Update OpenSSL to fix security vulnerabilities

Bug #392670 reported by Nicola Ferralis
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
The Dell Mini Project
Fix Committed
Undecided
Unassigned

Bug Description

Openssl has been updated in generic hardy to version 0.9.8g-4ubuntu3.7 to fix several security vulnerabilities (see below). Openssl is still in version 0.9.8g-4ubuntu3.5 in hardy for the mini.

Changelog:

0.9.8g-4ubuntu3.7) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via memory consumption from large
    number of future epoch DTLS records.
    - crypto/pqueue.*: add new pqueue_size counter function.
    - ssl/d1_pkt.c: use pqueue_size to limit size of queue to 100.
    - http://cvs.openssl.org/chngview?cn=18187
    - CVE-2009-1377
  * SECURITY UPDATE: denial of service via memory consumption from
    duplicate or invalid sequence numbers in DTLS records.
    - ssl/d1_both.c: discard message if it's a duplicate or too far in the
      future.
    - http://marc.info/?l=openssl-dev&m=124263491424212&w=2
    - CVE-2009-1378
  * SECURITY UPDATE: denial of service or other impact via use-after-free
    in dtls1_retrieve_buffered_fragment.
    - ssl/d1_both.c: use temp frag_len instead of freed frag.
    - http://rt.openssl.org/Ticket/Display.html?id=1923
    - CVE-2009-1379
  * SECURITY UPDATE: denial of service via DTLS ChangeCipherSpec packet
    that occurs before ClientHello.
    - ssl/s3_pkt.c: abort if s->session is NULL.
    - ssl/{ssl.h,ssl_err.c}: add new error codes.
    - http://cvs.openssl.org/chngview?cn=17369
    - CVE-2009-1386
  * SECURITY UPDATE: denial of service via an out-of-sequence DTLS
    handshake message.
    - ssl/d1_both.c: don't buffer fragments with no data.
    - http://cvs.openssl.org/chngview?cn=17958
    - CVE-2009-1387

security vulnerability: no → yes
Changed in dell-mini:
status: New → Confirmed
Revision history for this message
Nicola Ferralis (feranick) wrote :

In proposed repository.

Changed in dell-mini:
status: Confirmed → Fix Committed
Revision history for this message
Nicola Ferralis (feranick) wrote :

Reverting to Confirmed, since a new security vulnerability has been found in version 0.9.8g-4ubuntu3.7.

Fixed in generic hardy (0.9.8g-4ubuntu3.8). The fix should be ported in the dell mini ASAP.

Changed in dell-mini:
status: Fix Committed → Confirmed
Revision history for this message
Nicola Ferralis (feranick) wrote :

In proposed repository.

Changed in dell-mini:
status: Confirmed → Fix Committed
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.