Updates to OpenSSL fix vulnerabilities related to Logjam

Published: 2015-06-11
Last Updated: 2015-06-12 02:34:48 UTC
by Brad Duncan (Version: 1)
3 comment(s)

An OpenSSL security advisory issued earlier today on Thursday 2015-06-11 [1].  According to the advisory users should upgrade OpenSSL to fix vulnerabliities that could be exploited by a Logjam attack [2].

The issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.

  • OpenSSL 1.0.2 users should upgrade to 1.0.2b
  • OpenSSL 1.0.1 users should upgrade to 1.0.1n
  • OpenSSL 1.0.0 users should upgrade to 1.0.0s
  • OpenSSL 0.9.8 users should upgrade to 0.9.8zg

Related vulnerabilities from the announcement:

Of note, support for OpenSSL versions 1.0.0 and 0.9.8 will cease at the end of the year on 2015-12-31.  No security updates for 1.0.0 and 0.9.8 will be provided after that.  Users are advised to upgrade to the latest versions of 1.0.1 or 1.0.2.

References:

[1] http://openssl.org/news/secadv_20150611.txt
[2] https://weakdh.org/

Keywords:
3 comment(s)

Comments

This improves, but does not fix the
client side as it sets the minimum
size DH group to 768 for clients
rather than 1024 or 2048.

Here the logic was modified to require
a minimum size DH group of 1024, patch
below.

One must still generate proper 2048 bit
or larger custom DH groups for servers
per the instructions at
https://weakdh.org/sysadmin.html


--- ssl/s3_clnt.c.ar 2015-06-11 09:50:11.000000000 -0400
+++ ssl/s3_clnt.c 2015-06-11 11:44:59.000000000 -0400
@@ -3558,12 +3558,11 @@
goto f_err;
dh_size = BN_num_bits(dh_srvr->p);
DH_free(dh_srvr);
}

- if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768)
- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
+ if (dh_size < 1024) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
goto f_err;
}
}
#endif /* !OPENSSL_NO_DH */
This SSL change, pushed out by Ubuntu for 12.04 LTS breaks the Security Onion.
https://groups.google.com/forum/#!topic/security-onion/E7HdGGUuq6c
Looks like they quickly up-revved to 1.0.2c
12-Jun-2015: New releases to resolve ABI compatibility problems

Diary Archives