Update from upstream with multiple security issues fixed.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for openssl-steam fixes the following issues :

  - Merged changes from upstream openssl (Factory rev 137)     into this fork for Steam.

Updated to openssl 1.0.2k :

  - CVE-2016-7055: Montgomery multiplication may produce     incorrect results (boo#1009528)

  - CVE-2016-7056: ECSDA P-256 timing attack key recovery     (boo#1019334)

  - CVE-2017-3731: Truncated packet could crash via OOB read     (boo#1022085)

  - CVE-2017-3732: BN_mod_exp may produce incorrect results     on x86_64 (boo#1022086)

Update to openssl-1.0.2j :

  - CVE-2016-7052: Missing CRL sanity check (boo#1001148)

OpenSSL Security Advisory [22 Sep 2016] (boo#999665)

  - Severity: High

  - CVE-2016-6304: OCSP Status Request extension unbounded     memory growth (boo#999666)

  - Severity: Low

  - CVE-2016-2177: Pointer arithmetic undefined behaviour     (boo#982575)

  - CVE-2016-2178: Constant time flag not preserved in DSA     signing (boo#983249)

  - CVE-2016-2179: DTLS buffered message DoS (boo#994844)

  - CVE-2016-2180: OOB read in TS_OBJ_print_bio()     (boo#990419)

  - CVE-2016-2181: DTLS replay protection DoS (boo#994749)

  - CVE-2016-2182: OOB write in BN_bn2dec() (boo#993819)

  - CVE-2016-2183: Birthday attack against 64-bit block     ciphers (SWEET32) (boo#995359)

  - CVE-2016-6302: Malformed SHA512 ticket DoS (boo#995324)

  - CVE-2016-6303: OOB write in MDC2_Update() (boo#995377)

  - CVE-2016-6306: Certificate message OOB reads     (boo#999668)

ALso fixed :

  - fixed a crash in print_notice (boo#998190)

  - fix X509_CERT_FILE path (boo#1022271) and rename

  - resume reading from /dev/urandom when interrupted by a     signal (boo#995075)

  - fix problems with locking in FIPS mode (boo#992120)

  - duplicates: boo#991877, boo#991193, boo#990392,     boo#990428 and boo#990207

  - drop openssl-fips_RSA_compute_d_with_lcm.patch     (upstream) (boo#984323)

  - don't check for /etc/system-fips (boo#982268)

OpenSSL reports :

High: OCSP Status Request extension unbounded memory growth

SSL_peek() hang on empty record

SWEET32 Mitigation

OOB write in MDC2_Update()

Malformed SHA512 ticket DoS

OOB write in BN_bn2dec()

OOB read in TS_OBJ_print_bio()

Pointer arithmetic undefined behaviour

Constant time flag not preserved in DSA signing

DTLS buffered message DoS

DTLS replay protection DoS

Certificate message OOB reads

Excessive allocation of memory in tls_get_message_header()

Excessive allocation of memory in dtls1_preprocess_fragment()

NB: LibreSSL is only affected by CVE-2016-6304

This update for compat-openssl098 fixes the following issues: OpenSSL Security Advisory [22 Sep 2016] (bsc#999665) Severity: High

  - OCSP Status Request extension unbounded memory growth     (CVE-2016-6304) (bsc#999666) Severity: Low

  - Pointer arithmetic undefined behaviour (CVE-2016-2177)     (bsc#982575)

  - Constant time flag not preserved in DSA signing     (CVE-2016-2178) (bsc#983249)

  - DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)

  - DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)

  - OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)

  - Birthday attack against 64-bit block ciphers (SWEET32)     (CVE-2016-2183) (bsc#995359)

  - Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)

  - OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)

  - Certificate message OOB reads (CVE-2016-6306)     (bsc#999668) More information can be found on:
    https://www.openssl.org/news/secadv/20160922.txt Bugs     fixed :

  - update expired S/MIME certs (bsc#979475)

  - fix crash in print_notice (bsc#998190)

  - resume reading from /dev/urandom when interrupted by a     signal (bsc#995075)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for compat-openssl098 fixes the following issues :

OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)

Severity: High

  - OCSP Status Request extension unbounded memory growth     (CVE-2016-6304) (bsc#999666)

Severity: Low

  - Pointer arithmetic undefined behaviour (CVE-2016-2177)     (bsc#982575)

  - Constant time flag not preserved in DSA signing     (CVE-2016-2178) (bsc#983249)

  - DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)

  - DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)

  - OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)

  - Birthday attack against 64-bit block ciphers (SWEET32)     (CVE-2016-2183) (bsc#995359)

  - Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)

  - OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)

  - Certificate message OOB reads (CVE-2016-6306)     (bsc#999668)

More information can be found on:
https://www.openssl.org/news/secadv/20160922.txt

Bugs fixed :

  - update expired S/MIME certs (bsc#979475)

  - fix crash in print_notice (bsc#998190)

  - resume reading from /dev/urandom when interrupted by a     signal (bsc#995075)

This update was imported from the SUSE:SLE-12:Update update project.

The version of OpenSSL installed on the remote AIX host is affected by the following vulnerabilities :

  - Multiple integer overflow conditions exist in s3_srvr.c,     ssl_sess.c, and t1_lib.c due to improper use of pointer     arithmetic for heap-buffer boundary checks. An     unauthenticated, remote attacker can exploit this to     cause a denial of service. (CVE-2016-2177)

  - An information disclosure vulnerability exists in the     dsa_sign_setup() function in dsa_ossl.c due to a failure     to properly ensure the use of constant-time operations.
    An unauthenticated, remote attacker can exploit this,     via a timing side-channel attack, to disclose DSA key     information. (CVE-2016-2178)

  - A denial of service vulnerability exists in the DTLS     implementation due to a failure to properly restrict the     lifetime of queue entries associated with unused     out-of-order messages. An unauthenticated, remote     attacker can exploit this, by maintaining multiple     crafted DTLS sessions simultaneously, to exhaust memory.
    (CVE-2016-2179)

  - An out-of-bounds read error exists in the X.509 Public     Key Infrastructure Time-Stamp Protocol (TSP)     implementation. An unauthenticated, remote attacker can     exploit this, via a crafted time-stamp file that is     mishandled by the 'openssl ts' command, to cause     denial of service or to disclose sensitive information.
    (CVE-2016-2180)

  - A denial of service vulnerability exists in the     Anti-Replay feature in the DTLS implementation due to     improper handling of epoch sequence numbers in records.
    An unauthenticated, remote attacker can exploit this,     via spoofed DTLS records, to cause legitimate packets to     be dropped. (CVE-2016-2181)

  - An overflow condition exists in the BN_bn2dec() function     in bn_print.c due to improper validation of     user-supplied input when handling BIGNUM values. An     unauthenticated, remote attacker can exploit this to     crash the process. (CVE-2016-2182)

  - A vulnerability exists, known as SWEET32, in the 3DES     and Blowfish algorithms due to the use of weak 64-bit     block ciphers by default. A man-in-the-middle attacker     who has sufficient resources can exploit this     vulnerability, via a 'birthday' attack, to detect a     collision that leaks the XOR between the fixed secret     and a known plaintext, allowing the disclosure of the     secret text, such as secure HTTPS cookies, and possibly     resulting in the hijacking of an authenticated session.
    (CVE-2016-2183)

  - A flaw exists in the tls_decrypt_ticket() function in     t1_lib.c due to improper handling of ticket HMAC     digests. An unauthenticated, remote attacker can exploit     this, via a ticket that is too short, to crash the     process, resulting in a denial of service.
    (CVE-2016-6302)

  - An integer overflow condition exists in the     MDC2_Update() function in mdc2dgst.c due to improper     validation of user-supplied input. An unauthenticated,     remote attacker can exploit this to cause a heap-based     buffer overflow, resulting in a denial of service     condition or possibly the execution of arbitrary code.
    (CVE-2016-6303)

  - A flaw exists in the ssl_parse_clienthello_tlsext()     function in t1_lib.c due to improper handling of overly     large OCSP Status Request extensions from clients. An     unauthenticated, remote attacker can exploit this, via     large OCSP Status Request extensions, to exhaust memory     resources, resulting in a denial of service condition.
    (CVE-2016-6304)

  - An out-of-bounds read error exists in the certificate     parser that allows an unauthenticated, remote attacker     to cause a denial of service via crafted certificate     operations. (CVE-2016-6306)

  - A flaw exists in the GOST ciphersuites due to the use of     long-term keys to establish an encrypted connection. A     man-in-the-middle attacker can exploit this, via a Key     Compromise Impersonation (KCI) attack, to impersonate     the server.

  - A denial of service vulnerability exists in x509_vfy.c     due to improper handling of certificate revocation lists     (CRLs). An unauthenticated, remote attacker can exploit     this, via a specially crafted CRL, to cause a NULL     pointer dereference, resulting in a crash of the     service. (CVE-2016-7052)

According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 3.1.x prior to 3.1.5.7958.
It is, therefore, affected by multiple vulnerabilities :

  - An information disclosure vulnerability exists in the     bundled version of Apache Tomcat in the Manager and Host     Manager web applications due to a flaw in the index page     when issuing redirects in response to unauthenticated     requests for the root directory of the application. An     authenticated, remote attacker can exploit this to gain     access to the XSRF token information stored in the index     page. (CVE-2015-5351)

  - A remote code execution vulnerability exists in the     Framework subcomponent that allows an authenticated,     remote attacker to execute arbitrary code.
    (CVE-2016-0635)

  - An information disclosure vulnerability exists in the     bundled version of Apache Tomcat that allows a specially     crafted web application to load the     StatusManagerServlet. An authenticated, remote attacker     can exploit this to gain unauthorized access to a list     of all deployed applications and a list of the HTTP     request lines for all requests currently being     processed. (CVE-2016-0706)

  - A remote code execution vulnerability exists in the     bundled version of Apache Tomcat due to a flaw in the     StandardManager, PersistentManager, and cluster     implementations that is triggered when handling     persistent sessions. An authenticated, remote attacker     can exploit this, via a crafted object in a session, to     bypass the security manager and execute arbitrary code.
    (CVE-2016-0714)

  - A security bypass vulnerability exists in the bundled     version of Apache Tomcat due to a failure to consider     whether ResourceLinkFactory.setGlobalContext callers are     authorized. An authenticated, remote attacker can     exploit this, via a web application that sets a crafted     global context, to bypass intended SecurityManager     restrictions and read or write to arbitrary application     data or cause a denial of service condition.
    (CVE-2016-0763)

  - Multiple integer overflow conditions exist in the     bundled version of OpenSSL in s3_srvr.c, ssl_sess.c, and     t1_lib.c due to improper use of pointer arithmetic for     heap-buffer boundary checks. An unauthenticated, remote     attacker can exploit this to cause a denial of service.
    (CVE-2016-2177)

  - An information disclosure vulnerability exists in the     bundled version of OpenSSL in the dsa_sign_setup()     function in dsa_ossl.c due to a failure to properly     ensure the use of constant-time operations. An     unauthenticated, remote attacker can exploit this, via a     timing side-channel attack, to disclose DSA key     information. (CVE-2016-2178)

  - A denial of service vulnerability exists in the bundled     version of OpenSSL in the DTLS implementation due to a     failure to properly restrict the lifetime of queue     entries associated with unused out-of-order messages. An     unauthenticated, remote attacker can exploit this, by     maintaining multiple crafted DTLS sessions     simultaneously, to exhaust memory. (CVE-2016-2179)

  - An out-of-bounds read error exists in the bundled     version of OpenSSL in the X.509 Public Key     Infrastructure Time-Stamp Protocol (TSP) implementation.
    An unauthenticated, remote attacker can exploit this,     via a crafted time-stamp file that is mishandled by the     'openssl ts' command, to cause  denial of service or to     disclose sensitive information. (CVE-2016-2180)

  - A denial of service vulnerability exists in the bundled     version of OpenSSL in the Anti-Replay feature in the     DTLS implementation due to improper handling of epoch     sequence numbers in records. An unauthenticated, remote     attacker can exploit this, via spoofed DTLS records, to     cause legitimate packets to be dropped. (CVE-2016-2181)

  - An overflow condition exists in the bundled version of     OpenSSL in the BN_bn2dec() function in bn_print.c due to     improper validation of user-supplied input when handling     BIGNUM values. An unauthenticated, remote attacker can     exploit this to crash the process. (CVE-2016-2182)

  - A vulnerability exists, known as SWEET32, in the bundled     version of OpenSSL in the 3DES and Blowfish algorithms     due to the use of weak 64-bit block ciphers by default.
    A man-in-the-middle attacker who has sufficient     resources can exploit this vulnerability, via a     'birthday' attack, to detect a collision that leaks the     XOR between the fixed secret and a known plaintext,     allowing the disclosure of the secret text, such as     secure HTTPS cookies, and possibly resulting in the     hijacking of an authenticated session. (CVE-2016-2183)

  - A flaw exists in the bundled version of OpenSSL in the     tls_decrypt_ticket() function in t1_lib.c due to     improper handling of ticket HMAC digests. An     unauthenticated, remote attacker can exploit this, via a     ticket that is too short, to crash the process,     resulting in a denial of service. (CVE-2016-6302)

  - An integer overflow condition exists in the bundled     version of OpenSSL in the  MDC2_Update() function in     mdc2dgst.c due to improper validation of user-supplied     input. An unauthenticated, remote attacker can exploit     this to cause a heap-based buffer overflow, resulting in     a denial of service condition or possibly the execution     of arbitrary code. (CVE-2016-6303)

  - A denial of service vulnerability exists in the bundled     version of OpenSSL in the ssl_parse_clienthello_tlsext()     function in t1_lib.c due to improper handling of overly     large OCSP Status Request extensions from clients. An     unauthenticated, remote attacker can exploit this, via     large OCSP Status Request extensions, to exhaust memory     resources. (CVE-2016-6304)

  - An out-of-bounds read error exists in the bundled     version of OpenSSL in the certificate parser that allows     an unauthenticated, remote attacker to cause a denial of     service via crafted certificate operations.
    (CVE-2016-6306)

ID	Name	Product	Family	Published	Updated	Severity
94811	Fedora 25 : 1:openssl (2016-64e0743e16)	Nessus	Fedora Local Security Checks	11/15/2016	1/19/2026	critical
106863	openSUSE Security Update : openssl-steam (openSUSE-2018-168)	Nessus	SuSE Local Security Checks	2/16/2018	10/29/2025	critical
93674	FreeBSD : OpenSSL -- multiple vulnerabilities (43eaa656-80bc-11e6-bf52-b499baebfeaf)	Nessus	FreeBSD Local Security Checks	9/23/2016	1/23/2026	critical
93909	SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2016:2468-1)	Nessus	SuSE Local Security Checks	10/7/2016	1/22/2026	critical
94086	openSUSE Security Update : compat-openssl098 (openSUSE-2016-1189)	Nessus	SuSE Local Security Checks	10/17/2016	1/21/2026	critical
95255	AIX OpenSSL Advisory : openssl_advisory21.asc (SWEET32)	Nessus	AIX Local Security Checks	11/22/2016	1/16/2026	critical
96767	MySQL Enterprise Monitor 3.1.x < 3.1.5.7958 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)	Nessus	CGI abuses	1/25/2017	1/2/2026	critical

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical