PR#3400 and CVE-2014-0224
Hi All, We are using OpenSSL version 0.9.8h. We take the security vulnerability fixes from latest release of OpenSSL 0.9.8 series and patch our internally used 0.9.8h. From the OpenSSL release 0.9.8za, we took CVE-2014-0224 and merged it our OpenSSL code. But in latest release 0.9.8za, I see that there is a change which seems to be leftover piece of 0224 fix. The doubt is regarding PR#3400. It seems to be the leftover piece of CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224. Please see the links below. PR#3400 http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=70d923fb0359ed68e59b8c59d1687ebff6f8d952 CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=410a49a4fa1d2a1a9775ee29f9e40cbbda79c149 Can someone from OpenSSL team confirm if PR#3400 is part of CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 and we should merge this fix as well? Thanks for your support. Regards, Aditya
Is OpenSSl fips 2.0.5 also affected by CVE-2014-0224
Does the recent vulnerability exposed in openSSL - CVE-2014-0224 and CVE-2014-0221 affect openssl-fips-2.0.5 ? If Yes, How do I get fips compliant openSSL? -Karthik R
Re: Is OpenSSl fips 2.0.5 also affected by CVE-2014-0224
On Thu, Jun 12, 2014, Karthik R wrote: Does the recent vulnerability exposed in openSSL - CVE-2014-0224 and CVE-2014-0221 affect openssl-fips-2.0.5 ? If Yes, How do I get fips compliant openSSL? If you mean the FIPS module then no. The FIPS module does not contain any TLS or DTLS code so you just use the validated module against OpenSSL 1.0.1h to produce a FIPS capable OpenSSL. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
CVE-2014-0224
Hi guys, I know 0.9.7 is no longer under development, but for various reasons, I have an app that is still using 0.9.7g. Is 0.9.7g subject to the vulnerability from CVD-0214-0224? Thanks, ScottN __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE-2014-0224
On Wed, Jun 11, 2014, Scott Neugroschl wrote: Hi guys, I know 0.9.7 is no longer under development, but for various reasons, I have an app that is still using 0.9.7g. Is 0.9.7g subject to the vulnerability from CVD-0214-0224? I think you mean CVE-2014-0224. Yes it is vulnerable as an SSL/TLS client you're advised to fix servers too as a precaution. It shouldn't be too hard to backport the patches. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE-2014-0224
On Wed, Jun 11, 2014 at 04:09:47PM +, Scott Neugroschl wrote: I know 0.9.7 is no longer under development, but for various reasons, I have an app that is still using 0.9.7g. Is 0.9.7g subject to the vulnerability from CVD-0214-0224? There are I expect many unresolved issues (even if not the particular one in question) in the long ago un-maintained 0.9.7 release. So my advice is that if this application is communicating over the public Internet, it needs to be upgraded or retired. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: CVE-2014-0224
From Victor: On Wed, Jun 11, 2014 at 04:09:47PM +, Scott Neugroschl wrote: I know 0.9.7 is no longer under development, but for various reasons, I have an app that is still using 0.9.7g. Is 0.9.7g subject to the vulnerability from CVD-0214-0224? There are I expect many unresolved issues (even if not the particular one in question) in the long ago un-maintained 0.9.7 release. So my advice is that if this application is communicating over the public Internet, it needs to be upgraded or retired. We are aware of this, and are looking to upgrade. Does anyone have a recommendation as to 0.9.8 vs 1.0.0 (1.0.1 is too bleeding edge)? If you have a recommendation, may I ask what led you to choose that path? Thanks, ScottN __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE-2014-0224
On Wed, Jun 11, 2014 at 07:07:09PM +, Scott Neugroschl wrote: We are aware of this, and are looking to upgrade. Does anyone have a recommendation as to 0.9.8 vs 1.0.0 (1.0.1 is too bleeding edge)? If you have a recommendation, may I ask what led you to choose that path? I would recommend 1.0.1 (not signficantly more bleeding edge than 1.0.0 at this point). I think more O/S distributions are shipping with 1.0.1 than 1.0.0. Even if you compile against 1.0.0, unless you ship your own library or link statically, you may find your code running on a platform with 1.0.1, the ABI version is 1.0.0. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
CVE-2014-0224
CVE-2014-0224 looks like an interesting issue (https://www.openssl.org/news/secadv_20140605.txt): An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. Can anyone explain the vulnerability? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: CVE-2014-0224
Can anyone explain the vulnerability? A handful of links Here's the timeline, a public document: https://plus.google.com/u/0/+MarkJCox/posts/L8i6PSsKJKs And this blog entry from the guy who found the bug. BTW, it's 16 years old. http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html Adam Langley's writeup full of technical and protocol details https://www.imperialviolet.org/2014/06/05/earlyccs.html -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz
Re: CVE-2014-0224
I am also quite curious. Also, how long has this exploit been around, and could hackers have exploited this already? 2014-06-05 22:46 GMT+02:00 Jeffrey Walton noloa...@gmail.com: CVE-2014-0224 looks like an interesting issue (https://www.openssl.org/news/secadv_20140605.txt): An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. Can anyone explain the vulnerability? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE-2014-0224
On Thu, Jun 5, 2014 at 4:49 PM, Salz, Rich rs...@akamai.com wrote: Can anyone explain the vulnerability? A handful of links Here's the timeline, a public document: https://plus.google.com/u/0/+MarkJCox/posts/L8i6PSsKJKs And this blog entry from the guy who found the bug. BTW, it's 16 years old. http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html Adam Langley's writeup full of technical and protocol details https://www.imperialviolet.org/2014/06/05/earlyccs.html Thanks Rich. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE-2014-0224
I've also added these into the wiki at http://wiki.openssl.org/index.php/SECADV_20140605 - so that others looking back through the issues can find a handy reference to the additional information from various locations - the link at http://wiki.openssl.org/index.php/Security_Advisories basically notes when there is additional information available beyond the advisory details for a given issue. If there are other useful references to this item or to other items in the security vulnerability announcement then updating the wiki to note them there would be helpful. Thanks, Tim. On 6/06/2014 9:42 AM, Jeffrey Walton wrote: On Thu, Jun 5, 2014 at 4:49 PM, Salz, Rich rs...@akamai.com wrote: Can anyone explain the vulnerability? A handful of links Here's the timeline, a public document: https://plus.google.com/u/0/+MarkJCox/posts/L8i6PSsKJKs And this blog entry from the guy who found the bug. BTW, it's 16 years old. http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html Adam Langley's writeup full of technical and protocol details https://www.imperialviolet.org/2014/06/05/earlyccs.html Thanks Rich. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org