[Bug 1622500] [NEW] Backported bugfix for CVE-2014-3571 causes regressions for DTLS in Ubuntu 14.04

Martin Storsjö martin at martin.st
Mon Sep 12 08:22:58 UTC 2016 

Public bug reported:

In OpenSSL 1.0.1f on Ubuntu 14.04, there's a regression in using DTLS,
caused by a backported bugfix for CVE-2014-3571.

This particular bugfix (debian/patches/CVE-2014-3571-1.patch,
corresponding to
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8d7aab986b499f34d9e1bc58fbfd77f05c38116e,
originally included upstream in OpenSSL 1.0.1k) caused a regression in
using DTLS - see https://rt.openssl.org/Ticket/Display.html?id=3657.

This regression was fixed in OpenSSL 1.0.1m via this commit:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1895583

This left OpenSSL 1.0.1k and 1.0.1l with the regression, plus Ubuntu
14.04 which backported the first fix but not the later one.

In Debian, their patches for 1.0.1e contain both fixes:
https://sources.debian.net/src/openssl/1.0.1e-2%2Bdeb7u20/debian/patches/0109-Fix-crash-in-dtls1_get_record-whilst-in-the-listen-s.patch/
https://sources.debian.net/src/openssl/1.0.1e-2%2Bdeb7u20/debian/patches/0001-Make-DTLS-always-act-as-if-read_ahead-is-set.-The-ac.patch/

Please backport the second fix to the version of 1.0.1f that you
maintain for 14.04 LTS.

** Affects: openssl (Ubuntu)
     Importance: Undecided
         Status: New

** Summary changed:

- Backported bugfix for CVE-2014-3571 causes regressions for DTLS in 
+ Backported bugfix for CVE-2014-3571 causes regressions for DTLS in Ubuntu 14.04

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1622500

Title:
  Backported bugfix for CVE-2014-3571 causes regressions for DTLS in
  Ubuntu 14.04

Status in openssl package in Ubuntu:
  New

Bug description:
  In OpenSSL 1.0.1f on Ubuntu 14.04, there's a regression in using DTLS,
  caused by a backported bugfix for CVE-2014-3571.

  This particular bugfix (debian/patches/CVE-2014-3571-1.patch,
  corresponding to
  https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8d7aab986b499f34d9e1bc58fbfd77f05c38116e,
  originally included upstream in OpenSSL 1.0.1k) caused a regression in
  using DTLS - see https://rt.openssl.org/Ticket/Display.html?id=3657.

  This regression was fixed in OpenSSL 1.0.1m via this commit:
  https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1895583

  This left OpenSSL 1.0.1k and 1.0.1l with the regression, plus Ubuntu
  14.04 which backported the first fix but not the later one.

  In Debian, their patches for 1.0.1e contain both fixes:
  https://sources.debian.net/src/openssl/1.0.1e-2%2Bdeb7u20/debian/patches/0109-Fix-crash-in-dtls1_get_record-whilst-in-the-listen-s.patch/
  https://sources.debian.net/src/openssl/1.0.1e-2%2Bdeb7u20/debian/patches/0001-Make-DTLS-always-act-as-if-read_ahead-is-set.-The-ac.patch/

  Please backport the second fix to the version of 1.0.1f that you
  maintain for 14.04 LTS.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1622500/+subscriptions

More information about the foundations-bugs mailing list