1f-1ubuntu11.7_all.deb (946.8 KiB)
• libssl1.0.0-dbg_1.0.1f-1ubuntu11.7_amd64.deb (2.5 MiB)
• libssl1.0.0-dbg_1.0.1f-1ubuntu11.7_arm64.deb (2.6 MiB)
• libssl1.0.0-dbg_1.0.1f-1ubuntu11.7_armhf.deb (2.4 MiB)
• libssl1.0.0-dbg_1.0.1f-1ubuntu11.7_i386.deb (1.9 MiB)
• libssl1.0.0-dbg_1.0.1f-1ubuntu11.7_powerpc.deb (2.6 MiB)
• libssl1.0.0-dbg_1.0.1f-1ubuntu11.7_ppc64el.deb (2.7 MiB)
• libssl1.0.0-udeb_1.0.1f-1ubuntu11.7_amd64.udeb (124.7 KiB)
• libssl1.0.0-udeb_1.0.1f-1ubuntu11.7_arm64.udeb (98.7 KiB)
• libssl1.0.0-udeb_1.0.1f-1ubuntu11.7_armhf.udeb (102.3 KiB)
• libssl1.0.0-udeb_1.0.1f-1ubuntu11.7_i386.udeb (133.7 KiB)
• libssl1.0.0-udeb_1.0.1f-1ubuntu11.7_powerpc.udeb (104.5 KiB)
• libssl1.0.0-udeb_1.0.1f-1ubuntu11.7_ppc64el.udeb (116.8 KiB)
• libssl1.0.0_1.0.1f-1ubuntu11.7_amd64.deb (835.5 KiB)
• libssl1.0.0_1.0.1f-1ubuntu11.7_arm64.deb (653.6 KiB)
• libssl1.0.0_1.0.1f-1ubuntu11.7_armhf.deb (664.0 KiB)
• libssl1.0.0_1.0.1f-1ubuntu11.7_i386.deb (846.5 KiB)
• libssl1.0.0_1.0.1f-1ubuntu11.7_powerpc.deb (685.2 KiB)
• libssl1.0.0_1.0.1f-1ubuntu11.7_ppc64el.deb (781.0 KiB)
• openssl_1.0.1f-1ubuntu11.7.debian.tar.xz (234.2 KiB)
• openssl_1.0.1f-1ubuntu11.7.dsc (2.4 KiB)
• openssl_1.0.1f-1ubuntu11.7_amd64.deb (482.1 KiB)
• openssl_1.0.1f-1ubuntu11.7_arm64.deb (464.0 KiB)
• openssl_1.0.1f-1ubuntu11.7_armhf.deb (475.5 KiB)
• openssl_1.0.1f-1ubuntu11.7_i386.deb (492.0 KiB)
• openssl_1.0.1f-1ubuntu11.7_powerpc.deb (456.7 KiB)
• openssl_1.0.1f-1ubuntu11.7_ppc64el.deb (472.6 KiB)
• openssl_1.0.1f.orig.tar.gz (4.3 MiB)