From e3354bf0a531f6703cf76955395e0eded3378362 Mon Sep 17 00:00:00 2001 From: brnrd Date: Thu, 10 Nov 2016 19:23:52 +0000 Subject: security/vuxml: Document new OpenSSL 1.1.0 vulnerabilities --- security/vuxml/vuln.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 32897fbf958..8b667b576a1 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,52 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + openssl -- multiple vulnerabilities + + + openssl-devel + 1.0.1c + + + + +

OpenSSL reports:

+
+
ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
+ Severity: High
+ TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS + attack by corrupting larger payloads. This can result in an OpenSSL crash. This + issue is not considered to be exploitable beyond a DoS.
+
CMS Null dereference (CVE-2016-7053)
+ Severity: Medium
+ Applications parsing invalid CMS structures can crash with a NULL pointer + dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type + in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure + callback if an attempt is made to free certain invalid encodings. Only CHOICE + structures using a callback which do not handle NULL value are affected.
+
Montgomery multiplication may produce incorrect results (CVE-2016-7055)i
+ Severity: Low
+ There is a carry propagating bug in the Broadwell-specific Montgomery + multiplication procedure that handles input lengths divisible by, but + longer than 256 bits.
+
+

+ + + + https://www.openssl.org/news/secadv/20161110.txt + CVE-2016-7054 + CVE-2016-7053 + CVE-2016-7055 + + + 2016-11-10 + 2016-11-10 + + + chromium -- multiple vulnerabilities -- cgit