More OpenSSL vulnerabilities



  • FYI…

    http://www.openssl.org/news/secadv_20140605.txt

    All 0.9.8, 1.0.0, and 1.0.1 versions are affected...

    OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
    OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m.
    OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.

    The MiTM attack requires both client and server to be affected (decryption of traffic).
    The other important one is only affected if using DTLS which OpenVPN doesn't support from what I could dig up (code execution).
    The others are DoS.

    EDIT: It looks like OpenVPN.net has updated the OpenVPN Windows client to use openssl 1.0.1.h with OpenVPN Windows Installer 2.3.4 I002.


  • Moderator

    Thanks Adam



  • Wonder if the pfSense team is working on a new release with openssl 1.0.1h version?



  • @Gio:

    Wonder if the pfSense team is working on a new release with openssl 1.0.1h version?

    They have, it's already released. Clearly the result of a code audit after Heartbleed.



  • @ingenieurmt:

    @Gio:

    Wonder if the pfSense team is working on a new release with openssl 1.0.1h version?

    They have, it's already released. Clearly the result of a code audit after Heartbleed.

    Really?  It hasn't been announced or uploaded to any of the mirrors.


  • Netgate Administrator

    This is not the same vulnerability we're talking about here. 2.1.2 updated OpenSSL to 1.0.1g to fix heartbleed. This new vulnerability seems to necessitate a further update.

    Steve



  • Sorry, misread the question. I thought it was asking if another OpenSSL release was coming.

    Is the pfSense team working on a new build with the updated OpenSSL release? Almost certainly.



  • This one is not an easily exploitable bug like heartbleed. While it should be fixed, it does not require the kind of immediate response that heartbleed did.


  • Rebel Alliance Developer Netgate

    It's not Heartbleed by a long shot.

    There will be a 2.1.4 coming, but we're not rushing it out like we did with Heartbleed. ETA mid next-week.

    Here is a snippet from the security announcement we're still drafting:

    OpenSSL accepts ChangeCipherSpec (CCS) inappropriately during a handshake which
    permits a Man-in-the-Middle attack leading to possible data disclosure by
    enabling decryption of SSL traffic[2][3]. The attack requires several conditions
    to be met, which drastically reduce its potential for exploitation. The required
    criteria for exploitation are:

    • A vulnerable server, such as the pfSense GUI or OpenVPN server.
    • A vulnerable client, such as a browser or OpenVPN client.
    • A position of power between the client and server where packets may be
        intercepted and inserted. (e.g. untrusted wifi hotspot)

    Further reducing the potential for exploitation are the following mitigating
    factors:

    • Most browsers are not vulnerable as they do not use OpenSSL (Chrome for Android
        being a notable exception[4].)
    • OpenVPN is only vulnerable in SSL/TLS mode WITHOUT a TLS Authentication key.

    In short: In the meantime, make sure your OpenVPN clients get updated (we already updated the export package with new Windows binaries, 2.3.4-I002) and it's not much of an issue. If your OpenVPN SSL/TLS servers already use a TLS auth key, you have little to worry about.



  • @jimp:

    There will be a 2.1.4 coming, but we're not rushing it out like we did with Heartbleed. ETA mid next-week.

    Hi jimp,

    I run an OpenVPN client from my pfsense box. In the meantime is it possible to update OpenSSL to 0.9.8za without adversely affecting the base system?

    Cheers,


  • Netgate Administrator

    Previous advice immediately after Heartbleed broke was not to do that, there's a good chance you'll break something.
    @cmb:

    Don't try to patch or upgrade OpenSSL, you'll more than likely just break things. Each PBI has its own copy, plus the base system.

    Steve



  • @jimp:

    It's not Heartbleed by a long shot.

    There will be a 2.1.4 coming, but we're not rushing it out like we did with Heartbleed. ETA mid next-week.

    It seems that OpenSSL in 2.0.x is also vulnerable to this bug. Is there then also a 2.0.4 security update available?

    Bests



  • @Reiner030:

    @jimp:

    It's not Heartbleed by a long shot.

    There will be a 2.1.4 coming, but we're not rushing it out like we did with Heartbleed. ETA mid next-week.

    It seems that OpenSSL in 2.0.x is also vulnerable to this bug. Is there then also a 2.0.4 security update available?

    Bests

    I wouldn't hold my breath, the 2.0.x versions are marked as "deprecated" on the release information page. There was nothing done on them to fix the heartbleed vulnerability as far as I know.


  • Rebel Alliance Developer Netgate

    No, there will not be a 2.0.x release, that line is no longer supported.

    Don't replace the OpenSSL in base yourself.


  • Netgate Administrator

    @kpa:

    There was nothing done on them to fix the heartbleed vulnerability as far as I know.

    The 2.0.X versions were not vulnerable to Heartbleed, but they may be vulnerable to whole host of other things.  ;)

    Steve



  • @jimp:

    There will be a 2.1.4 coming, but we're not rushing it out like we did with Heartbleed. ETA mid next-week.

    Any idea when we can expect to see 2.1.4 release?

    Cheers,



  • @hootenanny:

    @jimp:

    There will be a 2.1.4 coming, but we're not rushing it out like we did with Heartbleed. ETA mid next-week.

    Any idea when we can expect to see 2.1.4 release?

    Cheers,

    "ETA mid next-week."?



  • @Harvy66:

    "ETA mid next-week."?

    Just asking as that was last week, in the meantime I still can't use OpenVPN because of the vuln.


  • Rebel Alliance Developer Netgate

    Hit a couple snags but it's still coming soon.

    You can use OpenVPN if you use a TLS auth key. Also if you update your clients, it's fine. Please read all of the text I quoted earlier in the thread.


Log in to reply