[v2.6] openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450
The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13a0812dcc5a03
Issues description:
TLS record tampering issue can lead to OpenSSL crash (CVE-2013-4353)
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. (CVE-2013-6449)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca989269a2876bae79393bd54c3e72d49975fc75
•CONFIRM:
http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1045363
•CONFIRM: https://issues.apache.org/jira/browse/TS-2355
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (CVE-2013-6450)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=34628967f1e65dc8f34e000f0f5518e21afbfc7b
•CONFIRM: https://security-tracker.debian.org/tracker/CVE-2013-6450
(from redmine: issue id 2584, created on 2014-01-08, closed on 2014-02-04)
- Relations:
- parent #2581 (closed)
- Changesets:
- Revision a36c8fc7 by Natanael Copa on 2014-01-14T14:52:38Z:
main/openssl: security upgrade to 1.0.1f (CVE-2013-4353,CVE-2013-6449,CVE-2013-6450)
fixes #2584