openssl-1.0.1e-30.AXS4.11
エラータID: AXSA:2015-155:05
Release date:
Thursday, June 18, 2015 - 16:44
Subject:
openssl-1.0.1e-30.AXS4.11
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Security issues fixed with this release:
CVE-2014-8176
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
CVE-2015-3216
Solution:
Update packages.
CVEs:
CVE-2014-8176
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.
CVE-2015-1789
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
CVE-2015-1790
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
CVE-2015-1791
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
CVE-2015-1792
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.
CVE-2015-3216
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
Additional Info:
N/A
Download:
SRPMS
- openssl-1.0.1e-30.AXS4.11.src.rpm
MD5: 9b4bd9d9e0d2128ed1e6548d0e795513
SHA-256: f7f609abeb70756947b28f4d57df6b139c46ba1a1773f64e6851025306f073e8
Size: 3.06 MB
Asianux Server 4 for x86
- openssl-1.0.1e-30.AXS4.11.i686.rpm
MD5: f8aba01a6070cb93f014fdbf13305a37
SHA-256: d439f9e33b37cabfd368c05845cfb522aad41f384c54ada648b3a687052f23b6
Size: 1.51 MB - openssl-devel-1.0.1e-30.AXS4.11.i686.rpm
MD5: 5d7002fc719e10810070e98661acf492
SHA-256: 919cf62bef532e5118184aaa7f356130d60321dfd6cb16b4aa0ba60b48aed0ce
Size: 1.17 MB
Asianux Server 4 for x86_64
- openssl-1.0.1e-30.AXS4.11.x86_64.rpm
MD5: 026109cac577539dc8d6665a5528487d
SHA-256: ae99b6ea7c2911b43bf549305c5ccbd8285834aad6b2c38deb1631c26092159f
Size: 1.52 MB - openssl-devel-1.0.1e-30.AXS4.11.x86_64.rpm
MD5: a4e65517d52c0bde9a92bb19b14113d9
SHA-256: db1cef38ed8f5a08b461d09d387232ca9635006f77f46341ffd1fa67b79c8ffc
Size: 1.17 MB - openssl-1.0.1e-30.AXS4.11.i686.rpm
MD5: f8aba01a6070cb93f014fdbf13305a37
SHA-256: d439f9e33b37cabfd368c05845cfb522aad41f384c54ada648b3a687052f23b6
Size: 1.51 MB - openssl-devel-1.0.1e-30.AXS4.11.i686.rpm
MD5: 5d7002fc719e10810070e98661acf492
SHA-256: 919cf62bef532e5118184aaa7f356130d60321dfd6cb16b4aa0ba60b48aed0ce
Size: 1.17 MB