[Technik] Re: [SECURITY] [DSA 1185-2] New openssl packages fix arbitrary code execution

Noèl Köthe noel at debian.org
Thu Oct 5 09:18:03 CEST 2006 

Am Montag, den 02.10.2006, 21:33 +0200 schrieb Noah Meyerhans:

> Debian Security Advisory DSA 1185-2                    security at debian.org
> http://www.debian.org/security/                             Noah Meyerhans
> October 2nd, 2006                       http://www.debian.org/security/faq
> 
> Package        : openssl
> Vulnerability  : denial of service
> Problem-Type   : remote
> Debian-specific: no
> CVE ID         : CVE-2006-2940

openssl auf pima, pomo, yuma, cusa, cree, crow, cupa, wasco, kiowa,
karuk, kansa, acoma, h01, h02 und h03 aktualisiert.

> The fix used to correct CVE-2006-2940 introduced code that could lead to
> the use of uninitialized memory.  Such use is likely to cause the
> application using the openssl library to crash, and has the potential to
> allow an attacker to cause the execution of arbitrary code.
> 
> For the stable distribution (sarge) these problems have been fixed in
> version 0.9.7e-3sarge4.

changelog:
openssl (0.9.7e-3sarge4) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing
    an uninitialized pointer.

 -- Noah Meyerhans <noahm at debian.org>  Sat, 30 Sep 2006 05:54:57 -0400

openssl (0.9.7e-3sarge3) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Apply patch to fix infinite loop / memory allocation denial of
    service due to mis-handling of error conditions on invalid ASN1
    data.  CVE-2006-2937
  * Apply patch to fix a buffer overflow in the SSL_get_shared_ciphers
    function.  CVE-2006-3738
  * Apply patch to fix a denial of service in the SSLv2 client code
    whereby a malicious server could cause a client to crash.
    CVE-2006-4343
  * Apply patch to correct a potential denial of service attack when
    parsing ASN1 data from untrusted sources.  Certain types of public
    key can take a disproportionate amount of time to process, allowing
    an attacker to exhaust system resources.  CVE-2006-2940

 -- Noah Meyerhans <noahm at debian.org>  Tue, 26 Sep 2006 17:36:05 -0400

-- 
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /archiv/technik/attachments/20061005/aee0b394/attachment.pgp

More information about the Technik mailing list