A few vulnerabilities in OpenSSL

The OpenSSL development team released Security Advisory , which talks about 9 new vulnerabilities in OpenSSL, and strongly recommends to be updated:

• OpenSSL 0.9.8 users up to version 0.9.8zb
• OpenSSL 1.0.0 users up to version 1.0.0n
• OpenSSL 1.0.1 users up to version 1.0.1i

Fixed vulnerabilities:

• Information leak in pretty printing functions (CVE-2014-3508) - leads to information leakage from the stack when using the "beautiful" output functions.
• Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) - Crashes the client (due to null pointer dereference) if the server uses SRP ciphersuite.
• Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) - an attacker server can write up to 255 bytes on the client.
• Double Free when processing DTLS packets (CVE-2014-3505) - Crashes the client if the server sends a specially crafted DTLS packet.
• DTLS memory exhaustion (CVE-2014-3506) - leads to increased memory consumption when processing DTLS packets.
• DTLS memory leak from zero-length fragments (CVE-2014-3507) - causes a memory leak when sending a specially formed DTLS packet.
• OpenSSL DTLS anonymous EC (DH) denial of service (CVE-2014-3510) - Crashes the client if the server uses anonymous EC (DH) and sends a handshake in a special way.
• OpenSSL TLS protocol downgrade attack (CVE-2014-3511) - allows downgrade connections to TLS 1.0 MiTM attackers.
• SRP buffer overrun (CVE-2014-3512) - allows you to overflow the internal SRP processing buffer.

If package splitting is used on your system, be sure to update libssl , not just openssl itself .
Naturally, applications using openssl must be restarted. If you have Debian, then you can use the “checkrestart” utility from debian-goodies.