From 67ccd96eb8b5144dd0c9e929b57126fdec060279 Mon Sep 17 00:00:00 2001 From: Xin LI Date: Sat, 30 Jan 2016 06:33:43 +0000 Subject: [PATCH] Add SA-16:11. --- .../advisories/FreeBSD-SA-16:11.openssl.asc | 159 ++++++++++++++++++ .../patches/SA-16:11/openssl-10.1.patch | 43 +++++ .../patches/SA-16:11/openssl-10.1.patch.asc | 17 ++ .../patches/SA-16:11/openssl-10.2.patch | 41 +++++ .../patches/SA-16:11/openssl-10.2.patch.asc | 17 ++ .../patches/SA-16:11/openssl-9.3.patch | 43 +++++ .../patches/SA-16:11/openssl-9.3.patch.asc | 17 ++ share/xml/advisories.xml | 8 + 8 files changed, 345 insertions(+) create mode 100644 share/security/advisories/FreeBSD-SA-16:11.openssl.asc create mode 100644 share/security/patches/SA-16:11/openssl-10.1.patch create mode 100644 share/security/patches/SA-16:11/openssl-10.1.patch.asc create mode 100644 share/security/patches/SA-16:11/openssl-10.2.patch create mode 100644 share/security/patches/SA-16:11/openssl-10.2.patch.asc create mode 100644 share/security/patches/SA-16:11/openssl-9.3.patch create mode 100644 share/security/patches/SA-16:11/openssl-9.3.patch.asc diff --git a/share/security/advisories/FreeBSD-SA-16:11.openssl.asc b/share/security/advisories/FreeBSD-SA-16:11.openssl.asc new file mode 100644 index 0000000000..1f70a28ae0 --- /dev/null +++ b/share/security/advisories/FreeBSD-SA-16:11.openssl.asc @@ -0,0 +1,159 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-16:11.openssl Security Advisory + The FreeBSD Project + +Topic: OpenSSL SSLv2 ciphersuite downgrade vulnerability + +Category: contrib +Module: openssl +Announced: 2016-01-30 +Affects: All supported versions of FreeBSD. +Corrected: 2016-01-28 21:42:10 UTC (stable/10, 10.2-STABLE) + 2016-01-30 06:12:03 UTC (releng/10.2, 10.2-RELEASE-p12) + 2016-01-30 06:12:03 UTC (releng/10.1, 10.1-RELEASE-p29) + 2016-01-30 06:09:38 UTC (stable/9, 9.3-STABLE) + 2016-01-30 06:12:03 UTC (releng/9.3, 9.3-RELEASE-p36) +CVE Name: CVE-2015-3197 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is +a collaborative effort to develop a robust, commercial-grade, full-featured +Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) +and Transport Layer Security (TLS v1) protocols as well as a full-strength +general purpose cryptography library. + +II. Problem Description + +A malicious client can negotiate SSLv2 ciphers that have been disabled on +the server and complete SSLv2 handshakes even if all SSLv2 ciphers have +been disabled, provided that the SSLv2 protocol was not also disabled via +SSL_OP_NO_SSLv2. + +III. Impact + +An active MITM attacker may be able to force a protocol downgrade to SSLv2, +which is a flawed protocol and intercept the communication between client +and server. + +IV. Workaround + +No workaround is available, but only applications that do not explicitly +disable SSLv2 are affected. + +To determine if a server have SSLv2 enabled, a system administrator can +use the following command: + +% openssl s_client -ssl2 -connect : &1 | grep DONE + +which will print "DONE" if and only if SSLv2 is enabled. Note that this +check will not work for services that uses STARTTLS or DTLS. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +Restart all deamons using the library, or reboot the system. + +2) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 10.2] +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.2.patch +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.2.patch.asc +# gpg --verify openssl-10.2.patch.asc + +[FreeBSD 10.1] +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.1.patch +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-10.1.patch.asc +# gpg --verify openssl-10.1.patch.asc + +[FreeBSD 9.3] +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-9.3.patch +# fetch https://security.FreeBSD.org/patches/SA-16:11/openssl-9.3.patch.asc +# gpg --verify openssl-9.3.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/9/ r295060 +releng/9.3/ r295061 +stable/10/ r295016 +releng/10.1/ r295061 +releng/10.2/ r295061 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAEBCgAGBQJWrFhQAAoJEO1n7NZdz2rnzcwQAJJQvYkvHuVHHBHCuV576ceJ +39Ry8ooGsNquyThUndbDYOV+Vhpj62XEnI+PXUgZPKENglnf+rRu0CWfCs1SqFQE +EGOSsiXmBFyvJ8AMoQfiBdCoNRCBafqhY637IG8FU7WSpg8vYJO3bGCLmsgVbeoz +V2kHmUtGUNSgksvOjo2O6ezc6rYc5jPrpB11mUZ8xFoBE9YhLNRpfttCajKAYy+9 +t7S3tuGnleWWmnLdFj0jNJXjg38h9gG18L4kr+z/mFFWKYmFNdKuoXlpseMFD7pb +LP7RipHDh0WQqtVOQtyu0x6BuijiuIlByadcHZO1MfDNXnu1UR5OEESs0EYElh8O +6mR/i3MZ1m9DoIoRcR1eCNQN2NiWV4tVCflSTi2pUl3TTCBpYn+THMi17c4IzTNA +kaMR7AUeXgJVAntfmAx4mdqdjTam2EfCNRoMS3WdfVCD8cZQDewxFmEY2FbHUzix +WUBVTUzx2BTUQO7PKJ6UdEiojetJ+OmwlaAb8WfGQTypANKUfMcyXzfmtmM4dgJg +NjNIUxA9T3unmWUg5nh7CACJVWcykyM1ORLqFTrrxAlIz3d1gPI2kqGiMGtEMbzI +A42xSFfHVvUJ6MzXe98Sf6cDWs98qQBTLDxHo5COpq6zV4AFDqlvdyzcJ/SQTAfq +tsPAVgWspt40dxnRQfku +=DN5y +-----END PGP SIGNATURE----- diff --git a/share/security/patches/SA-16:11/openssl-10.1.patch b/share/security/patches/SA-16:11/openssl-10.1.patch new file mode 100644 index 0000000000..894c4f1fe5 --- /dev/null +++ b/share/security/patches/SA-16:11/openssl-10.1.patch @@ -0,0 +1,43 @@ +Index: crypto/openssl/ssl/s2_srvr.c +=================================================================== +--- crypto/openssl/ssl/s2_srvr.c (revision 294905) ++++ crypto/openssl/ssl/s2_srvr.c (working copy) +@@ -400,7 +400,7 @@ static int get_client_master_key(SSL *s) + } + + cp=ssl2_get_cipher_by_char(p); +- if (cp == NULL) ++ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); +@@ -698,9 +698,12 @@ static int get_client_hello(SSL *s) + prio = cs; + allow = cl; + } +- for (z=0; zalgorithm_ssl & SSL_SSLV2) == 0 || ++ sk_SSL_CIPHER_find(allow, cp) < 0) + { + (void)sk_SSL_CIPHER_delete(prio,z); + z--; +@@ -711,6 +714,14 @@ static int get_client_hello(SSL *s) + sk_SSL_CIPHER_free(s->session->ciphers); + s->session->ciphers = prio; + } ++ ++ /* Make sure we have at least one cipher in common */ ++ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) ++ { ++ ssl2_return_error(s, SSL2_PE_NO_CIPHER); ++ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); ++ return -1; ++ } + /* s->session->ciphers should now have a list of + * ciphers that are on both the client and server. + * This list is ordered by the order the client sent diff --git a/share/security/patches/SA-16:11/openssl-10.1.patch.asc b/share/security/patches/SA-16:11/openssl-10.1.patch.asc new file mode 100644 index 0000000000..114b2bdf9d --- /dev/null +++ b/share/security/patches/SA-16:11/openssl-10.1.patch.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAABCgAGBQJWrFhgAAoJEO1n7NZdz2rnrYUQAJcK0DBwDfvVysKdQBmryikB +iNjcbriE3X/secGwz2DnN38LoeXS1dP9N0Zk07KWaWi516PpQq1bHLxvomlvcxhw +m98/Vmwv/MAK6g8AxEeVoXP8A2dCYeVGu8AWmfp9wwum1Kl9vGmm4UE3McPC3a59 +9mqJ1U+icn72EasyZMGNc8WnwZleuievXYxUkFJwQ32urbMgnIk/XkNT9ULpWjiH +omgu4C4IXKyb/zer0AW5xfQ2WbMqmxD93R4ApcM79+wxCtHFK+CxFeX7Xc8BXAXn +SEn69KggtFCYCXnsIdAE42IK28c3iw7MoeHPSZAYUf8SJ3x99NvXvdfPairLz6X1 +kjaAbbi2ycZRJBdBWTiSqYrtW3tSPGz+LtutbctcOjB6EsZMbbOZWKZYwAD2d1vi +httOrSpgd15Jqkhh6xYoK5qmk4rDUMe8MbaSmYH0rmjB/79VxBSneocwWnYpbsUO +m6Zrg1EpKfoIGcXYeanRHZqobeR+0uhi3oX/dBOUmxycWEMlALxboVJ7DU/q+AXE +Fq7+H8wkATvMXaJtlRWmKV34ShfmIqTEceNLJMDHFqb/j/yUNKrA3pjfqgkoYflf +IHrG1v61haJNREs2hx1fTWWy315ua9pwOHrpR9eYNiOwh3b4MbKdA9QErYZLMyuM +gt45GgReqbU50ikXipnp +=voQ/ +-----END PGP SIGNATURE----- diff --git a/share/security/patches/SA-16:11/openssl-10.2.patch b/share/security/patches/SA-16:11/openssl-10.2.patch new file mode 100644 index 0000000000..41692726a2 --- /dev/null +++ b/share/security/patches/SA-16:11/openssl-10.2.patch @@ -0,0 +1,41 @@ +Index: crypto/openssl/ssl/s2_srvr.c +=================================================================== +--- crypto/openssl/ssl/s2_srvr.c (revision 294905) ++++ crypto/openssl/ssl/s2_srvr.c (working copy) +@@ -402,7 +402,7 @@ static int get_client_master_key(SSL *s) + } + + cp = ssl2_get_cipher_by_char(p); +- if (cp == NULL) { ++ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) { + ssl2_return_error(s, SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); + return (-1); +@@ -687,8 +687,12 @@ static int get_client_hello(SSL *s) + prio = cs; + allow = cl; + } ++ ++ /* Generate list of SSLv2 ciphers shared between client and server */ + for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) { +- if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) { ++ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); ++ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 || ++ sk_SSL_CIPHER_find(allow, cp) < 0) { + (void)sk_SSL_CIPHER_delete(prio, z); + z--; + } +@@ -697,6 +701,13 @@ static int get_client_hello(SSL *s) + sk_SSL_CIPHER_free(s->session->ciphers); + s->session->ciphers = prio; + } ++ ++ /* Make sure we have at least one cipher in common */ ++ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) { ++ ssl2_return_error(s, SSL2_PE_NO_CIPHER); ++ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); ++ return -1; ++ } + /* + * s->session->ciphers should now have a list of ciphers that are on + * both the client and server. This list is ordered by the order the diff --git a/share/security/patches/SA-16:11/openssl-10.2.patch.asc b/share/security/patches/SA-16:11/openssl-10.2.patch.asc new file mode 100644 index 0000000000..f854f75172 --- /dev/null +++ b/share/security/patches/SA-16:11/openssl-10.2.patch.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAABCgAGBQJWrFhgAAoJEO1n7NZdz2rn7pIP/RfM/xbLqKh6jOQKzCAs/hqK +erl+zzNNn8cJF00c1T2kFY05pwvFExAIAdPQ09uk7S+d+qC1tfn55ioPT0rUaLsv +qvhsRGEB2FZi+c6l8ZFK9qvePbqTzGAwYjhcmbaxw83YtosdxM5Z6Q3v9Nzfd6cG +qvGH6X91MDlpzyKx/ZQ/vXXFkMO1gDzMgOJe6phgKkxMiNfknqBifsLaJBUq0uSZ +WaqlfbhPDDXFu2hJ3lvizAxz2+6OQVUZeuGaw0UPtAzofBdX4H3UhUXjFPO1iECV +D3P0jTUKnNswd1l6xR8AUNHPh78Zf3T8hE9Ihf7jBiwVpA4VX2+jyan3NfC5ESO2 +dXStOPa4weEMERJVoBra8ZcvUwl+F63/ti35mf42KQK/dMXfn4YYJg06ZOyAxdG2 ++7bAJCCW6IVmIWhh+k7UdajP7KKSjyaopw/sNEAvU01iS4nB9EBnFebQ785GgRfE +iUEm98lCjIzkWLqZU6aGwLL46S3GUYkIhylUjLuHwsVm7YjEhURU0ghhM+srZDuX +yd4appgHar632XnotetsIiivKkzZJYK+1pt9tVf72/Q7V+ba4Zj7FCs1DEvwAfYa +LNIFIjS02ocgBQjKKR9+UqazuXe2+o0CpOKlqB/HGeIU3Rcc25h2y3uk8q/cCYoa +ibsADoMVD+ImHQXbKtlu +=L3PJ +-----END PGP SIGNATURE----- diff --git a/share/security/patches/SA-16:11/openssl-9.3.patch b/share/security/patches/SA-16:11/openssl-9.3.patch new file mode 100644 index 0000000000..e8c002e4c2 --- /dev/null +++ b/share/security/patches/SA-16:11/openssl-9.3.patch @@ -0,0 +1,43 @@ +Index: crypto/openssl/ssl/s2_srvr.c +=================================================================== +--- crypto/openssl/ssl/s2_srvr.c (revision 294905) ++++ crypto/openssl/ssl/s2_srvr.c (working copy) +@@ -392,7 +392,7 @@ static int get_client_master_key(SSL *s) + } + + cp=ssl2_get_cipher_by_char(p); +- if (cp == NULL) ++ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) + { + ssl2_return_error(s,SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); +@@ -690,9 +690,12 @@ static int get_client_hello(SSL *s) + prio = cs; + allow = cl; + } +- for (z=0; zalgorithms & SSL_SSLV2) == 0 || ++ sk_SSL_CIPHER_find(allow, cp) < 0) + { + (void)sk_SSL_CIPHER_delete(prio,z); + z--; +@@ -703,6 +706,14 @@ static int get_client_hello(SSL *s) + sk_SSL_CIPHER_free(s->session->ciphers); + s->session->ciphers = prio; + } ++ ++ /* Make sure we have at least one cipher in common */ ++ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) ++ { ++ ssl2_return_error(s, SSL2_PE_NO_CIPHER); ++ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); ++ return -1; ++ } + /* s->session->ciphers should now have a list of + * ciphers that are on both the client and server. + * This list is ordered by the order the client sent diff --git a/share/security/patches/SA-16:11/openssl-9.3.patch.asc b/share/security/patches/SA-16:11/openssl-9.3.patch.asc new file mode 100644 index 0000000000..e214ceecea --- /dev/null +++ b/share/security/patches/SA-16:11/openssl-9.3.patch.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.8 (FreeBSD) + +iQIcBAABCgAGBQJWrFhgAAoJEO1n7NZdz2rnHfAP/0dRSsN5QEeACYvdu7fSGyvq +/9QUsHLyGMj3wS1SUP3oFCgpXuweYfmWVtvFfA2uLqXOukuOPJLYSpJVdF0QXZrK +dL0mlU3aaA2NLQlgl3QpnX1Gz5ItV62piljHs9Q87Is765BYnUp7i01gexVIA0PE +kK0U5ocfYiEwGhtcRl1ndTCHFJxrAQY7quRBPgeONpB2VFoSXOmRLF2cCi8s+ebV +cUk9sTWT+OCutzjvDFsqEFvcaVHT8jDDlXdXUuDGOzZ4sGc/OgKA6J42Wws++VKw +LqfQjD/RP4GQNvO0mmvd/1jnr6ug+rMxJapnNRVY6nTRBOcn2qEIZjALBjjVTZdx +xIQVc5M0CmRF4GcnKlwwJMC5vl+BPxvSbb2mKDEGY+nzXdH7z5618wwqE1EyIwj5 +U7X75vogYMv50uTTuAXazQm1WifxmpDYaaIyTRzz5pnSeXE6seeUEvkKXhmD2s+g +OQhULV51JUPhousieaJzPVTB8/NSZAiqvma++aW7claJr7drGWL1DEOGXqRBl/Rb +9iYDOJ6VcdqwfDUb1Hf5Ukc3oYGXkobhpswjbFnmTE96Cu/mH7Z1bKDhlG/0Zzwv +YYHTmWn9j9/azAwL0ZTUZztDm+9ZQqSPBXJMWVEaPOskyxRUHKurgixB7uEZco9U +RlgyGJfV0gU3oDgM9XE+ +=wEfU +-----END PGP SIGNATURE----- diff --git a/share/xml/advisories.xml b/share/xml/advisories.xml index b723d875d0..8fd22910a8 100644 --- a/share/xml/advisories.xml +++ b/share/xml/advisories.xml @@ -10,6 +10,14 @@ 1 + + 30 + + + FreeBSD-SA-16:11.openssl + + + 27