Hi developers:
Nowdays we made a large scale security static analysis on several open
source projects,and found some mistakes in elog-3.1.1-1.In the@src
/elog.c:300:
int ssl_connect(int sock, SSL ** ssl_con)
{
SSL_METHOD *meth;
SSL_CTX *ctx;
SSL_library_init();
SSL_load_error_strings();
meth = (SSL_METHOD *) TLSv1_method();
ctx = SSL_CTX_new(meth);
*ssl_con = SSL_new(ctx);
SSL_set_fd(*ssl_con, sock);
if (SSL_connect(*ssl_con) <= 0)
return -1;
return 0;
}
When finish the SSL connect, you immedicately start to execute
read/write operation without verify certificate,which can lead to MITM
attack and cause leakage of sensitive data.We recommand you add verify
operation such as SSL_CTX_set_verify or SSL_get_peer_certificate to
guarantee the security.We have send the bug report to Ubuntu launchpad,and
also inform you of such news.Here are the link:
https://bugs.launchpad.net/ubuntu/+source/elog/+bug/1677558
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
