From nobody@FreeBSD.org  Mon Jan  9 09:36:35 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 56CB0106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  9 Jan 2012 09:36:35 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 45D368FC19
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  9 Jan 2012 09:36:35 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q099aZT8093649
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 9 Jan 2012 09:36:35 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id q099aYmQ093648;
	Mon, 9 Jan 2012 09:36:34 GMT
	(envelope-from nobody)
Message-Id: <201201090936.q099aYmQ093648@red.freebsd.org>
Date: Mon, 9 Jan 2012 09:36:34 GMT
From: Volodymyr Kostyrko <c.kworr@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: bundled openssl seems to miss fix for a CVE-2011-1945
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         163951
>Category:       bin
>Synopsis:       [security] bundled openssl seems to miss fix for a CVE-2011-1945
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    delphij
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 09 09:40:15 UTC 2012
>Closed-Date:    Mon Dec 17 20:59:09 UTC 2012
>Last-Modified:  Mon Dec 17 20:59:09 UTC 2012
>Originator:     Volodymyr Kostyrko
>Release:        RELENG_9
>Organization:
>Environment:
FreeBSD green.tandem.local 9.0-STABLE FreeBSD 9.0-STABLE #0 r229848: Mon Jan  9 10:58:48 EET 2012     arcade@green.tandem.local:/usr/obj/usr/src/sys/MINIMAL_4BSD  amd64
>Description:
Recently I started to recheck usability of ssh keys and found that ECDSA keys are already available. I've tried to make one and it points me about key bit length. Reading about this on

http://en.wikipedia.org/wiki/Elliptic_Curve_DSA

I also noticed that a timing attack is possible against OpenSSL. Quick checking the code shows that we haven't integrated the fix yet as current revision of

http://svnweb.freebsd.org/base/stable/9/crypto/openssl/crypto/ecdsa/ecs_ossl.c?revision=225736&view=markup
http://svnweb.freebsd.org/base/head/crypto/openssl/crypto/ecdsa/ecs_ossl.c?revision=225736&view=markup

misses the fix from:

http://cvs.openssl.org/chngview?cn=20892

And after latest OpenSSH import by des:

http://svnweb.freebsd.org/base?view=revision&revision=221420

we are automatically creating (and using?) private ECDSA key:

http://svnweb.freebsd.org/base/stable/9/etc/rc.d/sshd?r1=221419&r2=221420&
>How-To-Repeat:

>Fix:
Import fix from http://cvs.openssl.org/chngview?cn=20892

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->secteam 
Responsible-Changed-By: gavin 
Responsible-Changed-When: Mon Jan 23 00:34:06 UTC 2012 
Responsible-Changed-Why:  
Pass this over to secteam for consideration 

http://www.freebsd.org/cgi/query-pr.cgi?pr=163951 

From: Volodymyr Kostyrko <c.kworr@gmail.com>
To: bug-followup@FreeBSD.org, c.kworr@gmail.com
Cc:  
Subject: Re: bin/163951: [security] bundled openssl seems to miss fix for
 a CVE-2011-1945
Date: Tue, 03 Jul 2012 09:30:08 +0300

 Hi all.
 
 As OpenSSL 0.9.8x is merged this one can be closed.
 
 -- 
 Sphinx of black quartz judge my vow.
State-Changed-From-To: open->closed 
State-Changed-By: delphij 
State-Changed-When: Mon Dec 17 20:58:33 UTC 2012 
State-Changed-Why:  
Close per submitter request: no longer a problem with OpenSSL 
0.9.8x merge. 


Responsible-Changed-From-To: secteam->delphij 
Responsible-Changed-By: delphij 
Responsible-Changed-When: Mon Dec 17 20:58:33 UTC 2012 
Responsible-Changed-Why:  
Take, just in case. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=163951 
>Unformatted:
