[security-announce] Announcement: openssl 1.0.1h released to fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Today the openssl project released a new version of the openssl library (openssl-1.0.1h) that fixes six/seven vulnerabilities. Details about the vulnerabilities can be found in their advisory: http://www.openssl.org/news/secadv_20140605.txt

List of issues: 1. SSL/TLS MITM vulnerability (CVE-2014-0224) 2. DTLS recursion flaw (CVE-2014-0221) 3. DTLS invalid fragment vulnerability (CVE-2014-0195) 4. SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198) 5. SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) 6. Anonymous ECDH denial of service (CVE-2014-3470) 7. Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD (CVE-2014-0076)

We ship the following openssl versions which are affected by...: - - SLES9: openssl 0.9.7d + SSL/TLS MITM vulnerability (CVE-2014-0224) - - SLE10: openssl 0.9.8a + SSL/TLS MITM vulnerability (CVE-2014-0224) + DTLS recursion flaw (CVE-2014-0221) - - SLE11: openssl 0.9.8j + SSL/TLS MITM vulnerability (CVE-2014-0224) + DTLS recursion flaw (CVE-2014-0221) + Anonymous ECDH denial of service (CVE-2014-3470) - - Security AddON for SLES11: openssl 1.0.1g + SSL/TLS MITM vulnerability (CVE-2014-0224) + DTLS recursion flaw (CVE-2014-0221) + DTLS invalid fragment vulnerability (CVE-2014-0195) + SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198) + Anonymous ECDH denial of service (CVE-2014-3470) - - opensuse: openssl 1.0.1* + SSL/TLS MITM vulnerability (CVE-2014-0224) + DTLS recursion flaw (CVE-2014-0221) + DTLS invalid fragment vulnerability (CVE-2014-0195) + SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198) + Anonymous ECDH denial of service (CVE-2014-3470)

An update package for CVE-2014-0076 was released in April 2014, see http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html.

DTLS invalid fragment vulnerability (CVE-2014-0195): This issue affects only versions starting from 0.9.8o, therefore 0.9.8j is not affected by this remote buffer overflow.

The updates will be released as soon as possible.

Best regards, Thomas - -- Thomas Biege thomas@suse.de, Team Leader MaintenanceSecurity, CSSLP SUSE LINUX Products GmbH GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer HRB 21284 (AG Nürnberg) - -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach