-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2014-004 ================================= Topic: OpenSSL information disclosure ("heartbleed") Version: NetBSD-current: before Tue April 8th, 2014 NetBSD 6.1 - 6.1.3: affected NetBSD 6.0 - 6.0.4: affected NetBSD 5.1 - 5.1.4: not affected (but see pkgsrc) NetBSD 5.2 - 5.2.2: not affected (but see pkgsrc) pkgsrc: affected Severity: high Fixed: NetBSD-current: Tue April 8th, 2014 NetBSD-6-0 branch: Tue April 8th, 2014 NetBSD-6-1 branch: Tue April 8th, 2014 NetBSD-6 branch: Tue April 8th, 2014 pkgsrc: openssl-1.0.1g (Tue April 8th, 2014) Teeny versions released later than the fix date will contain the fix. Please note that NetBSD releases prior to 5.1 are no longer supported. It is recommended that all users upgrade to a supported release. Abstract ======== Due to a programming error, a feature of the TLS protocol could be used to deliver unselective chunks of memory of the process running the TLS protocol. The chunks of memory revealed to the attacker are likely to include the private key the program is using to secure TLS connections, but may include other vulnerable material, like e.g. in the case of a https or ldaps server, account names and passwords of users. Also, once the attacker has a copy of the private key they can run very difficult to detect Man in the Middle attacks, or just listen in on further communication with the affected program if they are in a position to intercept traffic to it. (i.e. your encrypted connection could as well be cleartext). This vulnerability has been assigned CVE-2014-0160. Technical Details ================= A missing bounds check in the openssl 1.0.1 libssl library before version 1.0.1g in the implementation of the RFC6520 TLS heartbeat extension exposes up to 64k of memory of the process using libssl on each invocation (e.g. on every connection). Solutions and Workarounds ========================= Update your OpenSSL libraries, make sure the old libssl is no longer used, and change your certificate. Update your OpenSSL libraries - ----------------------------- On NetBSD 6.*, the fastest method to obtain fixed libraries is to download the fixed libraries for your system from http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/ and to deploy them: cd /some/scratchpath ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/netbsd6-`uname -m`-heartbleedfix.tgz ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/SHA512 ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/SHA512.asc gpg --verify SHA512.asc # check for: Good signature from "NetBSD Security Officer " cksum -a sha512 netbsd6-`uname -m`-heartbleedfix.tgz > /tmp/netbsd6-`uname -m`-heartbleedfix.tgz.sha512.local grep netbsd6-`uname -m`-heartbleedfix.tgz SHA512 > /tmp/netbsd6-`uname -m`-heartbleedfix.tgz.sha512.ftp diff /tmp/netbsd6-`uname -m`-heartbleedfix.tgz.sha512.* (diff should have no output) cd / && tar xzpf /some/scratchpath/heartbleed/netbsd6-`uname -m`-heartbleedfix.tgz rm /usr/lib/libssl.so.10.0 (remove the affected library just to make sure. Continue reading below) On NetBSD current, update src and rebuild and install. Other ways to obtain a libssl that is not affected - -------------------------------------------------- Rebuilding libssl (from src/crypto/external/bsd/openssl/lib/libssl) with -DOPENSSL_NO_HEARTBEATS set will obtain a library that doesn't support the extension and thus can't be attacked through it. Get the fixed library into use - ------------------------------ Since the vulnerability is in a shared library, getting the old library purged and the fixed one into use requires shutting down all programs that load libssl. This includes sshd (which is not affected in its role as ssh-service-provider, but may be impacted as a ldaps client f.e.). The easiest way to do this is to reboot the system. Fixed versions - -------------- files relative to src/crypto/external/bsd/openssl/dist/ssl branch d1_both.c t1_lib.c - ---------- --------------- ----------- netbsd-6-0 1.1.1.4.4.1.4.1 1.5.4.1.4.1 netbsd-6-1 1.1.1.4.4.1.6.1 1.5.4.1.6.1 netbsd-6 1.1.1.4.4.2 1.5.4.2 HEAD 1.1.1.7 1.11 Thanks To ========= OpenSSL thanks Neel Mehta of Google Security for discovering this bug and Adam Langley and Bodo Moeller for preparing the fix. NetBSD furthermore thanks Christos Zoulas for updating -current and the releng team for the fast pullup and the preparation of the fix tarballs. Revision History ================ 2014-04-09 Initial release More Information ================ Advisories may be updated as new information becomes available. The most recent version of this advisory (PGP signed) can be found at http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2014-004.txt.asc Information about NetBSD and NetBSD security can be found at http://www.NetBSD.org/ and http://www.NetBSD.org/Security/ . Copyright 2014, The NetBSD Foundation, Inc. All Rights Reserved. Redistribution permitted only in full, unmodified form. $NetBSD: NetBSD-SA2014-004.txt,v 1.1 2014/04/09 20:56:18 tonnerre Exp $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTRbQkAAoJEAZJc6xMSnBusVYP/jvXvquNIuM6kOpZbRosf/js YSfkP74m54MeJhb382YzeJGh9yIa3XAOZ2bgxLFXeF6jj97Dm1uFvpBBN/VzjXwQ y8ICh/32vtPJ8Sk6uJgjLL0Ne4biaQKtZP6qGPNJ87HYb1hGUkdSq2zAWqHnIlHR PuhYoIm+mr/bQs5hLH8I8g7LHJiD9l0qhwbU39gMGw6hv8fwsqcenCx4IuSMijcD rPMfOVTO6CU/ZN0CedRgJpAUnbnb7Y6uk1sZE+dTDv043tyQvjsUqCCtq7bSEcNd N6GyAMLfkxPdpAvGgJk/xTQexCHwucznVUayY7xQvB0Bgi813AbnCjORUGc8NB/1 5zFJrZsdQLgFwSGm4S1GSOcPolS8xNTXaRTEkLCZFqE7LwGRHI7gBLLoIIr9Sevp n0aEb3d/ARD7Ub3D4Qoob0QKcIIEmNgUyR/g01XlSvQDjU8A5S+wbiIlD477t3g2 IKWCX57DQmzEnkJYwA2OVvOERnUW3AbqtGFfd1HZiViDIrd7IZaShYBtCfL5gbkY gie88EERli35UmS4Pf+R8jrTJ/FrzAphH0vEgYhYSqCZC8R5MqmYMQmuFGqWHm8s t1Meh29882TEPyOl33gRm8VoNm9HcU7X8pTKbnu+jhmGG8BmiFRMsSXntB1MMetQ lQHf49TDIzqxszX3T60F =soXy -----END PGP SIGNATURE-----