AXSA:2020-289:02

Release date: 
Monday, September 7, 2020 - 05:27
Subject: 
openssl-1.1.1c-15.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

* openssl: side-channel weak encryption vulnerability (CVE-2019-1547)

* openssl: information disclosure in fork() (CVE-2019-1549)

* openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.2 Release Notes linked from the References section.

CVE-2019-1547
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
CVE-2019-1549
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).
CVE-2019-1563
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. openssl-1.1.1c-15.el8.src.rpm
    MD5: d0785fefe7eabbe132d0dd3e68dd5704
    SHA-256: c07e456fcf2e4663df10863c5f9aafae0f21b7b84b306fbbbb0784116cbe9b21
    Size: 6.36 MB

Asianux Server 8 for x86_64
  1. openssl-1.1.1c-15.el8.x86_64.rpm
    MD5: 3ac41dff8b60c1c1403238129da3e0e3
    SHA-256: aa05b2b6c2944801de04b53c25c7517593dcd8188fdec99081d902fde1d7a756
    Size: 696.73 kB
  2. openssl-devel-1.1.1c-15.el8.x86_64.rpm
    MD5: 1142f91c03fc6b2fee87a9bc140a43d8
    SHA-256: 5aef64a6d1de9ddbe25009ad0389612ba074732f046df9c82346dd922a6f0d82
    Size: 2.29 MB
  3. openssl-libs-1.1.1c-15.el8.x86_64.rpm
    MD5: dd9d5715b28d97be376f75be0410c04c
    SHA-256: 9301237c33365de7a2ffb78e18732ced2a7c8ce8b82a3e107895ae56556d3239
    Size: 1.46 MB
  4. openssl-perl-1.1.1c-15.el8.x86_64.rpm
    MD5: 00ecbe3749b4515eb296e942e22aed4d
    SHA-256: a7f58f6d90f724d997d428546a48cc495250208e46525e73737049bac82df17f
    Size: 77.61 kB
  5. openssl-devel-1.1.1c-15.el8.i686.rpm
    MD5: a140038cbee8876fd22742b0d1fa3538
    SHA-256: 763febc423f7e0365cb0db7052be341267468201e1e1c440c455d56058a4d0d9
    Size: 2.29 MB
  6. openssl-libs-1.1.1c-15.el8.i686.rpm
    MD5: 10250c2aaf4e65716917677b2187e0c9
    SHA-256: a52c21e283140aba58ef663488730684d5e3b88442569231a187feca7109133d
    Size: 1.47 MB
Copyright© 2007-2015 Asianux. All rights reserved.