openssl098e-0.9.8e-29.el7.3

エラータID: AXSA:2016-128:01

Release date: 
Wednesday, March 9, 2016 - 14:07
Subject: 
openssl098e-0.9.8e-29.el7.3
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols. This version of OpenSSL package is provided for compatibility
with the previous Red Hat Enterprise Linux release.

Security issues fixed with this release:

CVE-2015-0293
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before
1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote
attackers to cause a denial of service (s2_lib.c assertion failure and
daemon exit) via a crafted CLIENT-MASTER-KEY message.
CVE-2015-3197
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f
does not prevent use of disabled ciphers, which makes it easier for
man-in-the-middle attackers to defeat cryptographic protection
mechanisms by performing computations on SSLv2 traffic, related to the
get_client_master_key and get_client_hello functions.
CVE-2016-0703
The get_client_master_key function in s2_srvr.c in the SSLv2
implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1
before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero
CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher,
which allows man-in-the-middle attackers to determine the MASTER-KEY
value and decrypt TLS ciphertext data by leveraging a Bleichenbacher
RSA padding oracle, a related issue to CVE-2016-0800.
CVE-2016-0704
An oracle protection mechanism in the get_client_master_key function
in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf,
1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a
overwrites incorrect MASTER-KEY bytes during use of export cipher
suites, which makes it easier for remote attackers to decrypt TLS
ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a
related issue to CVE-2016-0800.
CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before
1.0.2g and other products, requires a server to send a ServerVerify
message before establishing that a client possesses certain plaintext
RSA data, which makes it easier for remote attackers to decrypt TLS
ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka
a "DROWN" attack.

Solution: 

Update packages.

CVEs: 
CVE-2015-0293
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
CVE-2015-3197
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
CVE-2016-0703
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
CVE-2016-0704
An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
Additional Info: 

N/A

Download: 

SRPMS
  1. openssl098e-0.9.8e-29.el7.3.src.rpm
    MD5: a76575e68abc7c2bc3e626648c6b68d5
    SHA-256: e5a1f3769796b89051a484d02e5bc9d6299e2c672e0df7ba30babe23109f562a
    Size: 3.00 MB

Asianux Server 7 for x86_64
  1. openssl098e-0.9.8e-29.el7.3.x86_64.rpm
    MD5: 49b21d9cb5c05384b910e806cc1849a0
    SHA-256: f2ada53ac4aa61e5e8c1a406a0c3c1145e055191241772d37c066ef9949fbdc6
    Size: 792.02 kB
  2. openssl098e-0.9.8e-29.el7.3.i686.rpm
    MD5: 0bccbf6c2a9e7c334d30a58362b929b7
    SHA-256: c9290072f8be8725209335f0872e8af6f91bcf2ee7d36d726df3564b95c33da1
    Size: 801.72 kB