openssl (SL6)

By Scientific Linux Team on March 25, 2015

Synopsis: Moderate: openssl security update
Advisory ID: SLSA-2015:0715-1
Issue Date: 2015-03-24
CVE Numbers: CVE-2015-0209
CVE-2015-0286
CVE-2015-0287
CVE-2015-0289
CVE-2015-0292
CVE-2015-0293
CVE-2015-0288

An invalid pointer use flaw was found in OpenSSL’s ASN1_TYPE_cmp()
function. A remote attacker could crash a TLS/SSL client or server using
OpenSSL via a specially crafted X.509 certificate when the attacker-
supplied certificate was verified by the application. (CVE-2015-0286)

An integer underflow flaw, leading to a buffer overflow, was found in the
way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to
make an application using OpenSSL decode a specially crafted
Base64-encoded input (such as a PEM file) could use this flaw to cause the
application to crash. Note: this flaw is not exploitable via the TLS/SSL
protocol because the data being transferred is not Base64-encoded.
(CVE-2015-0292)

A denial of service flaw was found in the way OpenSSL handled SSLv2
handshake messages. A remote attacker could use this flaw to cause a
TLS/SSL server using OpenSSL to exit on a failed assertion if it had both
the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)

A use-after-free flaw was found in the way OpenSSL imported malformed
Elliptic Curve private keys. A specially crafted key file could cause an
application using OpenSSL to crash when imported. (CVE-2015-0209)

An out-of-bounds write flaw was found in the way OpenSSL reused certain
ASN.1 structures. A remote attacker could possibly use a specially crafted
ASN.1 structure that, when parsed by an application, would cause that
application to crash. (CVE-2015-0287)

A NULL pointer dereference flaw was found in OpenSSL’s X.509 certificate
handling implementation. A specially crafted X.509 certificate could cause
an application using OpenSSL to crash if the application attempted to
convert the certificate to a certificate request. (CVE-2015-0288)

A NULL pointer dereference was found in the way OpenSSL handled certain
PKCS#7 inputs. An attacker able to make an application using OpenSSL
verify, decrypt, or parse a specially crafted PKCS#7 input could cause
that application to crash. TLS/SSL clients and servers using OpenSSL were
not affected by this flaw. (CVE-2015-0289)

For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.

SL6
x86_64
openssl-1.0.1e-30.el6_6.7.i686.rpm
openssl-1.0.1e-30.el6_6.7.x86_64.rpm
openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm
openssl-devel-1.0.1e-30.el6_6.7.i686.rpm
openssl-devel-1.0.1e-30.el6_6.7.x86_64.rpm
openssl-perl-1.0.1e-30.el6_6.7.x86_64.rpm
openssl-static-1.0.1e-30.el6_6.7.x86_64.rpm
i386
openssl-1.0.1e-30.el6_6.7.i686.rpm
openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm
openssl-devel-1.0.1e-30.el6_6.7.i686.rpm
openssl-perl-1.0.1e-30.el6_6.7.i686.rpm
openssl-static-1.0.1e-30.el6_6.7.i686.rpm

– Scientific Linux Development Team