From owner-freebsd-security@FreeBSD.ORG Wed May 2 12:44:20 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4B772106566C for ; Wed, 2 May 2012 12:44:20 +0000 (UTC) (envelope-from c.kworr@gmail.com) Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id BFA158FC14 for ; Wed, 2 May 2012 12:44:19 +0000 (UTC) Received: by bkvi17 with SMTP id i17so582300bkv.13 for ; Wed, 02 May 2012 05:44:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=1wH9pi5yugVYY6vz3IhyjTzo/Y1OD4whIuCV7IEPGr0=; b=FQb1DYzWBACiV61KAf8xaoepxxEtUbT6sdHw9/9oexbxlPbcJH5UFfo6fyhRAY5cNV qqXkBDUkpKeLII5LMz/L63RPZKudC3WH7V0YL0hDissw0o62CpQBr0GbCEjq2nawZFPs b/y5YcEUpr4lAtByyTZHGRDkgWiaBUiWKGzk4Ebw+fXVhB5HviBnQ788vMtDWSNwLS+p 40l0fc5xQpBTCahjMcvjB3bPj2IduIZb8BB4mFWuJ8+7RfxliPXkboDUGnbM1l5Jy0KH GzSoEESsdVEn7gSqd+op/irBmtSryB9z4aqxVPaTIbcoq/GKM13XlF/fVMkFhxSi2qyC +NFA== Received: by 10.204.153.199 with SMTP id l7mr4899335bkw.86.1335962658764; Wed, 02 May 2012 05:44:18 -0700 (PDT) Received: from green.tandem.local (208-245-132-95.pool.ukrtel.net. [95.132.245.208]) by mx.google.com with ESMTPS id r14sm3554710bkv.11.2012.05.02.05.44.15 (version=SSLv3 cipher=OTHER); Wed, 02 May 2012 05:44:17 -0700 (PDT) Message-ID: <4FA12C1E.3030102@gmail.com> Date: Wed, 02 May 2012 15:44:14 +0300 From: Volodymyr Kostyrko User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:12.0) Gecko/20120426 Firefox/12.0 SeaMonkey/2.9 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Wed, 02 May 2012 13:53:22 +0000 Cc: Robert Simmons Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2012 12:44:20 -0000 Robert Simmons wrote: > Is there a plan to update OpenSSL to patch for CVE-2012-2131? > > Also, is the DOS vulnerability in libkrb5 that Heimdal 1.5.2 patches > present in Heimdal 1.1 which shipped with 9.0-RELEASE? I'll second this one. 1. Is there any plans on updating openssl and why not? It's getting a bad hype nowadays. And will we ever support TLS v1.[12]? BEAST attack seems to be not so far from most of us: https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls 2. What's with CVE-2011-1945? I'm waiting for months for just a tiny comment on this one as if this truly is not fixed in our source all 9.0 installations with world-open ssh are potentially vulnerable. 3. DragonFly is much faster then we are, they have 1.0.1b on master branch, while we have 1.0.1a in ports. They also already removed heimdal from base and pkgsrc has 1.5.2 available with our 1.4 present in ports. -- Sphinx of black quartz judge my vow. From owner-freebsd-security@FreeBSD.ORG Wed May 2 22:02:39 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 67EA7106566C for ; Wed, 2 May 2012 22:02:39 +0000 (UTC) (envelope-from matt@chronos.org.uk) Received: from chronos.org.uk (chronos-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:12b::2]) by mx1.freebsd.org (Postfix) with ESMTP id AFF1B8FC15 for ; Wed, 2 May 2012 22:02:37 +0000 (UTC) Received: from workstation1.localnet (workstation1.local.chronos.org.uk [IPv6:2001:470:1f09:12b::20]) (authenticated bits=0) by chronos.org.uk (8.14.5/8.14.5) with ESMTP id q42L1pBU064531 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 May 2012 22:01:51 +0100 (BST) (envelope-from matt@chronos.org.uk) X-DKIM: OpenDKIM Filter v2.5.2 chronos.org.uk q42L1pBU064531 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=chronos.org.uk; s=mail; t=1335992511; bh=+hPXcufXjv89oCCtvrnj36EkbcwcBgs5BaWBv9uGbZo=; h=From:To:Subject:Date:References:In-Reply-To; b=hvPGw+Ioo8EHdx0Non4RQK/XRyfYhm5ZMt8ZTGozTZyNpsw6kTYXd+PN6MZo2Tb1h Phepz9uvH4/T2RWomynvlx/sUSplHCkOo3qI5s7dn0rV4CrB1nSA/YK1VBcdW/sq88 tjA8W4XBe23wrrMtssxqCuZCXrSd/0uJdDGifgrU= From: Matt Dawson To: freebsd-security@freebsd.org Date: Wed, 2 May 2012 22:01:49 +0100 User-Agent: KMail/1.13.7 (FreeBSD/9.0-RELEASE; KDE/4.7.4; amd64; ; ) References: <4FA12C1E.3030102@gmail.com> In-Reply-To: <4FA12C1E.3030102@gmail.com> X-Face: -a*{KS?gYyH>pt=1?H+(>B2Z'>b6WxX:^O@+VaMV>l\tOh@[x`#&AHSdl`m<-EEhk=1%t9iRthI|; ~8)mN@qxJ}x5l:zhDO( =?utf-8?q?=2Eas=0A?= NeO!\oL7huHfsoF'I5,0G+Yo[G-G"FG,l`QJ$IgwH/[\a]vRH^'=`; cY+*_{Or` MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201205022201.50506.matt@chronos.org.uk> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (chronos.org.uk [IPv6:2001:470:1f09:12b::1]); Wed, 02 May 2012 22:01:51 +0100 (BST) X-Spam-Status: No, score=-100.0 required=3.0 tests=BAYES_00, DATE_IN_FUTURE_24_48,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_PASS, T_RP_MATCHES_RCVD,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on central.local.chronos.org.uk Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2012 22:02:39 -0000 On Wednesday 02 May 2012 13:44:14 Volodymyr Kostyrko wrote: > And will we ever support TLS v1.[12]? BEAST attack > seems to be not so far from most of us mod_gnutls in ports. Setup is simple for Apache. Prefer the RC4 cipher which secures SSLv3 against BEAST. This setup on my own HTTPS servers passes Qualys' own tests with an A rating of 87 and tells me BEAST is mitigated, although the thing still gives me an error on session resumption which I know damned well works. It's all there for server side in ports. TLSv1.[1|2] is pretty pointless right now as only IE supports it in any meaningful way and even that is disabled OOB. Setting RC4 as the preferred cipher is about the best you can do right now. -- Matt Dawson GW0VNR MTD15-RIPE From owner-freebsd-security@FreeBSD.ORG Wed May 2 22:14:51 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1A9191065670 for ; Wed, 2 May 2012 22:14:51 +0000 (UTC) (envelope-from feld@feld.me) Received: from feld.me (unknown [IPv6:2607:f4e0:100:300::2]) by mx1.freebsd.org (Postfix) with ESMTP id D6A898FC15 for ; Wed, 2 May 2012 22:14:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=feld.me; s=blargle; h=In-Reply-To:Message-Id:From:Mime-Version:Date:References:Subject:To:Content-Type; bh=6rE5PifIincHx4VdU0xOxq7fvunHJ9q83RVfweRwEfI=; b=kbqlcNQoN/gs+bKKVnf9oYV12UgW39eOT5l3PQ7twQYnv+yYfro95XRXo4SjnvlvhQMusNKfI/magAQlYsiDpPcR/F27e8Opv8sGH5oPATmvA8FFUlJrCIaKtAW0qEdu; Received: from localhost ([127.0.0.1] helo=mwi1.coffeenet.org) by feld.me with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1SPhot-0001vW-Hv for freebsd-security@freebsd.org; Wed, 02 May 2012 17:14:50 -0500 Received: from feld@feld.me by mwi1.coffeenet.org (Archiveopteryx 3.1.4) with esmtpa id 1335996881-30163-30162/5/46; Wed, 2 May 2012 22:14:41 +0000 Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes To: freebsd-security@freebsd.org References: <4FA12C1E.3030102@gmail.com> <201205022201.50506.matt@chronos.org.uk> Date: Wed, 2 May 2012 17:14:41 -0500 Mime-Version: 1.0 From: Mark Felder Message-Id: In-Reply-To: <201205022201.50506.matt@chronos.org.uk> User-Agent: Opera Mail/11.62 (FreeBSD) X-SA-Score: -1.5 Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2012 22:14:51 -0000 On Wed, 02 May 2012 16:01:49 -0500, Matt Dawson wrote: > mod_gnutls in ports. Setup is simple for Apache. Prefer the RC4 cipher > which secures SSLv3 against BEAST. This setup on my own HTTPS servers > passes Qualys' own tests with an A rating of 87 and tells me BEAST is > mitigated, although the thing still gives me an error on session > resumption which I know damned well works. It's all there for server > side in ports. Why go out of your way and use mod_gnutls? You can simply set your SSL settings like this: SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLProtocol -ALL +SSLv3 +TLSv1 SSLHonorCipherOrder On SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown And now you have a rating of 85 and no BEAST issues. From owner-freebsd-security@FreeBSD.ORG Wed May 2 22:45:32 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7CA4C106566C for ; Wed, 2 May 2012 22:45:32 +0000 (UTC) (envelope-from matt@chronos.org.uk) Received: from chronos.org.uk (chronos-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:12b::2]) by mx1.freebsd.org (Postfix) with ESMTP id C5B968FC16 for ; Wed, 2 May 2012 22:45:31 +0000 (UTC) Received: from workstation1.localnet (workstation1.local.chronos.org.uk [IPv6:2001:470:1f09:12b::20]) (authenticated bits=0) by chronos.org.uk (8.14.5/8.14.5) with ESMTP id q42MjSMk020405 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 2 May 2012 23:45:28 +0100 (BST) (envelope-from matt@chronos.org.uk) X-DKIM: OpenDKIM Filter v2.5.2 chronos.org.uk q42MjSMk020405 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=chronos.org.uk; s=mail; t=1335998728; bh=EdUdksu7rB5rsU+E4Gng16QHRVZCdLe4vulArsjLeVQ=; h=From:To:Subject:Date:References:In-Reply-To; b=DEli2GNOy0OGwm3oH5AOo6c9X4Np47WT1FL3w+26e3Hrl+Mys0HnIrAcqI1bzeGm5 Uuh/hbh8Oo7SSv6PEmDiCkbHnt7THU8HjoQR7wJ/Ffrkkdeo02atmErNvt6sQEa2WY N+L6L6wyzM1HbE3vDXsF40lCi14q/qzjDz7Ca2Lc= From: Matt Dawson To: freebsd-security@freebsd.org Date: Wed, 2 May 2012 23:45:27 +0100 User-Agent: KMail/1.13.7 (FreeBSD/9.0-RELEASE; KDE/4.7.4; amd64; ; ) References: <201205022201.50506.matt@chronos.org.uk> In-Reply-To: X-Face: -a*{KS?gYyH>pt=1?H+(>B2Z'>b6WxX:^O@+VaMV>l\tOh@[x`#&AHSdl`m<-EEhk=1%t9iRthI|; ~8)mN@qxJ}x5l:zhDO( =?utf-8?q?=2Eas=0A?= NeO!\oL7huHfsoF'I5,0G+Yo[G-G"FG,l`QJ$IgwH/[\a]vRH^'=`; cY+*_{Or` MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201205022345.27904.matt@chronos.org.uk> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (chronos.org.uk [IPv6:2001:470:1f09:12b::1]); Wed, 02 May 2012 23:45:28 +0100 (BST) X-Spam-Status: No, score=-100.0 required=3.0 tests=BAYES_00, DATE_IN_FUTURE_24_48,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_PASS, T_RP_MATCHES_RCVD,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on central.local.chronos.org.uk Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2012 22:45:32 -0000 On Wednesday 02 May 2012 23:14:41 Mark Felder wrote: > Why go out of your way and use mod_gnutls? Because it supports TLSv1.[1|2], which was the PP's question, whereas OpenSSL doesn't and doesn't show any signs of doing so in the near future: https://www.openssl.org/support/funding/wishlist.html Note well the "If and when." IE might be the only client with support for those protocols right now but somebody has to lead the way on the server side or you end up with a mutual apathy loop (AKA positive can't be arsed feedback loop). -- Matt Dawson GW0VNR MTD15-RIPE From owner-freebsd-security@FreeBSD.ORG Wed May 2 23:28:23 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 985B9106566B for ; Wed, 2 May 2012 23:28:23 +0000 (UTC) (envelope-from gpalmer@freebsd.org) Received: from noop.in-addr.com (mail.in-addr.com [IPv6:2001:470:8:162::1]) by mx1.freebsd.org (Postfix) with ESMTP id 6294C8FC12 for ; Wed, 2 May 2012 23:28:23 +0000 (UTC) Received: from gjp by noop.in-addr.com with local (Exim 4.77 (FreeBSD)) (envelope-from ) id 1SPixb-000HE3-Dw; Wed, 02 May 2012 19:27:51 -0400 Date: Wed, 2 May 2012 19:27:51 -0400 From: Gary Palmer To: Matt Dawson Message-ID: <20120502232751.GB50127@in-addr.com> References: <201205022201.50506.matt@chronos.org.uk> <201205022345.27904.matt@chronos.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201205022345.27904.matt@chronos.org.uk> X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: gpalmer@freebsd.org X-SA-Exim-Scanned: No (on noop.in-addr.com); SAEximRunCond expanded to false Cc: freebsd-security@freebsd.org Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2012 23:28:23 -0000 On Wed, May 02, 2012 at 11:45:27PM +0100, Matt Dawson wrote: > On Wednesday 02 May 2012 23:14:41 Mark Felder wrote: > > Why go out of your way and use mod_gnutls? > > Because it supports TLSv1.[1|2], which was the PP's question, whereas > OpenSSL doesn't and doesn't show any signs of doing so in the near > future: > > https://www.openssl.org/support/funding/wishlist.html > > Note well the "If and when." > > IE might be the only client with support for those protocols right now > but somebody has to lead the way on the server side or you end up with > a mutual apathy loop (AKA positive can't be arsed feedback loop). Their website is out of date. This is from CHANGES in OpenSSL 1.01a: Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1: o TLS/DTLS heartbeat support. o SCTP support. o RFC 5705 TLS key material exporter. o RFC 5764 DTLS-SRTP negotiation. o Next Protocol Negotiation. o PSS signatures in certificates, requests and CRLs. o Support for password based recipient info for CMS. o Support TLS v1.2 and TLS v1.1. o Preliminary FIPS capability for unvalidated 2.0 FIPS module. o SRP support. Note the 3rd last bullet point. Regards, Gary From owner-freebsd-security@FreeBSD.ORG Wed May 2 23:53:03 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 88D0B1065672 for ; Wed, 2 May 2012 23:53:03 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id 0012E8FC08 for ; Wed, 2 May 2012 23:53:02 +0000 (UTC) Received: by vbmv11 with SMTP id v11so1190130vbm.13 for ; Wed, 02 May 2012 16:53:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=/3sLxjHMIOz8XjpbzaP1pD7m8LgS8M17Gwjc045ZaRk=; b=G34cMESFEOlRSFKvEtWvNaXbGSeLArz5yfEqDMYoAfEM7KkBHLBbSiFZfz7T/qiluh 7O9JlGvYTe1+5EXFiSy5h4xm7XO5508rZyy94CL2bPfJDhqkJRSu1GiZykx9RXZjFxRA nlSQB6ToTKdqDBuq35+f1W2DzCElUjARXxbkJWsyymbfR8ONXEl4NDOfqNrQ2UcYltKP AofegMuosh8jDk9fe5taU3VVd0pPdk/kEfdk9fnwbyQ7THPxbBJecaR144q2+u/VAQwM lzR+OIHiTx95HJVm30xjgCoqu3nQvVodUbSPUEEAuc5oDna15qt+4QT7slSizFZq5/9Q 6P5A== MIME-Version: 1.0 Received: by 10.220.218.208 with SMTP id hr16mr18596vcb.49.1336002781583; Wed, 02 May 2012 16:53:01 -0700 (PDT) Received: by 10.52.66.239 with HTTP; Wed, 2 May 2012 16:53:01 -0700 (PDT) In-Reply-To: <20120502232751.GB50127@in-addr.com> References: <201205022201.50506.matt@chronos.org.uk> <201205022345.27904.matt@chronos.org.uk> <20120502232751.GB50127@in-addr.com> Date: Wed, 2 May 2012 19:53:01 -0400 Message-ID: From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2012 23:53:03 -0000 On Wed, May 2, 2012 at 7:27 PM, Gary Palmer wrote: > On Wed, May 02, 2012 at 11:45:27PM +0100, Matt Dawson wrote: >> On Wednesday 02 May 2012 23:14:41 Mark Felder wrote: >> > Why go out of your way and use mod_gnutls? >> >> Because it supports TLSv1.[1|2], which was the PP's question, whereas >> OpenSSL doesn't and doesn't show any signs of doing so in the near >> future: >> >> https://www.openssl.org/support/funding/wishlist.html >> >> Note well the "If and when." >> >> IE might be the only client with support for those protocols right now >> but somebody has to lead the way on the server side or you end up with >> a mutual apathy loop (AKA positive can't be arsed feedback loop). > > Their website is out of date. =A0This is from CHANGES in OpenSSL 1.01a: > > =A0Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1: > > =A0 =A0 =A0o TLS/DTLS heartbeat support. > =A0 =A0 =A0o SCTP support. > =A0 =A0 =A0o RFC 5705 TLS key material exporter. > =A0 =A0 =A0o RFC 5764 DTLS-SRTP negotiation. > =A0 =A0 =A0o Next Protocol Negotiation. > =A0 =A0 =A0o PSS signatures in certificates, requests and CRLs. > =A0 =A0 =A0o Support for password based recipient info for CMS. > =A0 =A0 =A0o Support TLS v1.2 and TLS v1.1. > =A0 =A0 =A0o Preliminary FIPS capability for unvalidated 2.0 FIPS module. > =A0 =A0 =A0o SRP support. > > Note the 3rd last bullet point. Another reason to update the version in FreeBSD to 1.0.1b. From owner-freebsd-security@FreeBSD.ORG Thu May 3 08:32:08 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C93A7106566B for ; Thu, 3 May 2012 08:32:08 +0000 (UTC) (envelope-from matt@chronos.org.uk) Received: from chronos.org.uk (chronos-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:12b::2]) by mx1.freebsd.org (Postfix) with ESMTP id 1AD0C8FC15 for ; Thu, 3 May 2012 08:32:07 +0000 (UTC) Received: from workstation1.localnet (workstation1.local.chronos.org.uk [IPv6:2001:470:1f09:12b::20]) (authenticated bits=0) by chronos.org.uk (8.14.5/8.14.5) with ESMTP id q438W4bS041242 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 May 2012 09:32:04 +0100 (BST) (envelope-from matt@chronos.org.uk) X-DKIM: OpenDKIM Filter v2.5.2 chronos.org.uk q438W4bS041242 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=chronos.org.uk; s=mail; t=1336033924; bh=aZ1bwGMtZdC65BI47opzhKBz1D0l9UUy4aeOqkU6ypE=; h=From:To:Subject:Date:References:In-Reply-To; b=Hk/wB6JH+dfmT3L5y0K7Ram+vvmp2MaxaYTgdg7ShYg6zkVQUm68A6gC+LtA3pbf6 M0IYlqO+F6MxkAw4reIObZp7U3JOniOMZc8vQ+qHsIwi39SQhNhV6hgr7eu3E0+7hO 0lYH5cBDEXKQts1i1iz3QmCxFs23R5MjdPZ5QMvM= From: Matt Dawson To: freebsd-security@freebsd.org Date: Thu, 3 May 2012 09:32:01 +0100 User-Agent: KMail/1.13.7 (FreeBSD/9.0-RELEASE; KDE/4.7.4; amd64; ; ) References: <201205022345.27904.matt@chronos.org.uk> <20120502232751.GB50127@in-addr.com> In-Reply-To: <20120502232751.GB50127@in-addr.com> X-Face: -a*{KS?gYyH>pt=1?H+(>B2Z'>b6WxX:^O@+VaMV>l\tOh@[x`#&AHSdl`m<-EEhk=1%t9iRthI|; ~8)mN@qxJ}x5l:zhDO( =?iso-8859-1?q?=2Eas=0A?= NeO!\oL7huHfsoF'I5,0G+Yo[G-G"FG,l`QJ$IgwH/[\a]vRH^'=`; cY+*_{Or` MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201205030932.03361.matt@chronos.org.uk> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (chronos.org.uk [IPv6:2001:470:1f09:12b::1]); Thu, 03 May 2012 09:32:04 +0100 (BST) X-Spam-Status: No, score=-100.0 required=3.0 tests=BAYES_00, DATE_IN_FUTURE_24_48,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_PASS, T_RP_MATCHES_RCVD,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on central.local.chronos.org.uk Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2012 08:32:08 -0000 On Thursday 03 May 2012 00:27:51 Gary Palmer wrote: > Their website is out of date. As its primary public-facing information portal, I'm tempted to say that's an important priority to get right. Yes, volunteer project, etc, but the BSD way of doing things is to choose the tool for the job. All the visible information available at the time said OpenSSL wasn't it. I'm still wondering (and will read the blessed changelog this time) if mod_ssl is at this point since it'll need to expose the new functionality to httpd. > This is from CHANGES in OpenSSL > 1.01a: > > Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1: > > o TLS/DTLS heartbeat support. > o SCTP support. > o RFC 5705 TLS key material exporter. > o RFC 5764 DTLS-SRTP negotiation. > o Next Protocol Negotiation. > o PSS signatures in certificates, requests and CRLs. > o Support for password based recipient info for CMS. > o Support TLS v1.2 and TLS v1.1. > o Preliminary FIPS capability for unvalidated 2.0 FIPS > module. o SRP support. > > Note the 3rd last bullet point. Again, an important piece of news to be hidden in a changelog. Although I made an arse of myself by not knowing that, it could be a little clearer. Thanks for the correction. -- Matt Dawson GW0VNR MTD15-RIPE From owner-freebsd-security@FreeBSD.ORG Thu May 3 13:41:03 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6377E106564A for ; Thu, 3 May 2012 13:41:03 +0000 (UTC) (envelope-from feld@feld.me) Received: from feld.me (unknown [IPv6:2607:f4e0:100:300::2]) by mx1.freebsd.org (Postfix) with ESMTP id 2B9638FC16 for ; Thu, 3 May 2012 13:41:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=feld.me; s=blargle; h=In-Reply-To:Message-Id:From:Mime-Version:Date:References:Subject:To:Content-Type; bh=t27UAmYQwD+28Ms0wTteMf1pl4jzHH4ylncSRrvpSGY=; b=qZ1NdjIiihSqLcOY9dA9rxG4aFdyLx/+7YgtDjxn7cQl1qpBjtXu/PsjUCP8MYj1hA0u7jOpl+cUf/BazzYBpxwOSeBclXEINWkvE5VkCYeJ3BeY3QEgc+nfOmDuxbm8; Received: from localhost ([127.0.0.1] helo=mwi1.coffeenet.org) by feld.me with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1SPwH9-0005An-5h for freebsd-security@freebsd.org; Thu, 03 May 2012 08:41:01 -0500 Received: from feld@feld.me by mwi1.coffeenet.org (Archiveopteryx 3.1.4) with esmtpa id 1336052449-30163-30162/5/48; Thu, 3 May 2012 13:40:49 +0000 Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes To: freebsd-security@freebsd.org References: <201205022201.50506.matt@chronos.org.uk> <201205022345.27904.matt@chronos.org.uk> Date: Thu, 3 May 2012 08:40:49 -0500 Mime-Version: 1.0 From: Mark Felder Message-Id: In-Reply-To: <201205022345.27904.matt@chronos.org.uk> User-Agent: Opera Mail/11.62 (FreeBSD) X-SA-Score: -1.5 Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2012 13:41:03 -0000 On Wed, 02 May 2012 17:45:27 -0500, Matt Dawson wrote: > > IE might be the only client with support for those protocols right now > but somebody has to lead the way on the server side or you end up with > a mutual apathy loop (AKA positive can't be arsed feedback loop). Actually Opera is the only browser on the market that supports TLS 1.2, unless Firefox or Chrome added support within the last 6 months. I doubt it though because FF and Chrome tend to use already existing open source infrastructure and Opera forged ahead and wrote their own TLS 1.2 code. From owner-freebsd-security@FreeBSD.ORG Thu May 3 13:52:39 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AEB27106566C for ; Thu, 3 May 2012 13:52:39 +0000 (UTC) (envelope-from matt@chronos.org.uk) Received: from chronos.org.uk (chronos-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:12b::2]) by mx1.freebsd.org (Postfix) with ESMTP id 1F1A28FC14 for ; Thu, 3 May 2012 13:52:38 +0000 (UTC) Received: from workstation1.localnet (workstation1.local.chronos.org.uk [IPv6:2001:470:1f09:12b::20]) (authenticated bits=0) by chronos.org.uk (8.14.5/8.14.5) with ESMTP id q43Dqa2C012208 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 3 May 2012 14:52:36 +0100 (BST) (envelope-from matt@chronos.org.uk) X-DKIM: OpenDKIM Filter v2.5.2 chronos.org.uk q43Dqa2C012208 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=chronos.org.uk; s=mail; t=1336053156; bh=nNqG1zxQzH61PqMVR3gX43mLAFsXTNjURyn0EL8lkwA=; h=From:To:Subject:Date:References:In-Reply-To; b=Q3WLmtvLqPRJ4hcMfXfgdLURzOl576tUedhwYryfDmJDRoVzXEsbMMp6tFnxLTcte 6zsD0mS7Se5GgyqzW3zcixTtLN/ilyQV88nfgqQiVJdiA7wAna0khWaEsNTe8PIotR KcoI8UVfKVRkgD9/A9OVl16jLunIE2XyKAN7FFoc= From: Matt Dawson To: freebsd-security@freebsd.org Date: Thu, 3 May 2012 14:52:34 +0100 User-Agent: KMail/1.13.7 (FreeBSD/9.0-RELEASE; KDE/4.7.4; amd64; ; ) References: <201205022345.27904.matt@chronos.org.uk> In-Reply-To: X-Face: -a*{KS?gYyH>pt=1?H+(>B2Z'>b6WxX:^O@+VaMV>l\tOh@[x`#&AHSdl`m<-EEhk=1%t9iRthI|; ~8)mN@qxJ}x5l:zhDO( =?utf-8?q?=2Eas=0A?= NeO!\oL7huHfsoF'I5,0G+Yo[G-G"FG,l`QJ$IgwH/[\a]vRH^'=`; cY+*_{Or` MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201205031452.35653.matt@chronos.org.uk> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (chronos.org.uk [IPv6:2001:470:1f09:12b::1]); Thu, 03 May 2012 14:52:36 +0100 (BST) X-Spam-Status: No, score=-99.8 required=3.0 tests=BAYES_00, DATE_IN_FUTURE_48_96,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_PASS, T_RP_MATCHES_RCVD,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on central.local.chronos.org.uk Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2012 13:52:39 -0000 On Thursday 03 May 2012 14:40:49 Mark Felder wrote: > Actually Opera is the only browser on the market that supports TLS > 1.2 No, IE on Windows 7 supports TLS 1.2, just not out of the box as I said. http://technet.microsoft.com/en-us/library/dd560644%28v=WS.10%29.aspx -- Matt Dawson GW0VNR MTD15-RIPE From owner-freebsd-security@FreeBSD.ORG Thu May 3 15:21:25 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C0DC8106566C for ; Thu, 3 May 2012 15:21:25 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id 7A9298FC12 for ; Thu, 3 May 2012 15:21:25 +0000 (UTC) Received: by vbmv11 with SMTP id v11so1810477vbm.13 for ; Thu, 03 May 2012 08:21:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=WwJ4e0ezZSPAfFCW7AIePR+UiosfG29+r9itKJNZEwk=; b=ywZ2bsYbaEBQdc6hsNF/ipUq+PWvGLo2GHiJPjSdCIRL/yS3GDMqSFoVk3SK5fVsL7 +Y9K4TibaCF0F20wsthDbB0H24YcrTVdOCahovcICURZ0zzRy/rWjQaoIOV9xsBkKWvi E4NKYQhk+63unJ2svGS3WIoHVwmQn01iim8w24FQ6h2asJU7sYykzqLsVCgIs9QFuY+x FXoEz9AcltpzzrLdU7tmii25fbLCwij+UQ3DceTOIkqSwVGQIV6SR6M0qom1KJn5+MDq KzysC9H4tb6AA1R/YqfvqzFkiHqBKTpVmyTL2CgD/cl7uKF/piW0fDPjEraS4yvAE0xE 3XoQ== MIME-Version: 1.0 Received: by 10.220.150.205 with SMTP id z13mr820303vcv.19.1336058484856; Thu, 03 May 2012 08:21:24 -0700 (PDT) Received: by 10.52.66.239 with HTTP; Thu, 3 May 2012 08:21:24 -0700 (PDT) In-Reply-To: References: <201205022201.50506.matt@chronos.org.uk> <201205022345.27904.matt@chronos.org.uk> Date: Thu, 3 May 2012 11:21:24 -0400 Message-ID: From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2012 15:21:25 -0000 On Thu, May 3, 2012 at 9:40 AM, Mark Felder wrote: > On Wed, 02 May 2012 17:45:27 -0500, Matt Dawson wrote: > >> >> IE might be the only client with support for those protocols right now >> but somebody has to lead the way on the server side or you end up with >> a mutual apathy loop (AKA positive can't be arsed feedback loop). > > > Actually Opera is the only browser on the market that supports TLS 1.2, > unless Firefox or Chrome added support within the last 6 months. I doubt it > though because FF and Chrome tend to use already existing open source > infrastructure and Opera forged ahead and wrote their own TLS 1.2 code. TLS 1.1 and 1.2 support are at different stages as far as Firefox is concerned. Actually, the implementation is in the nss library specifically. Once this is finished, unless I'm way off the mark, both Chrome/Chromium and Firefox will both support whatever the nss library supports. There are two bugs open, and it looks like 1.1 is making recent progress, and 1.2 is basically flooded with the usual "Hey, when is this happening" comments rather than patches: TLS 1.1: https://bugzilla.mozilla.org/show_bug.cgi?id=565047 TLS 1.2: https://bugzilla.mozilla.org/show_bug.cgi?id=480514 From owner-freebsd-security@FreeBSD.ORG Thu May 3 16:01:16 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 61641106568D; Thu, 3 May 2012 16:01:16 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 478AD8FC15; Thu, 3 May 2012 16:01:16 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q43G1GF4070204; Thu, 3 May 2012 16:01:16 GMT (envelope-from security-advisories@freebsd.org) Received: (from bz@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q43G1GRR070201; Thu, 3 May 2012 16:01:16 GMT (envelope-from security-advisories@freebsd.org) Date: Thu, 3 May 2012 16:01:16 GMT Message-Id: <201205031601.q43G1GRR070201@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: bz set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-12:01.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: freebsd-security@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2012 16:01:16 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:01.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2012-05-03 Credits: Adam Langley, George Kadianakis, Ben Laurie, Ivan Nestlerode, Tavis Ormandy Affects: All supported versions of FreeBSD. Corrected: 2012-05-03 15:25:11 UTC (RELENG_7, 7.4-STABLE) 2012-05-03 15:25:11 UTC (RELENG_7_4, 7.4-RELEASE-p7) 2012-05-03 15:25:11 UTC (RELENG_8, 8.3-STABLE) 2012-05-03 15:25:11 UTC (RELENG_8_3, 8.3-RELEASE-p1) 2012-05-03 15:25:11 UTC (RELENG_8_2, 8.2-RELEASE-p7) 2012-05-03 15:25:11 UTC (RELENG_8_1, 8.1-RELEASE-p9) 2012-05-03 15:25:11 UTC (RELENG_9, 9.0-STABLE) 2012-05-03 15:25:11 UTC (RELENG_9_0, 9.0-RELEASE-p1) CVE Name: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109, CVE-2012-0884, CVE-2012-2110 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. Problem Description OpenSSL failes to clear the bytes used as block cipher padding in SSL 3.0 records when operating as a client or a server that accept SSL 3.0 handshakes. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory. [CVE-2011-4576] OpenSSL support for handshake restarts for server gated cryptograpy (SGC) can be used in a denial-of-service attack. [CVE-2011-4619] If an application uses OpenSSL's certificate policy checking when verifying X509 certificates, by enabling the X509_V_FLAG_POLICY_CHECK flag, a policy check failure can lead to a double-free. [CVE-2011-4109] A weakness in the OpenSSL PKCS #7 code can be exploited using Bleichenbacher's attack on PKCS #1 v1.5 RSA padding also known as the million message attack (MMA). [CVE-2012-0884] The asn1_d2i_read_bio() function, used by the d2i_*_bio and d2i_*_fp functions, in OpenSSL contains multiple integer errors that can cause memory corruption when parsing encoded ASN.1 data. This error can occur on systems that parse untrusted ASN.1 data, such as X.509 certificates or RSA public keys. [CVE-2012-2110] III. Impact Sensitive contents of the previously freed memory can be exposed when communicating with a SSL 3.0 peer. However, FreeBSD OpenSSL version does not support SSL_MODE_RELEASE_BUFFERS SSL mode and therefore have a single write buffer per connection. That write buffer is partially filled with non-sensitive, handshake data at the beginning of the connection and, thereafter, only records which are longer than any previously sent record leak any non-encrypted data. This, combined with the small number of bytes leaked per record, serves to limit to severity of this issue. [CVE-2011-4576] Denial of service can be caused in the OpenSSL server application supporting server gated cryptograpy by performing multiple handshake restarts. [CVE-2011-4619] The double-free, when an application performs X509 certificate policy checking, can lead to denial of service in that application. [CVE-2011-4109] A weakness in the OpenSSL PKCS #7 code can lead to a successful Bleichenbacher attack. Only users of PKCS #7 decryption operations are affected. A successful attack needs on average 2^20 messages. In practice only automated systems will be affected as humans will not be willing to process this many messages. SSL/TLS applications are not affected. [CVE-2012-0884] The vulnerability in the asn1_d2i_read_bio() OpenSSL function can lead to a potentially exploitable attack via buffer overflow. The SSL/TLS code in OpenSSL is not affected by this issue, nor are applications using the memory based ASN.1 functions. There are no applications in FreeBSD base system affected by this issue, though some 3rd party consumers of these functions might be vulnerable when processing untrusted ASN.1 data. [CVE-2012-2110] IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 7-STABLE, 8-STABLE or 9-STABLE, or to the RELENG_7_4, RELENG_8_3, RELENG_8_2, RELENG_8_1, RELENG_9_0 security branch dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to FreeBSD 7.4, 8.3, 8.2, 8.1, and 9.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-12:01/openssl.patch # fetch http://security.FreeBSD.org/patches/SA-12:01/openssl.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system as described in and reboot the system. NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code. 3) To update your vulnerable system via a binary patch: Systems running 7.4-RELEASE, 8.3-RELEASE, 8.2-RELEASE, 8.1-RELEASE or 9.0-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - - ------------------------------------------------------------------------- RELENG_7 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.2.2 src/crypto/openssl/crypto/mem.c 1.1.1.8.2.2 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.1.1.1.2.2 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.1.1.2.2.2 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.2.1 src/crypto/openssl/crypto/buffer/buffer.c 1.1.1.4.2.2 src/crypto/openssl/ssl/ssl_err.c 1.1.1.11.2.3 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.7 src/crypto/openssl/ssl/ssl.h 1.1.1.16.2.3 src/crypto/openssl/ssl/s3_enc.c 1.1.1.13.2.2 src/crypto/openssl/ssl/ssl3.h 1.1.1.6.2.2 RELENG_7_4 src/UPDATING 1.507.2.36.2.9 src/sys/conf/newvers.sh 1.72.2.18.2.12 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.2.1.2.1 src/crypto/openssl/crypto/mem.c 1.1.1.8.2.1.2.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.1.1.1.2.1.2.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.1.1.2.2.1.2.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.20.1 src/crypto/openssl/crypto/buffer/buffer.c 1.1.1.4.2.1.2.1 src/crypto/openssl/ssl/ssl_err.c 1.1.1.11.2.2.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.5.2.1 src/crypto/openssl/ssl/ssl.h 1.1.1.16.2.2.2.1 src/crypto/openssl/ssl/s3_enc.c 1.1.1.13.2.1.2.1 src/crypto/openssl/ssl/ssl3.h 1.1.1.6.2.1.2.1 RELENG_8 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.10.2 src/crypto/openssl/crypto/mem.c 1.2.2.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.2.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.2 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.10.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.2.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.2 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.5 src/crypto/openssl/ssl/ssl.h 1.2.2.2 src/crypto/openssl/ssl/s3_enc.c 1.2.2.2 src/crypto/openssl/ssl/ssl3.h 1.2.2.2 RELENG_8_3 src/UPDATING 1.632.2.26.2.3 src/sys/conf/newvers.sh 1.83.2.15.2.5 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.10.1.4.1 src/crypto/openssl/crypto/mem.c 1.2.14.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.14.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.1.6.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.26.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.14.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.1.6.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.4.2.1 src/crypto/openssl/ssl/ssl.h 1.2.2.1.6.1 src/crypto/openssl/ssl/s3_enc.c 1.2.2.1.4.1 src/crypto/openssl/ssl/ssl3.h 1.2.2.1.6.1 RELENG_8_2 src/UPDATING 1.632.2.19.2.9 src/sys/conf/newvers.sh 1.83.2.12.2.12 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.10.1.2.1 src/crypto/openssl/crypto/mem.c 1.2.8.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.8.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.1.4.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.18.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.8.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.1.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.3.2.1 src/crypto/openssl/ssl/ssl.h 1.2.2.1.4.1 src/crypto/openssl/ssl/s3_enc.c 1.2.2.1.2.1 src/crypto/openssl/ssl/ssl3.h 1.2.2.1.4.1 RELENG_8_1 src/UPDATING 1.632.2.14.2.12 src/sys/conf/newvers.sh 1.83.2.10.2.13 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.1.1.13.16.1 src/crypto/openssl/crypto/mem.c 1.2.6.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.6.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.2.2.1.2.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.16.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.6.1 src/crypto/openssl/ssl/ssl_err.c 1.2.2.1.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.3.2.2.2.1 src/crypto/openssl/ssl/ssl.h 1.2.2.1.2.1 src/crypto/openssl/ssl/s3_enc.c 1.2.6.1 src/crypto/openssl/ssl/ssl3.h 1.2.2.1.2.1 RELENG_9 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.2.2.1 src/crypto/openssl/crypto/mem.c 1.2.10.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.10.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.3.2.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.22.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.10.1 src/crypto/openssl/ssl/ssl_err.c 1.3.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.7.2.1 src/crypto/openssl/ssl/ssl.h 1.3.2.1 src/crypto/openssl/ssl/s3_enc.c 1.3.2.1 src/crypto/openssl/ssl/ssl3.h 1.3.2.1 RELENG_9_0 src/UPDATING 1.702.2.4.2.3 src/sys/conf/newvers.sh 1.95.2.4.2.5 src/crypto/openssl/crypto/pkcs7/pk7_doit.c 1.2.4.1 src/crypto/openssl/crypto/mem.c 1.2.12.1 src/crypto/openssl/crypto/x509v3/pcy_map.c 1.2.12.1 src/crypto/openssl/crypto/x509v3/pcy_tree.c 1.3.4.1 src/crypto/openssl/crypto/asn1/a_d2i_fp.c 1.1.1.3.24.1 src/crypto/openssl/crypto/buffer/buffer.c 1.2.12.1 src/crypto/openssl/ssl/ssl_err.c 1.3.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.7.4.1 src/crypto/openssl/ssl/ssl.h 1.3.4.1 src/crypto/openssl/ssl/s3_enc.c 1.3.4.1 src/crypto/openssl/ssl/ssl3.h 1.3.4.1 - - ------------------------------------------------------------------------- Subversion: Branch/path Revision - - ------------------------------------------------------------------------- stable/7/ r234954 releng/7.4/ r234954 stable/8/ r234954 releng/8.3/ r234954 releng/8.2/ r234954 releng/8.1/ r234954 stable/9/ r234954 releng/9.0/ r234954 - - ------------------------------------------------------------------------- VII. References http://www.openssl.org/news/secadv_20120419.txt http://www.openssl.org/news/secadv_20120312.txt http://www.openssl.org/news/secadv_20120104.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 http://lists.openwall.net/full-disclosure/2012/04/19/4 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-12:01.openssl.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (FreeBSD) iEYEARECAAYFAk+ipzUACgkQFdaIBMps37I7pACeI7zZ21vj+6AVz5+15OP4foXm N1IAn2rMThkptUz62e0QDCv3tJKW6N9i =ko2h -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu May 3 16:24:42 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 86EB71065672 for ; Thu, 3 May 2012 16:24:42 +0000 (UTC) (envelope-from feld@feld.me) Received: from feld.me (unknown [IPv6:2607:f4e0:100:300::2]) by mx1.freebsd.org (Postfix) with ESMTP id 38C788FC22 for ; Thu, 3 May 2012 16:24:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=feld.me; s=blargle; h=In-Reply-To:Message-Id:From:Mime-Version:Date:References:Subject:To:Content-Type; bh=fdeG68NQRNB+ykt2ho+T0MvuEGIfST75LRPyo++rf18=; b=U6omuhnBcrdVhp6ahupu1P4ktySLIiIgvh2Uur37ZkvMI72HMHLBOVTeV/+DOTEzxPDnrKO8wCEyYnONLGsMfKfUZckIBpeU1zW309OeSsUdqCjVMQeY+imwhuSAP8M0; Received: from localhost ([127.0.0.1] helo=mwi1.coffeenet.org) by feld.me with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1SPypX-000AL2-HE for freebsd-security@freebsd.org; Thu, 03 May 2012 11:24:40 -0500 Received: from feld@feld.me by mwi1.coffeenet.org (Archiveopteryx 3.1.4) with esmtpa id 1336062269-30163-30162/5/49; Thu, 3 May 2012 16:24:29 +0000 Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes To: freebsd-security@freebsd.org References: <201205022201.50506.matt@chronos.org.uk> <201205022345.27904.matt@chronos.org.uk> Date: Thu, 3 May 2012 11:24:28 -0500 Mime-Version: 1.0 From: Mark Felder Message-Id: In-Reply-To: User-Agent: Opera Mail/11.62 (FreeBSD) X-SA-Score: -1.5 Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2012 16:24:42 -0000 On Thu, 03 May 2012 10:21:24 -0500, Robert Simmons wrote: > TLS 1.1: > https://bugzilla.mozilla.org/show_bug.cgi?id=565047 > TLS 1.2: > https://bugzilla.mozilla.org/show_bug.cgi?id=480514 Cool, thanks for the followup! From owner-freebsd-security@FreeBSD.ORG Thu May 3 19:29:33 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 63A8D106566C for ; Thu, 3 May 2012 19:29:33 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id 124F38FC14 for ; Thu, 3 May 2012 19:29:32 +0000 (UTC) Received: by vbmv11 with SMTP id v11so2066160vbm.13 for ; Thu, 03 May 2012 12:29:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=wuFSIV1rJhlfAn+LyyYEiqV65SKhlhyiJ1Wlu17YVrU=; b=Hj+H8KoUYN3Fu8qx3n135gBLPngtj+0HCF6KpFPVKOqemTJaKv+i7ISosFrbwRoqQN H1S52smLwY7EXdlWCw4jQ8a6ja6znny1wDrET2FsLH1NILKA5F/z6uW/GNEcRpbSCuxX j32U9j5ouyV9hfBxy/KbKhSps1IvwH1itkIVoDluzOCwehaDz8+9oeJS8AIYNEfVk5mu SgYVbpIKUOeKw4XYQBW0rPcJhMQ+FPqxDj9HbBLNoZJyTUJ1j/pg/k7TUJ91e/Anm3/K hBB2TuueYXuFebSvxeTKqU1T0M2+Rp9zdBUmt6Cu7oBrS6Wq856Ek9JV0CIcSoYUqYJU eDSg== MIME-Version: 1.0 Received: by 10.52.95.147 with SMTP id dk19mr471357vdb.106.1336063569301; Thu, 03 May 2012 09:46:09 -0700 (PDT) Received: by 10.52.66.239 with HTTP; Thu, 3 May 2012 09:46:09 -0700 (PDT) In-Reply-To: References: <201205022201.50506.matt@chronos.org.uk> <201205022345.27904.matt@chronos.org.uk> Date: Thu, 3 May 2012 12:46:09 -0400 Message-ID: From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: OpenSSL and Heimdal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2012 19:29:33 -0000 On Thu, May 3, 2012 at 12:24 PM, Mark Felder wrote: > On Thu, 03 May 2012 10:21:24 -0500, Robert Simmons > wrote: > >> TLS 1.1: >> https://bugzilla.mozilla.org/show_bug.cgi?id=565047 >> TLS 1.2: >> https://bugzilla.mozilla.org/show_bug.cgi?id=480514 > > > > Cool, thanks for the followup! It looks like 50% of my original question was just answered: http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc