Updated openssl packages fix security vulnerability
Publication date: 05 Dec 2015Modification date: 05 Dec 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-1794 , CVE-2015-3194 , CVE-2015-3195 , CVE-2015-3196
Description
If a client receives a ServerKeyExchange for an anonymous DH ciphersuite
with the value of p set to 0 then a seg fault can occur leading to a
possible denial of service attack (CVE-2015-1794).
Loic Jonas Etienne of Qnective AG discovered that the signature
verification routines will crash with a NULL pointer dereference if
presented with an ASN.1 signature using the RSA PSS algorithm and absent
mask generation function parameter. A remote attacker can exploit this
flaw to crash any certificate verification operation and mount a denial of
service attack (CVE-2015-3194).
Adam Langley of Google/BoringSSL discovered that OpenSSL will leak memory
when presented with a malformed X509_ATTRIBUTE structure (CVE-2015-3195).
A race condition flaw in the handling of PSK identify hints was
discovered, potentially leading to a double free of the identify hint data
(CVE-2015-3196).
References
- https://bugs.mageia.org/show_bug.cgi?id=17292
- http://openssl.org/news/secadv/20151203.txt
- https://www.debian.org/security/2015/dsa-3413
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196
SRPMS
5/core
- openssl-1.0.2e-1.mga5