From yann at pleiades.fr.eu.org Sun Dec 6 13:04:20 2009 From: yann at pleiades.fr.eu.org (Yann Rouillard) Date: Sun, 06 Dec 2009 13:04:20 +0100 Subject: [csw-announce] Openssl vulnerability CVE-2009-3555 Message-ID: <4B1B9DC4.9050009@pleiades.fr.eu.org> Dear users, A security vulnerability has been recently found in the TLS and SSL protocol part related to the handling of session renegotiation [1]. This vulnerability allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection within a Man-in-the-middle attack. This problem is caused by a design flaw in the TLS/SSL protocol and is difficult to fix in a clean and backward compatible way. As a result the new openssl release (0.9.8l) which fixes this bug simply completely disables renegotiation. This new package will hit csw unstable mirror very soon. This modification should not have any impact for most setups except for Apache https configurations which use certificate client verification (SSLVerifyClient) or specify a new ssl cipher list (SSLCipherSuite) in a directory or location context. If that's your case, you should try to use these instructions on the server or virtual host level, or avoid upgrading to openssl 0.9.8l [2], but you will stay vulnerable in the latter. A new protocol extension to TLS is planned to address this issue but the RFC draft is still under review and it will require both the client and the server to implement the extension. Best regards Yann [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 [2] You can avoid upgrading with pkgutil >= 1.9 by adding the following line in pkgutil.conf: exclude_pattern=CSWossl From yann at pleiades.fr.eu.org Sun Dec 6 13:04:20 2009 From: yann at pleiades.fr.eu.org (Yann Rouillard) Date: Sun, 06 Dec 2009 13:04:20 +0100 Subject: [csw-announce] Openssl vulnerability CVE-2009-3555 Message-ID: <4B1B9DC4.9050009@pleiades.fr.eu.org> Dear users, A security vulnerability has been recently found in the TLS and SSL protocol part related to the handling of session renegotiation [1]. This vulnerability allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection within a Man-in-the-middle attack. This problem is caused by a design flaw in the TLS/SSL protocol and is difficult to fix in a clean and backward compatible way. As a result the new openssl release (0.9.8l) which fixes this bug simply completely disables renegotiation. This new package will hit csw unstable mirror very soon. This modification should not have any impact for most setups except for Apache https configurations which use certificate client verification (SSLVerifyClient) or specify a new ssl cipher list (SSLCipherSuite) in a directory or location context. If that's your case, you should try to use these instructions on the server or virtual host level, or avoid upgrading to openssl 0.9.8l [2], but you will stay vulnerable in the latter. A new protocol extension to TLS is planned to address this issue but the RFC draft is still under review and it will require both the client and the server to implement the extension. Best regards Yann [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 [2] You can avoid upgrading with pkgutil >= 1.9 by adding the following line in pkgutil.conf: exclude_pattern=CSWossl