Hi everybody,
A ssl vulnerability has been recently found in openssl, this flaw is
difficult to fix because the problem lies in the renegotiation feature
which is part of the protocol itself.
As a result, the last openssl version disables completely tls
renegotiation, which could break some setups.
From what I understand, there are few setups which would be impacted
but I can't be perfectly sure about that.
We can either:
- release openssl 0.9.8l with renegotiation disabled and warn our users.
It would be nice for users who don't want to upgrade to be able to
forbid a package upgrade in pkg-get / pkgutil configuration.
- do not release 0.9.8l for now and release a new apache 2 / apache
mod ssl / other http servers with client initiated renegotiation
disabled.Wed, 02 Dec 2009 21:47:50 +0100
This should fix the vulnerability for most Apache configuration and for
now only exploits on the HTTPS protocol have been documented.
I was planning to do the former but I welcome advices on this matter.
You will find below the email I was planning to send to our users.
You can find more information about this flaw at the following urls:
http://extendedsubset.com/?p=8
http://www.links.org/?p=780
http://www.links.org/?p=786
http://www.links.org/?p=789
http://www.links.org/?p=804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
The openssl 0.9.8l packages are in testing:
http://buildfarm.opencsw.org/testing/openssl_utils-0.9.8l,REV=2009.11.07-SunOS5.8-sparc-CSW.pkg.gz
http://buildfarm.opencsw.org/testing/openssl_rt-0.9.8l,REV=2009.11.07-SunOS5.8-sparc-CSW.pkg.gz
http://buildfarm.opencsw.org/testing/openssl_devel-0.9.8l,REV=2009.11.07-SunOS5.8-sparc-CSW.pkg.gz
http://buildfarm.opencsw.org/testing/openssl_utils-0.9.8l,REV=2009.11.07-SunOS5.8-i386-CSW.pkg.gz
http://buildfarm.opencsw.org/testing/openssl_rt-0.9.8l,REV=2009.11.07-SunOS5.8-i386-CSW.pkg.gz
http://buildfarm.opencsw.org/testing/openssl_devel-0.9.8l,REV=2009.11.07-SunOS5.8-i386-CSW.pkg.gz
Best regards,
Yann
---------------------------------------------------------------------------
Dear users,
A security vulnerability has been recently found in the TLS and SSL
protocol part related to the handling of session renegotiation [1]. This
vulnerability allows an attacker to inject arbitrary content at the
beginning of a TLS/SSL connection.
This problem is caused by a design flaw in the TLS/SSL protocol and is
difficult to fix in a clean and backward compatible way. As a result the
new openssl release (0.9.8l) which fixes this bug simply completely
disables renegotiation.
This new package will hit csw unstable mirror very soon.
This modification should not have any impact for most setups except for
Apache https configurations which use certificate client verification
(SSLVerifyClient) or specify a new ssl cipher list (SSLCipherSuite) in a
directory or location context.
If that's your case, you should try to use these instructions on
the server or virtual host level, or avoid upgrading to openssl 0.9.8l,
but you will stay vulnerable in the latter.
A new protocol extension to TLS is planned to address this issue but the
RFC draft is still under review and it will require both the client and
the server to implement the extension.
Best regards
Yann
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
_______________________________________________
maintainers mailing list
[email protected]
https://lists.opencsw.org/mailman/listinfo/maintainers
