advisories/28640.adv

type: security
subject: Updated openssl packages fix security vulnerability
CVE:
 - CVE-2021-3449
 - CVE-2021-3450
src:
  8:
   core:
     - openssl-1.1.1k-1.mga8
description: |
  An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation
  ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits
  the signature_algorithms extension (where it was present in the initial
  ClientHello), but includes a signature_algorithms_cert extension then a NULL
  pointer dereference will result, leading to a crash and a denial of service
  attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
  (which is the default configuration). OpenSSL TLS clients are not impacted by
  this issue. (CVE-2021-3449).
  
  The X509_V_FLAG_X509_STRICT flag enables additional security checks of the
  certificates present in a certificate chain. It is not set by default.
  Starting from OpenSSL version 1.1.1h a check to disallow certificates in the
  chain that have explicitly encoded elliptic curve parameters was added as an
  additional strict check. An error in the implementation of this check meant
  that the result of a previous check to confirm that certificates in the chain
  are valid CA certificates was overwritten. This effectively bypasses the check
  that non-CA certificates must not be able to issue other certificates. If a
  "purpose" has been configured then there is a subsequent opportunity for checks
  that the certificate is a valid CA. All of the named "purpose" values 
  implemented in libcrypto perform this check. Therefore, where a purpose is set
  the certificate chain will still be rejected even when the strict flag has been
  used. A purpose is set by default in libssl client and server certificate
  verification routines, but it can be overridden or removed by an application.
  In order to be affected, an application must explicitly set the
  X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the
  certificate verification or, in the case of TLS client or server applications,
  override the default purpose. (CVE-2021-3450).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=28640
 - https://www.openssl.org/news/secadv/20210325.txt
ID: MGASA-2021-0176
1	type: security
2	subject: Updated openssl packages fix security vulnerability
3	CVE:
4	- CVE-2021-3449
5	- CVE-2021-3450
6	src:
7	8:
8	core:
9	- openssl-1.1.1k-1.mga8
10	description: \|
11	An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation
12	ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits
13	the signature_algorithms extension (where it was present in the initial
14	ClientHello), but includes a signature_algorithms_cert extension then a NULL
15	pointer dereference will result, leading to a crash and a denial of service
16	attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
17	(which is the default configuration). OpenSSL TLS clients are not impacted by
18	this issue. (CVE-2021-3449).
19
20	The X509_V_FLAG_X509_STRICT flag enables additional security checks of the
21	certificates present in a certificate chain. It is not set by default.
22	Starting from OpenSSL version 1.1.1h a check to disallow certificates in the
23	chain that have explicitly encoded elliptic curve parameters was added as an
24	additional strict check. An error in the implementation of this check meant
25	that the result of a previous check to confirm that certificates in the chain
26	are valid CA certificates was overwritten. This effectively bypasses the check
27	that non-CA certificates must not be able to issue other certificates. If a
28	"purpose" has been configured then there is a subsequent opportunity for checks
29	that the certificate is a valid CA. All of the named "purpose" values
30	implemented in libcrypto perform this check. Therefore, where a purpose is set
31	the certificate chain will still be rejected even when the strict flag has been
32	used. A purpose is set by default in libssl client and server certificate
33	verification routines, but it can be overridden or removed by an application.
34	In order to be affected, an application must explicitly set the
35	X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the
36	certificate verification or, in the case of TLS client or server applications,
37	override the default purpose. (CVE-2021-3450).
38	references:
39	- https://bugs.mageia.org/show_bug.cgi?id=28640
40	- https://www.openssl.org/news/secadv/20210325.txt
41	ID: MGASA-2021-0176