Date: Sat, 30 Jan 2016 06:33:43 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r48116 - in head/share: security/advisories security/patches/SA-16:11 xml Message-ID: <201601300633.u0U6XhON010494@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Sat Jan 30 06:33:43 2016 New Revision: 48116 URL: https://svnweb.freebsd.org/changeset/doc/48116 Log: Add SA-16:11. Added: head/share/security/advisories/FreeBSD-SA-16:11.openssl.asc (contents, props changed) head/share/security/patches/SA-16:11/ head/share/security/patches/SA-16:11/openssl-10.1.patch (contents, props changed) head/share/security/patches/SA-16:11/openssl-10.1.patch.asc (contents, props changed) head/share/security/patches/SA-16:11/openssl-10.2.patch (contents, props changed) head/share/security/patches/SA-16:11/openssl-10.2.patch.asc (contents, props changed) head/share/security/patches/SA-16:11/openssl-9.3.patch (contents, props changed) head/share/security/patches/SA-16:11/openssl-9.3.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml Added: head/share/security/advisories/FreeBSD-SA-16:11.openssl.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-16:11.openssl.asc Sat Jan 30 06:33:43 2016 (r48116) @@ -0,0 +1,159 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-16:11.openssl Security Advisory + The FreeBSD Project + +Topic: OpenSSL SSLv2 ciphersuite downgrade vulnerability + +Category: contrib +Module: openssl +Announced: 2016-01-30 +Affects: All supported versions of FreeBSD. +Corrected: 2016-01-28 21:42:10 UTC (stable/10, 10.2-STABLE) + 2016-01-30 06:12:03 UTC (releng/10.2, 10.2-RELEASE-p12) + 2016-01-30 06:12:03 UTC (releng/10.1, 10.1-RELEASE-p29) + 2016-01-30 06:09:38 UTC (stable/9, 9.3-STABLE) + 2016-01-30 06:12:03 UTC (releng/9.3, 9.3-RELEASE-p36) +CVE Name: CVE-2015-3197 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit <URL:https://security.FreeBSD.org/>. + +I. Background + +FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is +a collaborative effort to develop a robust, commercial-grade, full-featured +Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) +and Transport Layer Security (TLS v1) protocols as well as a full-strength +general purpose cryptography library. + +II. Problem Description + +A malicious client can negotiate SSLv2 ciphers that have been disabled on +the server and complete SSLv2 handshakes even if all SSLv2 ciphers have +been disabled, provided that the SSLv2 protocol was not also disabled via +SSL_OP_NO_SSLv2. + +III. Impact + +An active MITM attacker may be able to force a protocol downgrade to SSLv2, +which is a flawed protocol and intercept the communication between client +and server. + +IV. Workaround + +No workaround is available, but only applications that do not explicitly +disable SSLv2 are affected. + +To determine if a server have SSLv2 enabled, a system administrator can +use the following command: + +% openssl s_client -ssl2 -connect <host>:<port> </dev/null 2>&1 | grep DONE + +which will print "DONE" if and only if SSLv2 is enabled. Note that this +check will not work for services that uses STARTTLS or DTLS. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +Restart all deamons using the library, or reboot the system. + +2) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 10.2] +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.2.patch +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.2.patch.asc +# gpg --verify openssl-10.2.patch.asc + +[FreeBSD 10.1] +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.1.patch +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.1.patch.asc +# gpg --verify openssl-10.1.patch.asc + +[FreeBSD 9.3] +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-9.3.patch +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-9.3.patch.asc +# gpg --verify openssl-9.3.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. + +Restart all deamons using the library, or reboot the system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/9/ r295060 +releng/9.3/ r295061 +stable/10/ r295016 +releng/10.1/ r295061 +releng/10.2/ r295061 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>; + +VII. References + +<URL:https://www.openssl.org/news/secadv/20160128.txt>; + +<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3197>; + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:11.openssl.asc>; +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAEBCgAGBQJWrFhQAAoJEO1n7NZdz2rnzcwQAJJQvYkvHuVHHBHCuV576ceJ +39Ry8ooGsNquyThUndbDYOV+Vhpj62XEnI+PXUgZPKENglnf+rRu0CWfCs1SqFQE +EGOSsiXmBFyvJ8AMoQfiBdCoNRCBafqhY637IG8FU7WSpg8vYJO3bGCLmsgVbeoz +V2kHmUtGUNSgksvOjo2O6ezc6rYc5jPrpB11mUZ8xFoBE9YhLNRpfttCajKAYy+9 +t7S3tuGnleWWmnLdFj0jNJXjg38h9gG18L4kr+z/mFFWKYmFNdKuoXlpseMFD7pb +LP7RipHDh0WQqtVOQtyu0x6BuijiuIlByadcHZO1MfDNXnu1UR5OEESs0EYElh8O +6mR/i3MZ1m9DoIoRcR1eCNQN2NiWV4tVCflSTi2pUl3TTCBpYn+THMi17c4IzTNA +kaMR7AUeXgJVAntfmAx4mdqdjTam2EfCNRoMS3WdfVCD8cZQDewxFmEY2FbHUzix +WUBVTUzx2BTUQO7PKJ6UdEiojetJ+OmwlaAb8WfGQTypANKUfMcyXzfmtmM4dgJg +NjNIUxA9T3unmWUg5nh7CACJVWcykyM1ORLqFTrrxAlIz3d1gPI2kqGiMGtEMbzI +A42xSFfHVvUJ6MzXe98Sf6cDWs98qQBTLDxHo5COpq6zV4AFDqlvdyzcJ/SQTAfq +tsPAVgWspt40dxnRQfku +=DN5y +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-16:11/openssl-10.1.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-16:11/openssl-10.1.patch Sat Jan 30 06:33:43 2016 (r48116) @@ -0,0 +1,43 @@ +Index: crypto/openssl/ssl/s2_srvr.c +=================================================================== +--- crypto/openssl/ssl/s2_srvr.c (revision 294905) ++++ crypto/openssl/ssl/s2_srvr.c (working copy) +@@ -400,7 +400,7 @@ static int get_client_master_key(SSL *s) + } + + cp=ssl2_get_cipher_by_char(p); +- if (cp == NULL) ++ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); +@@ -698,9 +698,12 @@ static int get_client_hello(SSL *s) + prio = cs; + allow = cl; + } +- for (z=0; z<sk_SSL_CIPHER_num(prio); z++) ++ /* Generate list of SSLv2 ciphers shared between client and server */ ++ for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) + { +- if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0) ++ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); ++ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 || ++ sk_SSL_CIPHER_find(allow, cp) < 0) + { + (void)sk_SSL_CIPHER_delete(prio,z); + z--; +@@ -711,6 +714,14 @@ static int get_client_hello(SSL *s) + sk_SSL_CIPHER_free(s->session->ciphers); + s->session->ciphers = prio; + } ++ ++ /* Make sure we have at least one cipher in common */ ++ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) ++ { ++ ssl2_return_error(s, SSL2_PE_NO_CIPHER); ++ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); ++ return -1; ++ } + /* s->session->ciphers should now have a list of + * ciphers that are on both the client and server. + * This list is ordered by the order the client sent Added: head/share/security/patches/SA-16:11/openssl-10.1.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-16:11/openssl-10.1.patch.asc Sat Jan 30 06:33:43 2016 (r48116) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAABCgAGBQJWrFhgAAoJEO1n7NZdz2rnrYUQAJcK0DBwDfvVysKdQBmryikB +iNjcbriE3X/secGwz2DnN38LoeXS1dP9N0Zk07KWaWi516PpQq1bHLxvomlvcxhw +m98/Vmwv/MAK6g8AxEeVoXP8A2dCYeVGu8AWmfp9wwum1Kl9vGmm4UE3McPC3a59 +9mqJ1U+icn72EasyZMGNc8WnwZleuievXYxUkFJwQ32urbMgnIk/XkNT9ULpWjiH +omgu4C4IXKyb/zer0AW5xfQ2WbMqmxD93R4ApcM79+wxCtHFK+CxFeX7Xc8BXAXn +SEn69KggtFCYCXnsIdAE42IK28c3iw7MoeHPSZAYUf8SJ3x99NvXvdfPairLz6X1 +kjaAbbi2ycZRJBdBWTiSqYrtW3tSPGz+LtutbctcOjB6EsZMbbOZWKZYwAD2d1vi +httOrSpgd15Jqkhh6xYoK5qmk4rDUMe8MbaSmYH0rmjB/79VxBSneocwWnYpbsUO +m6Zrg1EpKfoIGcXYeanRHZqobeR+0uhi3oX/dBOUmxycWEMlALxboVJ7DU/q+AXE +Fq7+H8wkATvMXaJtlRWmKV34ShfmIqTEceNLJMDHFqb/j/yUNKrA3pjfqgkoYflf +IHrG1v61haJNREs2hx1fTWWy315ua9pwOHrpR9eYNiOwh3b4MbKdA9QErYZLMyuM +gt45GgReqbU50ikXipnp +=voQ/ +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-16:11/openssl-10.2.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-16:11/openssl-10.2.patch Sat Jan 30 06:33:43 2016 (r48116) @@ -0,0 +1,41 @@ +Index: crypto/openssl/ssl/s2_srvr.c +=================================================================== +--- crypto/openssl/ssl/s2_srvr.c (revision 294905) ++++ crypto/openssl/ssl/s2_srvr.c (working copy) +@@ -402,7 +402,7 @@ static int get_client_master_key(SSL *s) + } + + cp = ssl2_get_cipher_by_char(p); +- if (cp == NULL) { ++ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) { + ssl2_return_error(s, SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); + return (-1); +@@ -687,8 +687,12 @@ static int get_client_hello(SSL *s) + prio = cs; + allow = cl; + } ++ ++ /* Generate list of SSLv2 ciphers shared between client and server */ + for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) { +- if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) { ++ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); ++ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 || ++ sk_SSL_CIPHER_find(allow, cp) < 0) { + (void)sk_SSL_CIPHER_delete(prio, z); + z--; + } +@@ -697,6 +701,13 @@ static int get_client_hello(SSL *s) + sk_SSL_CIPHER_free(s->session->ciphers); + s->session->ciphers = prio; + } ++ ++ /* Make sure we have at least one cipher in common */ ++ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) { ++ ssl2_return_error(s, SSL2_PE_NO_CIPHER); ++ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); ++ return -1; ++ } + /* + * s->session->ciphers should now have a list of ciphers that are on + * both the client and server. This list is ordered by the order the Added: head/share/security/patches/SA-16:11/openssl-10.2.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-16:11/openssl-10.2.patch.asc Sat Jan 30 06:33:43 2016 (r48116) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAABCgAGBQJWrFhgAAoJEO1n7NZdz2rn7pIP/RfM/xbLqKh6jOQKzCAs/hqK +erl+zzNNn8cJF00c1T2kFY05pwvFExAIAdPQ09uk7S+d+qC1tfn55ioPT0rUaLsv +qvhsRGEB2FZi+c6l8ZFK9qvePbqTzGAwYjhcmbaxw83YtosdxM5Z6Q3v9Nzfd6cG +qvGH6X91MDlpzyKx/ZQ/vXXFkMO1gDzMgOJe6phgKkxMiNfknqBifsLaJBUq0uSZ +WaqlfbhPDDXFu2hJ3lvizAxz2+6OQVUZeuGaw0UPtAzofBdX4H3UhUXjFPO1iECV +D3P0jTUKnNswd1l6xR8AUNHPh78Zf3T8hE9Ihf7jBiwVpA4VX2+jyan3NfC5ESO2 +dXStOPa4weEMERJVoBra8ZcvUwl+F63/ti35mf42KQK/dMXfn4YYJg06ZOyAxdG2 ++7bAJCCW6IVmIWhh+k7UdajP7KKSjyaopw/sNEAvU01iS4nB9EBnFebQ785GgRfE +iUEm98lCjIzkWLqZU6aGwLL46S3GUYkIhylUjLuHwsVm7YjEhURU0ghhM+srZDuX +yd4appgHar632XnotetsIiivKkzZJYK+1pt9tVf72/Q7V+ba4Zj7FCs1DEvwAfYa +LNIFIjS02ocgBQjKKR9+UqazuXe2+o0CpOKlqB/HGeIU3Rcc25h2y3uk8q/cCYoa +ibsADoMVD+ImHQXbKtlu +=L3PJ +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-16:11/openssl-9.3.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-16:11/openssl-9.3.patch Sat Jan 30 06:33:43 2016 (r48116) @@ -0,0 +1,43 @@ +Index: crypto/openssl/ssl/s2_srvr.c +=================================================================== +--- crypto/openssl/ssl/s2_srvr.c (revision 294905) ++++ crypto/openssl/ssl/s2_srvr.c (working copy) +@@ -392,7 +392,7 @@ static int get_client_master_key(SSL *s) + } + + cp=ssl2_get_cipher_by_char(p); +- if (cp == NULL) ++ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); +@@ -690,9 +690,12 @@ static int get_client_hello(SSL *s) + prio = cs; + allow = cl; + } +- for (z=0; z<sk_SSL_CIPHER_num(prio); z++) ++ /* Generate list of SSLv2 ciphers shared between client and server */ ++ for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) + { +- if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0) ++ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); ++ if ((cp->algorithms & SSL_SSLV2) == 0 || ++ sk_SSL_CIPHER_find(allow, cp) < 0) + { + (void)sk_SSL_CIPHER_delete(prio,z); + z--; +@@ -703,6 +706,14 @@ static int get_client_hello(SSL *s) + sk_SSL_CIPHER_free(s->session->ciphers); + s->session->ciphers = prio; + } ++ ++ /* Make sure we have at least one cipher in common */ ++ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) ++ { ++ ssl2_return_error(s, SSL2_PE_NO_CIPHER); ++ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); ++ return -1; ++ } + /* s->session->ciphers should now have a list of + * ciphers that are on both the client and server. + * This list is ordered by the order the client sent Added: head/share/security/patches/SA-16:11/openssl-9.3.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-16:11/openssl-9.3.patch.asc Sat Jan 30 06:33:43 2016 (r48116) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAABCgAGBQJWrFhgAAoJEO1n7NZdz2rnHfAP/0dRSsN5QEeACYvdu7fSGyvq +/9QUsHLyGMj3wS1SUP3oFCgpXuweYfmWVtvFfA2uLqXOukuOPJLYSpJVdF0QXZrK +dL0mlU3aaA2NLQlgl3QpnX1Gz5ItV62piljHs9Q87Is765BYnUp7i01gexVIA0PE +kK0U5ocfYiEwGhtcRl1ndTCHFJxrAQY7quRBPgeONpB2VFoSXOmRLF2cCi8s+ebV +cUk9sTWT+OCutzjvDFsqEFvcaVHT8jDDlXdXUuDGOzZ4sGc/OgKA6J42Wws++VKw +LqfQjD/RP4GQNvO0mmvd/1jnr6ug+rMxJapnNRVY6nTRBOcn2qEIZjALBjjVTZdx +xIQVc5M0CmRF4GcnKlwwJMC5vl+BPxvSbb2mKDEGY+nzXdH7z5618wwqE1EyIwj5 +U7X75vogYMv50uTTuAXazQm1WifxmpDYaaIyTRzz5pnSeXE6seeUEvkKXhmD2s+g +OQhULV51JUPhousieaJzPVTB8/NSZAiqvma++aW7claJr7drGWL1DEOGXqRBl/Rb +9iYDOJ6VcdqwfDUb1Hf5Ukc3oYGXkobhpswjbFnmTE96Cu/mH7Z1bKDhlG/0Zzwv +YYHTmWn9j9/azAwL0ZTUZztDm+9ZQqSPBXJMWVEaPOskyxRUHKurgixB7uEZco9U +RlgyGJfV0gU3oDgM9XE+ +=wEfU +-----END PGP SIGNATURE----- Modified: head/share/xml/advisories.xml ============================================================================== --- head/share/xml/advisories.xml Fri Jan 29 19:22:52 2016 (r48115) +++ head/share/xml/advisories.xml Sat Jan 30 06:33:43 2016 (r48116) @@ -11,6 +11,14 @@ <name>1</name> <day> + <name>30</name> + + <advisory> + <name>FreeBSD-SA-16:11.openssl</name> + </advisory> + </day> + + <day> <name>27</name> <advisory>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201601300633.u0U6XhON010494>