This morning, OpenSSL released two security patches—versions 1.0.2f and 1.0.1r—for two new security vulnerabilities: one rated as “high” severity and one rated as “low” severity.
The “high” severity vulnerability affects the 1.0.2 release. The “low” severity vulnerability affects all releases—1.0.2 and 1.0.1.
Neither of these bugs affect SSL Certificates; no actions related to SSL Certificate management are required.
“High” Severity Vulnerability
The “high” severity vulnerability was introduced in the 1.0.2 release when “support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support.” Note: the 1.0.1 release “is not affected by this CVE because it does not support X9.42 based parameters.”
“Low” Severity Vulnerability
The “low” severity vulnerability affects 1.0.2 and 1.0.1. This vulnerability allows an attacker to “negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2.”
System administrators should update their instances of OpenSSL:
- OpenSSL 1.0.2 users should upgrade to 1.0.2f
- OpenSSL 1.0.1 users should upgrade to 1.0.1r
Source code for both OpenSSL patches is available at OpenSSL Cryptography and SSL/TLS Toolkit.
1024-Bit Handshakes
Additionally, because of Logjam, OpenSSL stopped supporting handshakes less than 768-bit in the 1.0.2b and 1.0.1n releases. In this release OpenSSL increased the limit to 1024-bit, which means that handshakes less than 1024-bit will be rejected.
For a full list of vulnerabilities, see the OpenSSL Security Advisory [28th Jan 2016].
For a description of the different security levels, see the “Internal handling security issues” section on the Security Policy page.
Support for 1.0.0 and 0.9.8 Releases Has Ended
On December 31, 2015, OpenSSL stopped support for the 1.0.0 and 0.9.8 releases. No patches are going to be released for these versions of OpenSSL. If you are still using either version, you need to upgrade to a later release—1.0.2f (preferred) or 1.0.1r.
Start Planning to Upgrade to OpenSSL 1.0.2
OpenSSL will stop supporting OpenSSL 1.0.1 on December 31, 2016. If you are running this release of OpenSSL, start preparing to upgrade to the latest release of OpenSSL (1.0.2) today.
Keeping Your OpenSSL Secure
The OpenSSL community (devoted researchers and security experts working with other online providers and open source developers) is dedicated to keeping your supported OpenSSL release secure. They are determined to find and fix vulnerabilities in the OpenSSL framework before attackers can find them and figure out ways to exploit them. After the moaning from IT has subsided, take the time to apply the latest OpenSSL patches to prevent costly risks and to keep your OpenSSL code secure.