Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

USN-3087-1: OpenSSL vulnerabilities

22 September 2016

Several security issues were fixed in OpenSSL.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

  • openssl - Secure Socket Layer (SSL) cryptographic library and tools

Details

Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request
extension. A remote attacker could possibly use this issue to cause memory
consumption, resulting in a denial of service. (CVE-2016-6304)

Guido Vranken discovered that OpenSSL used undefined behaviour when
performing pointer arithmetic. A remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue has only been addressed in Ubuntu 16.04 LTS in this update.
(CVE-2016-2177)

C├ęsar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL
did not properly use constant-time operations when performing DSA signing.
A remote attacker could possibly use this issue to perform a cache-timing
attack and recover private DSA keys. (CVE-2016-2178)

Quan Luo discovered that OpenSSL did not properly restrict the lifetime
of queue entries in the DTLS implementation. A remote attacker could
possibly use this issue to consume memory, resulting in a denial of
service. (CVE-2016-2179)

Shi Lei discovered that OpenSSL incorrectly handled memory in the
TS_OBJ_print_bio() function. A remote attacker could possibly use this
issue to cause a denial of service. (CVE-2016-2180)

It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay
feature. A remote attacker could possibly use this issue to cause a denial
of service. (CVE-2016-2181)

Shi Lei discovered that OpenSSL incorrectly validated division results. A
remote attacker could possibly use this issue to cause a denial of service.
(CVE-2016-2182)

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES
ciphers were vulnerable to birthday attacks. A remote attacker could
possibly use this flaw to obtain clear text data from long encrypted
sessions. This update moves DES from the HIGH cipher list to MEDIUM.
(CVE-2016-2183)

Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths.
A remote attacker could use this issue to cause a denial of service.
(CVE-2016-6302)

Shi Lei discovered that OpenSSL incorrectly handled memory in the
MDC2_Update() function. A remote attacker could possibly use this issue to
cause a denial of service. (CVE-2016-6303)

Shi Lei discovered that OpenSSL incorrectly performed certain message
length checks. A remote attacker could possibly use this issue to cause a
denial of service. (CVE-2016-6306)

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04
Ubuntu 14.04
Ubuntu 12.04

After a standard system update you need to reboot your computer to make
all the necessary changes.

Related notices

  • USN-3181-1: libssl-doc, libcrypto1.0.0-udeb, libssl-dev, libssl1.0.0-udeb, openssl, libssl1.0.0
  • USN-3372-1: nss, libnss3
  • USN-3198-1: openjdk-6, openjdk-6-jdk, openjdk-6-jre-lib, icedtea-6-jre-cacao, openjdk-6-jre-headless, openjdk-6-jre-zero, openjdk-6-jre, icedtea-6-jre-jamvm
  • USN-3179-1: openjdk-8-demo, openjdk-8-jdk, openjdk-8-jre-headless, openjdk-8-jre, openjdk-8-jre-jamvm, openjdk-8-jre-zero, openjdk-8-source, openjdk-8, openjdk-8-doc, openjdk-8-jdk-headless
  • USN-3270-1: nss, libnss3-dev, libnss3-1d, libnss3-tools, libnss3-nssdb, libnss3
  • USN-3194-1: openjdk-7, openjdk-7-jdk, openjdk-7-jre-lib, openjdk-7-jre-zero, openjdk-7-source, openjdk-7-demo, openjdk-7-jre-headless, icedtea-7-jre-jamvm, openjdk-7-doc, openjdk-7-jre