Contributed by tbert on from the get-your-FREAK-on dept.
When CVE-2015-0204 (RSA silently downgrades to EXPORT_RSA) was announced, it was labeled "Severity: Low". Our assessment at the time was that export ciphers had already been removed prior to the release of 5.6, and that the fix was not worth backporting to 5.5.
Then CVE-2015-0204 was renamed the FREAK attack. Now it has a fancy name so you know it's important.
Unfortunately, our original assessment was not entirely correct. Some of the features exploited by FREAK were not deleted until after 5.6, although this was not known until testing tools became available. We've corrected libssl by backporting the necessary changes to 5.6.
The patch below includes the fix for CVE-2015-0204 as well as some other "low severity" fixes for similar downgrade issues relating to ECDHE.
Statement regarding 5.5: SSL/TLS is hooped. There have been too many changes, large and small, that make backporting and testing indvidual fixes difficult. Additionally, many small fixes get overlooked.
Thanks to Florian Riehm for pointing out that 5.6 was still vulnerable to FREAK.
untrusted comment: signature from openbsd 5.6 base private key RWR0EANmo9nqhpxHVrEZWmf2qAA9zblsetB0gpcMFrkMumxjVXGdcaRNHc7TS+IkdiYNDncAU2qjYSaM8bDI+nQp9HUayjp3RQQ=
OpenBSD 5.6 errata 17, Mar 13, 2015:
Don't permit TLS client connections to be downgraded to weak keys.
Apply by doing:cd /usr/src signify -Vep /etc/signify/openbsd-56-base.pub -x 017_openssl.patch.sig -m - | \ patch -p0
And then rebuild and install libssl:cd lib/libssl/ssl make obj make depend make make install
(Comments are closed)