On 09/07/2015 15:10, OpenSSL wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
OpenSSL Security Advisory [9 Jul 2015]
=======================================
Alternative chains certificate forgery (CVE-2015-1793)
======================================================
Severity: High
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.
Why was this introduced in a patch release? I thought
improved chain building was a new feature, and thus
delineated by a library version number such as 1.0.2or
1.0.3. In fact, I thought that was the reason we all
had to wait ages before this long standing shortcoming
was fixed.
This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
Does this vulnerability also affect applications that
use OpenSSL or the openssl command line to handle S/MIME
or other CMS messages?
For example, the mail client mutt handles S/MIME by
invoking the openssl command line via macros in the
default configuration file.
P.S.
Sorry for first trying to send to -announce, MUA must
have ignored the Reply-To.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
