[Bug 1622500] Re: Backported bugfix for CVE-2014-3571 causes regressions for DTLS in Ubuntu 14.04

Launchpad Bug Tracker 1622500 at bugs.launchpad.net
Thu Sep 22 20:06:28 UTC 2016 

This bug was fixed in the package openssl - 1.0.1f-1ubuntu2.20

---------------
openssl (1.0.1f-1ubuntu2.20) trusty-security; urgency=medium

  * SECURITY UPDATE: Constant time flag not preserved in DSA signing
    - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
      crypto/dsa/dsa_ossl.c.
    - CVE-2016-2178
  * SECURITY UPDATE: DTLS buffered message DoS
    - debian/patches/CVE-2016-2179.patch: fix queue handling in
      ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
      ssl/ssl_locl.h.
    - CVE-2016-2179
  * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
    - debian/patches/CVE-2016-2180.patch: fix text handling in
      crypto/ts/ts_lib.c.
    - CVE-2016-2180
  * SECURITY UPDATE: DTLS replay protection DoS
    - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
      records in ssl/d1_pkt.c.
    - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
      in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
    - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
    - CVE-2016-2181
  * SECURITY UPDATE: OOB write in BN_bn2dec()
    - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
      crypto/bn/bn_print.c.
    - CVE-2016-2182
  * SECURITY UPDATE: SWEET32 Mitigation
    - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
      to MEDIUM in ssl/s3_lib.c.
    - CVE-2016-2183
  * SECURITY UPDATE: Malformed SHA512 ticket DoS
    - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
      ssl/t1_lib.c.
    - CVE-2016-6302
  * SECURITY UPDATE: OOB write in MDC2_Update()
    - debian/patches/CVE-2016-6303.patch: avoid overflow in
      crypto/mdc2/mdc2dgst.c.
    - CVE-2016-6303
  * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
    - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
      handshake in ssl/t1_lib.c.
    - CVE-2016-6304
  * SECURITY UPDATE: Certificate message OOB reads
    - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
      ssl/s3_srvr.c.
    - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
      larger in ssl/d1_both.c, ssl/s3_both.c.
    - CVE-2016-6306
  * SECURITY REGRESSION: DTLS regression (LP: #1622500)
    - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
      read_ahead is set in ssl/s3_pkt.c.
  * debian/patches/update-expired-smime-test-certs.patch: Update test
    certificates that have expired and caused build test failures.

 -- Marc Deslauriers <marc.deslauriers at ubuntu.com>  Thu, 22 Sep 2016
13:38:15 -0400

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1622500

Title:
  Backported bugfix for CVE-2014-3571 causes regressions for DTLS in
  Ubuntu 14.04

Status in openssl package in Ubuntu:
  Invalid
Status in openssl source package in Precise:
  Fix Released
Status in openssl source package in Trusty:
  Fix Released

Bug description:
  In OpenSSL 1.0.1f on Ubuntu 14.04, there's a regression in using DTLS,
  caused by a backported bugfix for CVE-2014-3571.

  This particular bugfix (debian/patches/CVE-2014-3571-1.patch,
  corresponding to
  https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8d7aab986b499f34d9e1bc58fbfd77f05c38116e,
  originally included upstream in OpenSSL 1.0.1k) caused a regression in
  using DTLS - see https://rt.openssl.org/Ticket/Display.html?id=3657.

  This regression was fixed in OpenSSL 1.0.1m via this commit:
  https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1895583

  This left OpenSSL 1.0.1k and 1.0.1l with the regression, plus Ubuntu
  14.04 which backported the first fix but not the later one.

  In Debian, their patches for 1.0.1e contain both fixes:
  https://sources.debian.net/src/openssl/1.0.1e-2%2Bdeb7u20/debian/patches/0109-Fix-crash-in-dtls1_get_record-whilst-in-the-listen-s.patch/
  https://sources.debian.net/src/openssl/1.0.1e-2%2Bdeb7u20/debian/patches/0001-Make-DTLS-always-act-as-if-read_ahead-is-set.-The-ac.patch/

  Please backport the second fix to the version of 1.0.1f that you
  maintain for 14.04 LTS.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1622500/+subscriptions

More information about the foundations-bugs mailing list