Updated openssl packages fix security vulnerability
Publication date: 07 May 2016Modification date: 07 May 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-2105 , CVE-2016-2106 , CVE-2016-2107 , CVE-2016-2109
Description
An overflow can occur in the EVP_EncodeUpdate() function which is used for
Base64 encoding of binary data. If an attacker is able to supply very
large amounts of input data then a length check can overflow resulting in
a heap corruption (CVE-2016-2105).
An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
is able to supply very large amounts of input data after a previous call
to EVP_EncryptUpdate() with a partial block then a length check can
overflow resulting in a heap corruption (CVE-2016-2106).
A MITM attacker can use a padding oracle attack to decrypt traffic when
the connection uses an AES CBC cipher and the server support AES-NI
(CVE-2016-2107).
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
a short invalid encoding can casuse allocation of large amounts of memory
potentially consuming excessive resources or exhausting memory
(CVE-2016-2109)
References
- https://bugs.mageia.org/show_bug.cgi?id=18341
- https://www.openssl.org/news/secadv/20160503.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109
SRPMS
5/core
- openssl-1.0.2h-1.mga5