SuSE Local Security Checks : openSUSE: Security Advisory for mbedtls (openSUSE-SU-2015:2257-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.851187

Kategorie: SuSE Local Security Checks

Titel: openSUSE: Security Advisory for mbedtls (openSUSE-SU-2015:2257-1)

Zusammenfassung: The remote host is missing an update for the 'mbedtls'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'mbedtls'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This update for mbedtls fixes the following security and non-security
issues:

- Update to 1.3.15

* Fix potential double free if ssl_set_psk() is called more than once
and some allocation fails. Cannot be forced remotely. Found by Guido
Vranken, Intelworks.

* Fix potential heap corruption on windows when x509_crt_parse_path() is
passed a path longer than 2GB. Cannot be triggered remotely. Found by
Guido Vranken, Intelworks.

* Fix potential buffer overflow in some asn1_write_xxx() functions.
Cannot be triggered remotely unless you create X.509 certificates based
on untrusted input or write keys of untrusted origin. Found by Guido
Vranken, Intelworks.

* The x509 max_pathlen constraint was not enforced on intermediate
certificates. Found by Nicholas Wilson, fix and tests provided by
Janos Follath. #280 and #319

* Self-signed certificates were not excluded from pathlen counting,
resulting in some valid X.509 being incorrectly rejected. Found and
fix provided by Janos Follath. #319

* Fix bug causing some handshakes to fail due to some non-fatal alerts
not begin properly ignored. Found by mancha and Kasom Koht-arsa, #308

* Fix build error with configurations where ecdhe-psk is the only key
exchange. Found and fix provided by Chris Hammond. #270

* Fix failures in mpi on sparc(64) due to use of bad assembly code.
Found by Kurt Danielson. #292

* Fix typo in name of the extkeyusage oid. found by inestlerode, #314

* Fix bug in asn.1 encoding of booleans that caused generated ca
certificates to be rejected by some applications, including OS X
Keychain. Found and fixed by Jonathan Leroy, Inikup.

* Fix 'destination buffer is too small' error in cert_write program.
Found and fixed by Jonathan Leroy, Inikup.

- Update to 1.3.14

* Added fix for CVE-2015-5291 (boo#949380) to prevent heap corruption
due to buffer
overflow of the hostname or session ticket. Found by Guido Vranken,
Intelworks.

* Fix stack buffer overflow in pkcs12 decryption (used by
mbedtls_pk_parse_key(file)() when the password is 129 bytes. Found
by Guido Vranken, Intelworks. Not triggerable remotely.

* Fix potential buffer overflow in mbedtls_mpi_read_string(). Found by
Guido Vranken, Intelworks. Not exploitable remotely in the context
of TLS, but might be in other uses. On 32 bit machines, requires
reading a string of close to or larger than 1GB to exploit on 64 bit
machines, would require reading a string of close to or larger than
2^62 bytes.

* Fix potential random memory allocation in mbedtls_pem_read_buffer()
on crafted PEM input data. ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
mbedtls on openSUSE Leap 42.1

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-5291
Debian Security Information: DSA-3468 (Google Search)
http://www.debian.org/security/2016/dsa-3468
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169625.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169765.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170317.html
https://security.gentoo.org/glsa/201706-18
https://guidovranken.files.wordpress.com/2015/10/cve-2015-5291.pdf
https://guidovranken.wordpress.com/2015/10/07/cve-2015-5291/
SuSE Security Announcement: openSUSE-SU-2015:2257 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00013.html
SuSE Security Announcement: openSUSE-SU-2015:2371 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00119.html

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.851187
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for mbedtls (openSUSE-SU-2015:2257-1)
Zusammenfassung:	The remote host is missing an update for the 'mbedtls'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'mbedtls' package(s) announced via the referenced advisory. Vulnerability Insight: This update for mbedtls fixes the following security and non-security issues: - Update to 1.3.15 * Fix potential double free if ssl_set_psk() is called more than once and some allocation fails. Cannot be forced remotely. Found by Guido Vranken, Intelworks. * Fix potential heap corruption on windows when x509_crt_parse_path() is passed a path longer than 2GB. Cannot be triggered remotely. Found by Guido Vranken, Intelworks. * Fix potential buffer overflow in some asn1_write_xxx() functions. Cannot be triggered remotely unless you create X.509 certificates based on untrusted input or write keys of untrusted origin. Found by Guido Vranken, Intelworks. * The x509 max_pathlen constraint was not enforced on intermediate certificates. Found by Nicholas Wilson, fix and tests provided by Janos Follath. #280 and #319 * Self-signed certificates were not excluded from pathlen counting, resulting in some valid X.509 being incorrectly rejected. Found and fix provided by Janos Follath. #319 * Fix bug causing some handshakes to fail due to some non-fatal alerts not begin properly ignored. Found by mancha and Kasom Koht-arsa, #308 * Fix build error with configurations where ecdhe-psk is the only key exchange. Found and fix provided by Chris Hammond. #270 * Fix failures in mpi on sparc(64) due to use of bad assembly code. Found by Kurt Danielson. #292 * Fix typo in name of the extkeyusage oid. found by inestlerode, #314 * Fix bug in asn.1 encoding of booleans that caused generated ca certificates to be rejected by some applications, including OS X Keychain. Found and fixed by Jonathan Leroy, Inikup. * Fix 'destination buffer is too small' error in cert_write program. Found and fixed by Jonathan Leroy, Inikup. - Update to 1.3.14 * Added fix for CVE-2015-5291 (boo#949380) to prevent heap corruption due to buffer overflow of the hostname or session ticket. Found by Guido Vranken, Intelworks. * Fix stack buffer overflow in pkcs12 decryption (used by mbedtls_pk_parse_key(file)() when the password is 129 bytes. Found by Guido Vranken, Intelworks. Not triggerable remotely. * Fix potential buffer overflow in mbedtls_mpi_read_string(). Found by Guido Vranken, Intelworks. Not exploitable remotely in the context of TLS, but might be in other uses. On 32 bit machines, requires reading a string of close to or larger than 1GB to exploit on 64 bit machines, would require reading a string of close to or larger than 2^62 bytes. * Fix potential random memory allocation in mbedtls_pem_read_buffer() on crafted PEM input data. ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: mbedtls on openSUSE Leap 42.1 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5291 Debian Security Information: DSA-3468 (Google Search) http://www.debian.org/security/2016/dsa-3468 http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169625.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169765.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170317.html https://security.gentoo.org/glsa/201706-18 https://guidovranken.files.wordpress.com/2015/10/cve-2015-5291.pdf https://guidovranken.wordpress.com/2015/10/07/cve-2015-5291/ SuSE Security Announcement: openSUSE-SU-2015:2257 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00013.html SuSE Security Announcement: openSUSE-SU-2015:2371 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00119.html
Copyright	Copyright (C) 2016 Greenbone Networks GmbH