Security Advisory openssl security update for Stronghold

Advisory: RHSA-2003:117-02
Type: Security Advisory
Severity: Important
Issued on: 2003-03-25
Last updated on: 2003-04-15
Affected Products:
OVAL: N/A
CVEs (cve.mitre.org): CVE-2003-0131
CVE-2003-0147

Details

Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are
now available.

Stronghold 3 contains a number of open source technologies including
OpenSSL. Two issues in OpenSSL have recently been discovered:

OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols. It also implements a full-strength general
purpose cryptography library.

Researchers have discovered a timing attack on RSA keys. Applications
making use of OpenSSL are generally vulnerable to such an attack, unless
RSA blinding has been turned on. OpenSSL does not use RSA blinding by
default and most applications do not enable RSA blinding.

A local or remote attacker could use this attack to obtain the server's
private key. This could be done by determining factors using timing
differences on:

(1) The number of extra reductions during Montgomery reduction

(2) The use of different integer multiplication algorithms ("Karatsuba" and
normal)

In order for an attack to be successful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.

Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext. This is also known as the "Klima-Pokorny-Rosa attack."

These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default and protects against
Klima-Pokorny-Rosa attacks.


Solution

We have backported the security fixes for the versions of OpenSSL included
in Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes
these fixes, and can be downloaded from:

http://stronghold.redhat.com/sh3/

For information on how to upgrade between releases of Stronghold 3.0, see:

http://stronghold.redhat.com/support/upgrade-sh3.xml

Updated packages


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0147

Keywords

BVO, OpenSSL, Stronghold, timing

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/