Last week the OpenSSL project made available security updates to address 2 security issues (more formally known as CVEs (defined)) and to provide further hardening against the Logjam attack. The updates are available for the following versions of OpenSSL:
- OpenSSL 1.0.2f: 2x CVEs resolved: 1x high severity, 1x low severity
- OpenSSL 1.0.1r: 1x CVE resolved: 1x low severity
Why Should These Issues Be Considered Important?
OpenSSL version 1.0.2e and earlier are vulnerable to a high severity vulnerability in the generation of safe prime numbers used within X9.42 style Diffie Hellman (DH) parameters. This vulnerability could allow information disclosure specifically disclosing the private DH exponent (the essential component underlying the encryption provided by the DH algorithm). More information on private and public keys is available here.
For the remaining low severity issue it corrects an issue that could have allowed an attacker to use an older cipher (in this instance SSL v2) for the purpose of securing a connection which would be benefit the attacker since SSLv2 is a weaker cipher (it’s use was prohibited in March 2011).
Finally, a further hardening against the Logjam attack was added by the OpenSSL team in the form of increasing the accepted minimum number of bits used in DH key exchange to 1024 bits. As reported in an earlier post this was previously increased from 512 to 768 bits in June 2015.
How can I protect myself from these issues?
For any server that you manage that uses OpenSSL, please update your OpenSSL installations to 1.0.1r or 1.0.2f (as appropriate).
- FTP mirrors to obtain the necessary downloads are available from here.
- Downloadable Tarballs (compressed/packaged code made for distribution) are available from here.
It should also be possible to use the package manager of a Linux/Unix operating system to update your OpenSSL installation as mentioned within the section titled “Installing updates for Linux distributions” on the “Protecting Your PC” page of this blog.