Greetings,
I have a question on whether the following OpenSSL vulnerabilities
described in CVE-2014-5139 affects the OpenSSL 1.0.1e-fips The affected
platforms does not indicate if it affect the fips version. Thanks.
- CVE-2014-3508:
Information leak in pretty printing functions (CVE-2014-3508)
=============================================================
A flaw in OBJ_obj2txt may cause pretty printing functions such as
X509_name_oneline, X509_name_print_ex et al. to leak some information from
the
stack. Applications may be affected if they echo pretty printing output to
the
attacker. OpenSSL SSL/TLS clients and servers themselves are not affected.
Fixed in OpenSSL 1.0.1i (Affected 1.0.1h, 1.0.1g, 1.0.1f, 1.0.1e, 1.0.1d,
1.0.1c, 1.0.1b, 1.0.1a, 1.0.1)
Fixed in OpenSSL 1.0.0n (Affected 1.0.0m, 1.0.0l, 1.0.0k, 1.0.0j, 1.0.0i,
1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0)
Fixed in OpenSSL 0.9.8zb (Affected 0.9.8za, 0.9.8y, 0.9.8x, 0.9.8w, 0.9.8v,
0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m,
0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8e, 0.9.8d,
0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)
- CVE-2014-3509:
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
==============================================================
If a multithreaded client connects to a malicious server using a resumed
session
and the server sends an ec point format extension it could write up to 255
bytes
to freed memory.
Fixed in OpenSSL 1.0.1i (Affected 1.0.1h, 1.0.1g, 1.0.1f, 1.0.1e, 1.0.1d,
1.0.1c, 1.0.1b, 1.0.1a, 1.0.1)
Fixed in OpenSSL 1.0.0n (Affected 1.0.0m, 1.0.0l, 1.0.0k, 1.0.0j, 1.0.0i,
1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0)
Best Regards,
Lewis
-----------------------------------------------------------------------------
Lewis Lo
PureScale Security,
phone: (905) 413-2744, T/L: 969-2744
lew...@ca.ibm.com
-----------------------------------------------------------------------------
