2:32 PM - MidnightBSD 0.3-RELEASE-p6
Several security issues have been addressed in OpenSSL in the latest security update for MidnightBSD. 0.3-RELEASE-p6 and 0.4-CURRENT have been patched to work around these issues.
OpenSSL
failes to clear the bytes used as block cipher padding in SSL
3.0
records when
operating as a client or a server that accept SSL 3.0
handshakes.
As a result, in each record, up to 15 bytes of
uninitialized
memory may be
sent, encrypted, to the SSL peer. This could include
sensitive
contents of previously freed memory. [CVE-2011-4576]
OpenSSL
support for handshake restarts for server gated cryptograpy
(SGC)
can be used
in a denial-of-service attack. [CVE-2011-4619]
If an
application uses OpenSSL's certificate policy checking
when
verifying
X509 certificates, by enabling the
X509_V_FLAG_POLICY_CHECK
flag, a
policy check failure can lead to a double-free.
[CVE-2011-4109]
A weakness in
the OpenSSL PKCS #7 code can be exploited using
Bleichenbacher's
attack on PKCS #1 v1.5 RSA padding also known as the
million
message attack (MMA). [CVE-2012-0884]
The
asn1_d2i_read_bio() function, used by the d2i_*_bio and
d2i_*_fp
functions, in
OpenSSL contains multiple integer errors that can cause
memory
corruption when parsing encoded ASN.1 data. This error can
occur
on systems
that parse untrusted ASN.1 data, such as X.509
certificates
or RSA public keys. [CVE-2012-2110]