Debian alert DLA-1701-1 (openssl)
| From: | Markus Koschany <apo@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 1701-1] openssl security update | |
| Date: | Fri, 1 Mar 2019 23:55:06 +0100 | |
| Message-ID: | <8163c803-38e1-61b7-3d3a-da7ed0fcb305@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : openssl Version : 1.0.1t-1+deb8u11 CVE ID : CVE-2019-1559 Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL. If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). AEAD ciphersuites are not impacted. For Debian 8 "Jessie", this problem has been fixed in version 1.0.1t-1+deb8u11. We recommend that you upgrade your openssl packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlx5uElfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeR/BA/+Il0to7XRdFjAvxJG6cwzvemVHiLnKscdq5hr78hGb9qwxDpDQ51in+5o Vfy9pfsu72oSpiMbeks1c8K9K6aDiUGj3xoAmVMhGuia3JFmIEsWKXOLj61SeUAN 2sfOgso3U4LolyY41x/q+aeG373ktB1XHtDbT4UBT4W2KPtdf0h3HUQsKYY8zXz9 PIlpefClIJnE8qyBX9V+jTS2sABG2nPJ86vhuISjxrFMXgZF90HRRSMWpIfX+4uz gOxfIm4udRUbH5zzxyDZn7sP9f6VUGPqdsgIHBHIp/LkExfuGH5EVIaXxO3jigJq Jze2htD+KfjbNfJRxyGR0AzwBeYh8sLI3vRemG2dip7+W2McddP+kxpY+CEtlBRG W1JhLa9pc+QuXkE4bUJAKBLje7mMhRdQK+zz2y782G5Z3FmepSW7ZXUSdNQX7ek6 YS5Uy+xpP4a4Jc2HRJsjWw8BK0Z5Ua/Bk1jC4PJ/SMvdHYvurPaUXzScayFiFjRA dNfuBikQssS4EvZIv0oaYxnGsihRncfWF+zfJt15CGy9IzfTgx1irvPPPzZ/eouM Z0h01oBStQ5HveSgGMBBjFK6u+bwPFoTMKhxqH/MM3z5m1GEXXdRvJuVSXraymqi H/WDi/BMVhBp0rbfpqSyHLmqsfNx3cPMAnjy1k/wOifJE14E4g4= =sQfb -----END PGP SIGNATURE-----