[Pkg-openssl-devel] Bug#732754: Bug#732754: Bug#732754: Bug#732754: Bug#732754: Bug#732754: Bug#732754: Bug#732754: openssl: CVE-2013-6449: crash when using TLS 1.2
Kurt Roeckx
kurt at roeckx.be
Mon Jan 6 18:20:25 UTC 2014
On Mon, Jan 06, 2014 at 06:54:33PM +0100, Kurt Roeckx wrote:
> On Mon, Jan 06, 2014 at 06:24:14PM +0100, Kurt Roeckx wrote:
> > On Mon, Dec 23, 2013 at 06:44:23PM +0100, Kurt Roeckx wrote:
> > > On Sun, Dec 22, 2013 at 11:51:09PM +0100, Kurt Roeckx wrote:
> > > >
> > > > For security I would like to have the following:
> > > > - CVE-2013-6449: 0294b2be5f4c11e60620c0018674ff0e17b14238 +
> > > > ca989269a2876bae79393bd54c3e72d49975fc75
> > > > - CVE-2013-6450: 34628967f1e65dc8f34e000f0f5518e21afbfc7b
> > > > - disable rdrand: 1c2c5e402a757a63d690bd2390bd6b8b491ef184
> > > > - Disable Dual EC DRBG: a4870de5aaef562c0947494b410a2387f3a6d04d
> > >
> > > So I've put that at:
> > > http://people.debian.org/~kroeckx/openssl/
> >
> > So the patch for CVE-2013-6450 was missing a commit. See:
> > http://rt.openssl.org/Ticket/Display.html?id=3214&user=guest&pass=guest
> >
> > I'll upload a 1.0.1e-2+deb7u2 soon.
>
> I've uploaded it. The changelog for it:
> * The patch we applied for CVE-2013-6450 was causing segfaults,
> also apply the previous commit checking for NULL in
> EVP_MD_CTX_destroy()
> * Fix for TLS record tampering bug CVE-2013-4353
So after uploading this, I got this as reply:
> Although there is no CVE connected to it it is also advisable to
> include f3dcc8411e518fb0835c7d72df4a58718205260d as well.
Should I make an other upload (with different version) for that?
Kurt
The patch would be:
commit f3dcc8411e518fb0835c7d72df4a58718205260d
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Dec 24 18:17:00 2013 +0000
Don't change version number if session established
When sending an invalid version number alert don't change the
version number to the client version if a session is already
established.
Thanks to Marek Majkowski for additional analysis of this issue.
PR#3191
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index c4bc4e7..96ba632 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -335,7 +335,7 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
if (version != s->version)
{
SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
- if ((s->version & 0xFF00) == (version & 0xFF00))
+ if ((s->version & 0xFF00) == (version & 0xFF00) && !s->enc_write_ctx && !s->write_hash)
/* Send back error using their minor version number :-) */
s->version = (unsigned short)version;
al=SSL_AD_PROTOCOL_VERSION;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index e5a8b3f..52efed3 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -958,7 +958,8 @@ int ssl3_get_client_hello(SSL *s)
(s->version != DTLS1_VERSION && s->client_version < s->version))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
- if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
+ if ((s->client_version>>8) == SSL3_VERSION_MAJOR &&
+ !s->enc_write_ctx && !s->write_hash)
{
/* similar to ssl3_get_record, send alert using remote version number */
s->version = s->client_version;
More information about the Pkg-openssl-devel
mailing list