openssl098e-0.9.8e-20.AXS4.1

エラータID: AXSA:2016-127:01

Release date: 
Wednesday, March 9, 2016 - 14:05
Subject: 
openssl098e-0.9.8e-20.AXS4.1
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols. This version of OpenSSL package is provided for compatibility
with the previous Red Hat Enterprise Linux release.

Security issues fixed with this release:

CVE-2015-0293
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before
1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote
attackers to cause a denial of service (s2_lib.c assertion failure and
daemon exit) via a crafted CLIENT-MASTER-KEY message.
CVE-2015-3197
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f
does not prevent use of disabled ciphers, which makes it easier for
man-in-the-middle attackers to defeat cryptographic protection
mechanisms by performing computations on SSLv2 traffic, related to the
get_client_master_key and get_client_hello functions.
CVE-2016-0703
The get_client_master_key function in s2_srvr.c in the SSLv2
implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1
before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero
CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher,
which allows man-in-the-middle attackers to determine the MASTER-KEY
value and decrypt TLS ciphertext data by leveraging a Bleichenbacher
RSA padding oracle, a related issue to CVE-2016-0800.
CVE-2016-0704
An oracle protection mechanism in the get_client_master_key function
in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf,
1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a
overwrites incorrect MASTER-KEY bytes during use of export cipher
suites, which makes it easier for remote attackers to decrypt TLS
ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a
related issue to CVE-2016-0800.
CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before
1.0.2g and other products, requires a server to send a ServerVerify
message before establishing that a client possesses certain plaintext
RSA data, which makes it easier for remote attackers to decrypt TLS
ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka
a "DROWN" attack.

Solution: 

Update packages.

CVEs: 
CVE-2015-0293
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
CVE-2015-3197
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
CVE-2016-0703
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
CVE-2016-0704
An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
Additional Info: 

N/A

Download: 

SRPMS
  1. openssl098e-0.9.8e-20.AXS4.1.src.rpm
    MD5: 32dec585d26af1706ea3f2f50b222726
    SHA-256: 17e0c0a480118747575bc2197aa834277cc3920ff91e9429858c8572c4b92219
    Size: 2.96 MB

Asianux Server 4 for x86
  1. openssl098e-0.9.8e-20.AXS4.1.i686.rpm
    MD5: eccb3a97f7fe0a12f230650c8048429d
    SHA-256: 5a3e60cf23403e898bb351fcfbabda9929c666280cb9c3eedfeadf21842edcde
    Size: 773.15 kB

Asianux Server 4 for x86_64
  1. openssl098e-0.9.8e-20.AXS4.1.x86_64.rpm
    MD5: 38bafdfd8d1eb88b6a762622fa26ae8d
    SHA-256: 117ae663c307092bcdba022c6daafa35cb84463f98506364105c60b0bffc8a20
    Size: 760.83 kB
  2. openssl098e-0.9.8e-20.AXS4.1.i686.rpm
    MD5: eccb3a97f7fe0a12f230650c8048429d
    SHA-256: 5a3e60cf23403e898bb351fcfbabda9929c666280cb9c3eedfeadf21842edcde
    Size: 773.15 kB