[SECURITY] [DLA 1701-1] openssl security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1701-1] openssl security update
From: Markus Koschany <apo@debian.org>
Date: Fri, 1 Mar 2019 23:55:06 +0100
Message-id: <[🔎] 8163c803-38e1-61b7-3d3a-da7ed0fcb305@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : openssl
Version        : 1.0.1t-1+deb8u11
CVE ID         : CVE-2019-1559

Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding
oracle attack in OpenSSL.

If an application encounters a fatal protocol error and then calls
SSL_shutdown() twice (once to send a close_notify, and once to receive
one) then OpenSSL can respond differently to the calling application
if a 0 byte record is received with invalid padding compared to if a 0
byte record is received with an invalid MAC. If the application then
behaves differently based on that in a way that is detectable to the
remote peer, then this amounts to a padding oracle that could be used
to decrypt data.

In order for this to be exploitable "non-stitched" ciphersuites must
be in use. Stitched ciphersuites are optimised implementations of
certain commonly used ciphersuites. Also the application must call
SSL_shutdown() twice even if a protocol error has occurred
(applications should not do this but some do anyway).
AEAD ciphersuites are not impacted.

For Debian 8 "Jessie", this problem has been fixed in version
1.0.1t-1+deb8u11.

We recommend that you upgrade your openssl packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlx5uElfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeR/BA/+Il0to7XRdFjAvxJG6cwzvemVHiLnKscdq5hr78hGb9qwxDpDQ51in+5o
Vfy9pfsu72oSpiMbeks1c8K9K6aDiUGj3xoAmVMhGuia3JFmIEsWKXOLj61SeUAN
2sfOgso3U4LolyY41x/q+aeG373ktB1XHtDbT4UBT4W2KPtdf0h3HUQsKYY8zXz9
PIlpefClIJnE8qyBX9V+jTS2sABG2nPJ86vhuISjxrFMXgZF90HRRSMWpIfX+4uz
gOxfIm4udRUbH5zzxyDZn7sP9f6VUGPqdsgIHBHIp/LkExfuGH5EVIaXxO3jigJq
Jze2htD+KfjbNfJRxyGR0AzwBeYh8sLI3vRemG2dip7+W2McddP+kxpY+CEtlBRG
W1JhLa9pc+QuXkE4bUJAKBLje7mMhRdQK+zz2y782G5Z3FmepSW7ZXUSdNQX7ek6
YS5Uy+xpP4a4Jc2HRJsjWw8BK0Z5Ua/Bk1jC4PJ/SMvdHYvurPaUXzScayFiFjRA
dNfuBikQssS4EvZIv0oaYxnGsihRncfWF+zfJt15CGy9IzfTgx1irvPPPzZ/eouM
Z0h01oBStQ5HveSgGMBBjFK6u+bwPFoTMKhxqH/MM3z5m1GEXXdRvJuVSXraymqi
H/WDi/BMVhBp0rbfpqSyHLmqsfNx3cPMAnjy1k/wOifJE14E4g4=
=sQfb
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1696-1] ceph security update
Next by Date: [SECURITY] [DLA 1702-1] advancecomp security update
Previous by thread: [SECURITY] [DLA 1696-1] ceph security update
Next by thread: [SECURITY] [DLA 1702-1] advancecomp security update
Index(es):
- Date
- Thread