http://it.slashdot.org/article.pl?sid=08/05/13/1533212 SecurityBob writes "Debian package maintainers tend to very often modify the source code of the package they are maintaining so that it better fits into the distribution itself. However, most of the time, their changes are not sent back to upstream for validation, which might cause some tension between upstream developers and Debian packagers. Today, a critical security advisory has been released: a Debian packager modified the source code of OpenSSL back in 2006 so as to remove the seeding of OpenSSL random number generator, which in turns makes cryptographic key material generated on a Debian system guessable. The solution? Upgrade OpenSSL and re-generate all your SSH and SSL keys. This problem not only affects Debian, but also all its derivatives, such as Ubuntu." Reader RichiH also points to Debian's announcement and Ubuntu's announcement.
http://lists.debian.org/debian-security-announce/2008/msg00152.html [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator * To: [EMAIL PROTECTED] * Subject: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator * From: Florian Weimer <[EMAIL PROTECTED]> * Date: Tue, 13 May 2008 14:06:39 +0200 * Message-id: <[EMAIL PROTECTED]> * Reply-to: [EMAIL PROTECTED] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1571-1 [EMAIL PROTECTED] http://www.debian.org/security/ Florian Weimer May 13, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : openssl Vulnerability : predictable random number generator Problem type : remote Debian-specific: yes CVE Id(s) : CVE-2008-0166 Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable. This is a Debian-specific vulnerability which does not affect other operating systems which are not based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. It is strongly recommended that all cryptographic key material which has been generated by OpenSSL versions starting with 0.9.8c-1 on Debian systems is recreated from scratch. Furthermore, all DSA keys ever used on affected Debian systems for signing or authentication purposes should be considered compromised; the Digital Signature Algorithm relies on a secret random value used during signature generation. The first vulnerable version, 0.9.8c-1, was uploaded to the unstable distribution on 2006-09-17, and has since propagated to the testing and current stable (etch) distributions. The old stable distribution (sarge) is not affected. Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key material for use in X.509 certificates and session keys used in SSL/TLS connections. Keys generated with GnuPG or GNUTLS are not affected, though. A detector for known weak key material will be published at: <http://security.debian.org/project/extra/dowkd/dowkd.pl.gz> <http://security.debian.org/project/extra/dowkd/dowkd.pl.gz.asc> (OpenPGP signature) Instructions how to implement key rollover for various packages will be published at: <http://www.debian.org/security/key-rollover/> This web site will be continously updated to reflect new and updated instructions on key rollovers for packages using SSL certificates. Popular packages not affected will also be listed. In addition to this critical change, two other vulnerabilities have been fixed in the openssl package which were originally scheduled for release with the next etch point release: OpenSSL's DTLS (Datagram TLS, basically "SSL over UDP") implementation did not actually implement the DTLS specification, but a potentially much weaker protocol, and contained a vulnerability permitting arbitrary code execution (CVE-2007-4995). A side channel attack in the integer multiplication routines is also addressed (CVE-2007-3108). For the stable distribution (etch), these problems have been fixed in version 0.9.8c-4etch3. For the unstable distribution (sid) and the testing distribution (lenny), these problems have been fixed in version 0.9.8g-9. We recommend that you upgrade your openssl package and subsequently regenerate any cryptographic material, as outlined above. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-May/000705.html [USN-612-1] OpenSSL vulnerability Jamie Strandboge jamie at canonical.com Tue May 13 15:07:38 BST 2008 * Previous message: [USN-611-3] GStreamer Good Plugins vulnerability * Next message: [USN-612-2] OpenSSH vulnerability * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] =========================================================== Ubuntu Security Notice USN-612-1 May 13, 2008 openssl vulnerability CVE-2008-0166 =========================================================== A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates. This vulnerability only affects operating systems which (like Ubuntu) are based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. We consider this an extremely serious vulnerability, and urge all users to act immediately to secure their systems. (CVE-2008-0166) This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. == Who is affected == Systems which are running any of the following releases: * Ubuntu 7.04 (Feisty) * Ubuntu 7.10 (Gutsy) * Ubuntu 8.04 LTS (Hardy) * Ubuntu "Intrepid Ibex" (development): libssl <= 0.9.8g-8 * Debian 4.0 (etch) (see corresponding Debian security advisory) and have openssh-server installed or have been used to create an OpenSSH key or X.509 (SSL) certificate. All OpenSSH and X.509 keys generated on such systems must be considered untrustworthy, regardless of the system on which they are used, even after the update has been applied. This includes the automatically generated host keys used by OpenSSH, which are the basis for its server spoofing and man-in-the-middle protection. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: libssl0.9.8 0.9.8c-4ubuntu0.3 Ubuntu 7.10: libssl0.9.8 0.9.8e-5ubuntu3.2 Ubuntu 8.04 LTS: libssl0.9.8 0.9.8g-4ubuntu3.1 slds -- Carlos Javier Habana, CUBA _______________________________________________ Cancelar suscripciĆ³n https://listas.softwarelibre.cu/mailman/listinfo/linux-l Buscar en el archivo http://listas.softwarelibre.cu/buscar/linux-l
