912014 – (CVE-2015-0204) VUL-0: CVE-2015-0204: openssl: Only allow ephemeral RSA keys in export ciphersuites.

Bug 912014 (CVE-2015-0204) - VUL-0: CVE-2015-0204: openssl: Only allow ephemeral RSA keys in export ciphersuites.

Summary: VUL-0: CVE-2015-0204: openssl: Only allow ephemeral RSA keys in export cipher...

Status:	RESOLVED FIXED
Duplicates (1):	920484 (view as bug list)

Alias:	CVE-2015-0204

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv2:SUSE:CVE-2015-0204:10.0:(AV:N...
Keywords:

Depends on:
Blocks:	936787
	Show dependency tree / graph

Clone This Bug

Reported:	2015-01-07 09:50 UTC by Marcus Meissner
Modified:	2022-02-16 21:16 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2015-01-07 09:50:00 UTC

via openssl git

master branch:

commit ce325c60c74b0fa784f5872404b722e120e5cab0
Author: Dr. Stephen Henson <steve@openssl.org>
Date:   Thu Oct 23 17:09:57 2014 +0100

    Only allow ephemeral RSA keys in export ciphersuites.
    
    OpenSSL clients would tolerate temporary RSA keys in non-export
    ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
    enabled this server side. Remove both options as they are a
    protocol violation.
    
    Thanks to Karthikeyan Bhargavan for reporting this issue.
    (CVE-2015-0204)
    Reviewed-by: Matt Caswell <matt@openssl.org>

Comment 1 Marcus Meissner 2015-01-07 09:53:20 UTC

0.9.8:

commit 72f181539118828ca966a0f8d03f6428e2bcf0d6
Author: Dr. Stephen Henson <steve@openssl.org>
Date:   Thu Oct 23 17:09:57 2014 +0100

    Only allow ephemeral RSA keys in export ciphersuites.
    
    OpenSSL clients would tolerate temporary RSA keys in non-export
    ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
    enabled this server side. Remove both options as they are a
    protocol violation.
    
    Thanks to Karthikeyan Bhargavan for reporting this issue.
    (CVE-2015-0204)
    Reviewed-by: Matt Caswell <matt@openssl.org>
    Reviewed-by: Tim Hudson <tjh@openssl.org>
    
    (cherry picked from commit 4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6)
    
    Conflicts:
        CHANGES
        doc/ssl/SSL_CTX_set_options.pod
        ssl/d1_srvr.c
        ssl/s3_srvr.c

Comment 2 Marcus Meissner 2015-01-07 09:53:57 UTC

1.0.1.

commit 37580f43b5a39f5f4e920d17273fab9713d3a744
Author: Dr. Stephen Henson <steve@openssl.org>
Date:   Thu Oct 23 17:09:57 2014 +0100

    Only allow ephemeral RSA keys in export ciphersuites.
    
    OpenSSL clients would tolerate temporary RSA keys in non-export
    ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
    enabled this server side. Remove both options as they are a
    protocol violation.
    
    Thanks to Karthikeyan Bhargavan for reporting this issue.
    (CVE-2015-0204)
    Reviewed-by: Matt Caswell <matt@openssl.org>
    Reviewed-by: Tim Hudson <tjh@openssl.org>
    
    (cherry picked from commit 4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6)
    
    Conflicts:
        doc/ssl/SSL_CTX_set_options.pod

Comment 3 Swamp Workflow Management 2015-01-07 23:00:24 UTC

bugbot adjusting priority

Comment 4 Marcus Meissner 2015-01-08 16:07:19 UTC

openssl.org/news/secadv_20150108.txt 


RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
==============================================================

Severity: Low

An OpenSSL client will accept the use of an RSA temporary key in a non-export
RSA key exchange ciphersuite. A server could present a weak temporary key
and downgrade the security of the session.

This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

OpenSSL 1.0.1 users should upgrade to 1.0.1k.
OpenSSL 1.0.0 users should upgrade to 1.0.0p.
OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan
Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen
Henson of the OpenSSL core team.

Comment 5 Bernhard Wiedemann 2015-01-09 12:00:13 UTC

This is an autogenerated message for OBS integration:
This bug (912014) was mentioned in
https://build.opensuse.org/request/show/280570 Factory / openssl

Comment 14 Swamp Workflow Management 2015-01-23 19:05:30 UTC

openSUSE-SU-2015:0130-1: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 911399,912014,912015,912018,912292,912293,912294,912296
CVE References: CVE-2014-3569,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206
Sources used:
openSUSE 13.2 (src):    openssl-1.0.1k-2.16.2
openSUSE 13.1 (src):    openssl-1.0.1k-11.64.2

Comment 16 Swamp Workflow Management 2015-01-29 00:06:20 UTC

SUSE-SU-2015:0166-1: An update that solves 6 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 912014,912015,912018,912292,912293,912294,912296
CVE References: CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205
Sources used:
SLE CLIENT TOOLS 10 for x86_64 (src):    openssl-0.9.8a-18.88.1
SLE CLIENT TOOLS 10 for s390x (src):    openssl-0.9.8a-18.88.1
SLE CLIENT TOOLS 10 (src):    openssl-0.9.8a-18.88.1

Comment 17 Swamp Workflow Management 2015-01-29 06:05:39 UTC

SUSE-SU-2015:0172-1: An update that fixes 6 vulnerabilities is now available.

Category: security (moderate)
Bug References: 912014,912015,912018,912293,912294,912296
CVE References: CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205
Sources used:
SUSE Studio Onsite 1.3 (src):    openssl-0.9.8j-0.68.1
SUSE Manager 1.7 for SLE 11 SP2 (src):    openssl-0.9.8j-0.68.1
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    openssl-0.9.8a-18.88.1

Comment 18 Swamp Workflow Management 2015-01-31 02:05:58 UTC

SUSE-SU-2015:0172-2: An update that fixes 6 vulnerabilities is now available.

Category: security (moderate)
Bug References: 912014,912015,912018,912293,912294,912296
CVE References: CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    openssl-0.9.8j-0.68.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    openssl-0.9.8j-0.68.1
SUSE Linux Enterprise Server 11 SP3 (src):    openssl-0.9.8j-0.68.1
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    openssl-0.9.8j-0.68.1
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    openssl-0.9.8j-0.68.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    openssl-0.9.8j-0.68.1

Comment 19 Swamp Workflow Management 2015-01-31 05:06:17 UTC

SUSE-SU-2015:0181-1: An update that solves 7 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 906878,912014,912015,912018,912292,912293,912294,912296
CVE References: CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206
Sources used:
SUSE Linux Enterprise Security Module 11 SP3 (src):    openssl1-1.0.1g-0.24.1

Comment 20 Swamp Workflow Management 2015-01-31 06:06:00 UTC

SUSE-SU-2015:0182-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 912014,912015,912018,912293,912296
CVE References: CVE-2014-3570,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    compat-openssl097g-0.9.7g-13.27.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    compat-openssl097g-0.9.7g-146.22.27.1
SLES for SAP Applications (src):    compat-openssl097g-0.9.7g-146.22.27.1

Comment 21 Marcus Meissner 2015-02-03 16:36:19 UTC

all rekleased

Comment 22 Swamp Workflow Management 2015-02-03 17:10:40 UTC

SUSE-SU-2015:0205-1: An update that solves 7 vulnerabilities and has 6 fixes is now available.

Category: security (moderate)
Bug References: 855676,895129,901902,906878,908362,908372,912014,912015,912018,912292,912293,912294,912296
CVE References: CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    openssl-1.0.1i-17.1
SUSE Linux Enterprise Server 12 (src):    openssl-1.0.1i-17.1
SUSE Linux Enterprise Desktop 12 (src):    openssl-1.0.1i-17.1

Comment 23 Swamp Workflow Management 2015-02-17 15:05:47 UTC

SUSE-SU-2015:0305-1: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 892403,912014,912015,912018,912293,912294,912296
CVE References: CVE-2014-0224,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205
Sources used:
SUSE Linux Enterprise Module for Legacy Software 12 (src):    compat-openssl098-0.9.8j-70.2
SUSE Linux Enterprise Desktop 12 (src):    compat-openssl098-0.9.8j-70.2

Comment 24 Swamp Workflow Management 2015-02-23 18:05:26 UTC

SUSE-SU-2015:0182-2: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 912014,912015,912018,912293,912296
CVE References: CVE-2014-3570,CVE-2014-3572,CVE-2014-8275,CVE-2015-0204,CVE-2015-0205
Sources used:
SUSE Linux Enterprise for SAP Applications 11 SP1 (src):    compat-openssl097g-0.9.7g-146.22.27.1

Comment 25 Marcus Meissner 2015-03-04 14:01:03 UTC

*** Bug 920484 has been marked as a duplicate of this bug. ***

Comment 26 Swamp Workflow Management 2015-03-23 23:06:36 UTC

SUSE-SU-2015:0578-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 802184,880891,890764,901223,901277,905106,912014,912015,912018,912293,912296,920236,922488,922496,922499,922500,922501
CVE References: 
Sources used:
SUSE Linux Enterprise for SAP Applications 11 SP2 (src):    compat-openssl097g-0.9.7g-146.22.29.1

Comment 28 Swamp Workflow Management 2022-02-16 21:16:41 UTC

SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains 21 features and has 299 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000677,1000742,1001148,1001912,1002585,1002895,1003091,1005246,1009528,1010874,1010966,1011936,1015549,1019637,1021641,1022085,1022086,1022271,1027079,1027610,1027688,1027705,1027908,1028281,1028723,1029523,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042392,1042670,1044095,1044107,1044175,1049186,1049304,1050653,1050665,1055478,1055542,1055825,1056058,1056951,1057496,1062237,1065363,1066242,1066873,1068790,1070737,1070738,1070853,1071905,1071906,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087102,1087104,1088573,1089039,1090427,1090765,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097158,1097531,1097624,1098535,1098592,1099308,1099569,1100078,1101246,1101470,1102868,1104789,1106197,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112209,1112357,1113534,1113652,1113742,1113975,1115769,1117951,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127080,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1131291,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150003,1150190,1150250,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1158809,1159235,1159538,1160163,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179491,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182331,1182333,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1189521,1190781,1193357,356549,381844,394317,408865,428177,430141,431945,437293,442740,459468,489641,504687,509031,526319,590833,610223,610642,629905,637176,651003,657698,658604,670526,673071,693027,715423,720601,743787,747125,748738,749210,749213,749735,750618,751718,751946,751977,754447,754677,761500,774710,784670,784994,787526,793420,799119,802184,803004,809831,811890,822642,825221,828513,831629,832833,834601,835687,839107,84331,849377,855666,855676,856687,857203,857850,858239,867887,869945,871152,872299,873351,876282,876710,876712,876748,880891,885662,885882,889013,889363,892477,892480,895129,898917,901223,901277,901902,902364,906878,907584,908362,908372,912014,912015,912018,912292,912293,912294,912296,912460,913229,915479,917607,917759,917815,919648,920236,922448,922488,922496,922499,922500,926597,929678,929736,930189,931698,931978,933898,933911,934487,934489,934491,934493,935856,937085,937212,937492,937634,937912,939456,940608,942385,942751,943421,944204,945455,946648,947104,947357,947679,948198,952871,954256,954486,954690,957812,957813,957815,958501,961334,962291,963415,963974,964204,964472,964474,965830,967128,968046,968047,968048,968050,968265,968270,968374,968601,975875,976942,977584,977614,977615,977616,977663,978224,981848,982268,982575,983249,984323,985054,988086,990207,990392,990419,990428,991193,991877,992120,992988,992989,992992,993130,993819,993825,993968,994749,994844,994910,995075,995324,995359,995377,995959,996255,997043,997614,998190,999665,999666,999668
CVE References: CVE-2006-2937,CVE-2006-2940,CVE-2006-3738,CVE-2006-4339,CVE-2006-4343,CVE-2006-7250,CVE-2007-3108,CVE-2007-4995,CVE-2007-5135,CVE-2008-0891,CVE-2008-1672,CVE-2008-5077,CVE-2009-0590,CVE-2009-0591,CVE-2009-0789,CVE-2009-1377,CVE-2009-1378,CVE-2009-1379,CVE-2009-1386,CVE-2009-1387,CVE-2010-0740,CVE-2010-0742,CVE-2010-1633,CVE-2010-2939,CVE-2010-3864,CVE-2010-5298,CVE-2011-0014,CVE-2011-3207,CVE-2011-3210,CVE-2011-3389,CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2011-4944,CVE-2012-0027,CVE-2012-0050,CVE-2012-0845,CVE-2012-0884,CVE-2012-1150,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2012-4929,CVE-2013-0166,CVE-2013-0169,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2013-4353,CVE-2013-6449,CVE-2013-6450,CVE-2014-0012,CVE-2014-0076,CVE-2014-0160,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-3513,CVE-2014-3566,CVE-2014-3567,CVE-2014-3568,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-4650,CVE-2014-5139,CVE-2014-7202,CVE-2014-7203,CVE-2014-8275,CVE-2014-9721,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-2296,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196,CVE-2015-3197,CVE-2015-3216,CVE-2015-4000,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-10745,CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176,CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-9015,CVE-2017-18342,CVE-2017-3731,CVE-2017-3732,CVE-2017-3735,CVE-2017-3736,CVE-2017-3737,CVE-2017-3738,CVE-2018-0732,CVE-2018-0734,CVE-2018-0737,CVE-2018-0739,CVE-2018-18074,CVE-2018-20060,CVE-2018-5407,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-1547,CVE-2019-1551,CVE-2019-1559,CVE-2019-1563,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-1971,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-23840,CVE-2021-23841,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426,CVE-2021-3712
JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135
Sources used:
SUSE Manager Tools 12-BETA (src):    venv-salt-minion-3002.2-3.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.