openssl-1.0.1e-58.AXS4

エラータID: AXSA:2019-3985:01

Release date: 
Wednesday, August 14, 2019 - 03:22
Subject: 
openssl-1.0.1e-58.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
Moderate
Description: 

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

* openssl: 0-byte record padding oracle (CVE-2019-1559)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).

Solution: 

Update packages.

CVEs: 
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
Additional Info: 

N/A

Download: 

SRPMS
  1. openssl-1.0.1e-58.AXS4.src.rpm
    MD5: bf7f7305ef6e375899c06a1064392083
    SHA-256: 3aff41d45dfaa0af19c1ce4cc84b87c12e63a0f606355dd1002cc324988e42f6
    Size: 3.12 MB

Asianux Server 4 for x86
  1. openssl-1.0.1e-58.AXS4.i686.rpm
    MD5: e8b3d42144301a87e02829acff81c20d
    SHA-256: ea19d5ed3550ead232fca6a1595c83e4b000f1c3dfc7106cca4378e857ffa103
    Size: 1.52 MB
  2. openssl-devel-1.0.1e-58.AXS4.i686.rpm
    MD5: ff3ca2b1edce483d4259f74d6ac00362
    SHA-256: 4e6e7a220157fe78b8fd1da6e351b52ad3c434c4f01a6bdb9f843fb78f56037e
    Size: 1.17 MB

Asianux Server 4 for x86_64
  1. openssl-1.0.1e-58.AXS4.x86_64.rpm
    MD5: 4762db8aa7e5bd18aee72edaa2edbd46
    SHA-256: a54c2b6c79aac71e84ffa6d988706cd5d75f97600d9afc34ab64d948cea93e22
    Size: 1.53 MB
  2. openssl-devel-1.0.1e-58.AXS4.x86_64.rpm
    MD5: 022f2635dcc2184b06f7ca6adac6fbfa
    SHA-256: 227b145b24b32874e2b99edb9d3519c44f55ed131e83934c103a350d522c0af5
    Size: 1.17 MB
  3. openssl-1.0.1e-58.AXS4.i686.rpm
    MD5: e8b3d42144301a87e02829acff81c20d
    SHA-256: ea19d5ed3550ead232fca6a1595c83e4b000f1c3dfc7106cca4378e857ffa103
    Size: 1.52 MB
  4. openssl-devel-1.0.1e-58.AXS4.i686.rpm
    MD5: ff3ca2b1edce483d4259f74d6ac00362
    SHA-256: 4e6e7a220157fe78b8fd1da6e351b52ad3c434c4f01a6bdb9f843fb78f56037e
    Size: 1.17 MB