libssl 1.0.2g-1ubuntu4.4 and 1.0.1f-1ubuntu2.20 cause PHP SSL cert validation to segfault

Bug #1626883 reported by Olli Salli on 2016-09-23
60
This bug affects 9 people
Affects Status Importance Assigned to Milestone
openssl (Ubuntu)
Medium
Marc Deslauriers
Precise
High
Marc Deslauriers
Trusty
High
Marc Deslauriers
Xenial
High
Marc Deslauriers

Bug Description

Last night unattended-upgrades upgraded the openssl packages (libssl1.0.0, libssl-dev, openssl) from version 1.0.2g-1ubuntu4.1 to version 1.0.2g-1ubuntu4.4 on a CI build server. Then everything that used PHP to connect to a HTTPS site started crashing when verifying the server cert.

Like this:

```
jenkins@ubuntutemplate:/var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress$ DATABASE_DATABASE=wordpressmastere2e catchsegv wp plugin install --force --activate wp-cfm
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; WP_Import has a deprecated constructor in /var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop /vagrant/wordpress/wp-content/plugins/wordpress-importer/wordpress-importer.php on line 38
Notice: Undefined offset: 4 in phar:///usr/local/bin/wp/php/WP_CLI/DocParser.php on line 124
Segmentation fault (core dumped)
*** Segmentation fault
Register dump:

 RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
 RDX: 000000000000000c RSI: 000055665071af59 RDI: 0000000000000000
 RBP: 0000556650a49e4e R8 : 0000556652364720 R9 : 0000000000000000
 R10: 0000000000000000 R11: 00007fdb3c081730 R12: 000055665071af59
 R13: 000000000000000c R14: 0000000000000000 R15: 00007fdb39418cf0
 RSP: 00007ffc4bad7a08

 RIP: 00007fdb3bf77d16 EFLAGS: 00010293

 CS: 0033 FS: 0000 GS: 0000

 Trap: 0000000e Error: 00000004 OldMask: 00000000 CR2: 00000000

 FPUCW: 0000027f FPUSW: 00000000 TAG: 00000000
 RIP: 00000000 RDP: 00000000

 ST(0) 0000 0000000000000000 ST(1) 0000 0000000000000000
 ST(2) 0000 0000000000000000 ST(3) 0000 0000000000000000
 ST(4) 0000 0000000000000000 ST(5) 0000 0000000000000000
 ST(6) 0000 0000000000000000 ST(7) 0000 0000000000000000
 mxcsr: 1fa0
 XMM0: 00000000000000000000000000000000 XMM1: 00000000000000000000000000000000
 XMM2: 00000000000000000000000000000000 XMM3: 00000000000000000000000000000000
 XMM4: 00000000000000000000000000000000 XMM5: 00000000000000000000000000000000
 XMM6: 00000000000000000000000000000000 XMM7: 00000000000000000000000000000000
 XMM8: 00000000000000000000000000000000 XMM9: 00000000000000000000000000000000
 XMM10: 00000000000000000000000000000000 XMM11: 00000000000000000000000000000000
 XMM12: 00000000000000000000000000000000 XMM13: 00000000000000000000000000000000
 XMM14: 00000000000000000000000000000000 XMM15: 00000000000000000000000000000000

Backtrace:
/lib/x86_64-linux-gnu/libc.so.6(strlen+0x26)[0x7fdb3bf77d16]
php(add_assoc_string_ex+0x32)[0x556650677b12]
php(zif_openssl_x509_parse+0x17c)[0x5566505312ec]
php(dtrace_execute_internal+0x2a)[0x556650664b3a]
php(+0x2e37e0)[0x5566506f97e0]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(zend_call_function+0x749)[0x556650666639]
php(zif_call_user_func+0xb5)[0x5566505b39d5]
php(dtrace_execute_internal+0x2a)[0x556650664b3a]
php(+0x2e37e0)[0x5566506f97e0]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(zend_call_function+0x749)[0x556650666639]
php(zif_call_user_func+0xb5)[0x5566505b39d5]
php(dtrace_execute_internal+0x2a)[0x556650664b3a]
php(+0x2e37e0)[0x5566506f97e0]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2e391d)[0x5566506f991d]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2ef65c)[0x55665070565c]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(+0x2efc7c)[0x556650705c7c]
php(execute_ex+0x1b)[0x5566506b4e2b]
php(dtrace_execute_ex+0xb1)[0x5566506649d1]
php(zend_execute+0x1a7)[0x556650708bf7]
php(zend_execute_scripts+0xc3)[0x556650674bd3]
php(php_execute_script+0x2d0)[0x556650615470]
php(+0x2f48b7)[0x55665070a8b7]
php(main+0x474)[0x5566504fa084]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7fdb3bf0d830]
php(_start+0x29)[0x5566504fa1c9]
```

Apparently something in libssl now returns a NULL or not-NUL-terminated C string which the PHP function openssl_x509_parse then passes to strlen, which crashes.

After downgrading to 1.0.2g-1ubuntu4.2 which luckily is still in the repos, everything works:

```
jenkins@ubuntutemplate:/var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress$ apt-cache policy libssl1.0.0
libssl1.0.0:
  Installed: 1.0.2g-1ubuntu4.2
  Candidate: 1.0.2g-1ubuntu4.4
  Version table:
     1.0.2g-1ubuntu4.4 500
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
 *** 1.0.2g-1ubuntu4.2 500
        500 http://fi.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1.0.2g-1ubuntu4 500
        500 http://fi.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
jenkins@ubuntutemplate:/var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress$ DATABASE_DATABASE=wordpressmastere2e catchsegv wp plugin install --force --activate wp-cfm
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; WP_Import has a deprecated constructor in /var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress/wp-content/plugins/wordpress-importer/wordpress-importer.php on line 38
Notice: Undefined offset: 4 in phar:///usr/local/bin/wp/php/WP_CLI/DocParser.php on line 124
Installing WP-CFM (1.4.5)
Ladataan pakettia lähteestä https://downloads.wordpress.org/plugin/wp-cfm.zip...
Using cached file '/home/jenkins/.wp-cli/cache/plugin/wp-cfm-1.4.5.zip'...
Puretaan pakettia...
Asennetaan lisäosaa...
Poistetaan lisäosan vanhaa versiota...
Lisäosa päivitetty onnistuneesti.
Activating 'wp-cfm'...
Warning: Plugin 'wp-cfm' is already active.
jenkins@ubuntutemplate:/var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress$
```

So the issue was introduced between 1.0.2g-1ubuntu4.2 and 1.0.2g-1ubuntu4.4.

The only patch between them that seems relevant is this:

```
diff -Nru openssl-1.0.2g/debian/patches/CVE-2016-6306-1.patch openssl-1.0.2g/debian/patches/CVE-2016-6306-1.patch
--- openssl-1.0.2g/debian/patches/CVE-2016-6306-1.patch 1970-01-01 00:00:00.000000000 +0000
+++ openssl-1.0.2g/debian/patches/CVE-2016-6306-1.patch 2016-09-22 12:17:31.000000000 +0000
@@ -0,0 +1,66 @@
+From ff553f837172ecb2b5c8eca257ec3c5619a4b299 Mon Sep 17 00:00:00 2001
+From: "Dr. Stephen Henson" <email address hidden>
+Date: Sat, 17 Sep 2016 12:36:58 +0100
+Subject: [PATCH] Fix small OOB reads.
+
+In ssl3_get_client_certificate, ssl3_get_server_certificate and
+ssl3_get_certificate_request check we have enough room
+before reading a length.
+
+Thanks to Shi Lei (Gear Team, Qihoo 360 Inc.) for reporting these bugs.
+
+CVE-2016-6306
+
+Reviewed-by: Richard Levitte <email address hidden>
+Reviewed-by: Matt Caswell <email address hidden>
+---
+ ssl/s3_clnt.c | 11 +++++++++++
+ ssl/s3_srvr.c | 6 ++++++
+ 2 files changed, 17 insertions(+)
```

I didn't try building a binary with that patch reverted though, as I'm happy using the 1.0.2g-1ubuntu4.2 version without the security updates for the time being, given that this build server is not accessible from untrusted networks.

Of course, this might just as well be due to some insufficient error handling or otherwise improper libssl usage in php7.0, but the net effect is that the latest libssl makes the latest php7.0 in the stable Ubuntu 16.04 LTS version crash.

ProblemType: Crash
DistroRelease: Ubuntu 16.04
Package: php7.0-cli 7.0.8-0ubuntu0.16.04.2
ProcVersionSignature: Ubuntu 4.4.0-36.55-generic 4.4.16
Uname: Linux 4.4.0-36-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CrashCounter: 1
Date: Fri Sep 23 10:30:31 2016
ExecutablePath: /usr/bin/php7.0
ExecutableTimestamp: 1469647957
InstallationDate: Installed on 2016-05-18 (127 days ago)
InstallationMedia: Ubuntu-Server 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.3)
ProcCmdline: php /usr/local/bin/wp plugin install --force --activate wp-cfm
ProcCwd: /var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress
SegvAnalysis: Skipped: missing required field "Disassembly"
Signal: 11
SourcePackage: php7.0
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

CVE References

Olli Salli (ollisa) wrote :
information type: Private → Public
Olli Salli (ollisa) wrote :

The primary issue is some patch in the latest openssl, which breaks current php7.0. Not any change in the PHP package.

affects: php7.0 (Ubuntu) → openssl (Ubuntu)

StacktraceTop:
 strlen () at ../sysdeps/x86_64/strlen.S:106
 add_assoc_string_ex (arg=arg@entry=0x7f19df018cf0, key=key@entry=0x55ab940bbf59 "serialNumber", key_len=key_len@entry=12, str=0x0) at /build/php7.0-lPMnpS/php7.0-7.0.8/Zend/zend_API.c:1390
 zif_openssl_x509_parse (execute_data=<optimized out>, return_value=0x7f19df018cf0) at /build/php7.0-lPMnpS/php7.0-7.0.8/ext/openssl/openssl.c:2017
 dtrace_execute_internal (execute_data=<optimized out>, return_value=<optimized out>) at /build/php7.0-lPMnpS/php7.0-7.0.8/Zend/zend_dtrace.c:107
 ZEND_DO_FCALL_SPEC_HANDLER () at /build/php7.0-lPMnpS/php7.0-7.0.8/Zend/zend_vm_execute.h:844

Changed in openssl (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace

The stacktrace would seem to indicate that libssl indeed returned a null string here, from i2s_ASN1_INTEGER(NULL, X509_get_serialNumber(cert))

Relevant php7.0 code here:

https://github.com/php/php-src/blob/f13fd9e72a13e80512f6c8b2302e42d4f252c479/ext/openssl/openssl.c#L2295

The issue is not limited to Ubuntu 16.04 and PHP 7.

We experience a similar issue on Ubuntu 14.04 using PHP 5.5 (se exact system info below).

Tonight's unattended openssl update from 1.0.1f-1ubuntu2.19 to 1.0.1f-1ubuntu2.20 (http://www.ubuntu.com/usn/usn-3087-1/, http://changelogs.ubuntu.com/changelogs/pool/main/o/openssl/openssl_1.0.1f-1ubuntu2.20/changelog) causes our Satis installation (https://github.com/composer/satis) to segfault on trying to establish HTTPS connections;

Start-Date: 2016-09-23 04:45:30
Upgrade: libssl1.0.0:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20), libssl-dev:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20), libssl-doc:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20), openssl:amd64 (1.0.1f-1ubuntu2.19, 1.0.1f-1ubuntu2.20)
End-Date: 2016-09-23 04:45:34

We have isolated it to this simple php command trying to parse the openssl provided ca-certs also triggering the issue;

# php -r "openssl_x509_parse(file_get_contents('/etc/ssl/certs/ca-certificates.crt'));"
Segmentation fault (core dumped)

Downgrading is only possible to 1.0.1f-1ubuntu2, which causes some dependencies to be uninstalled which seems counterproductive;

# apt-get install libssl1.0.0=1.0.1f-1ubuntu2.19
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Version '1.0.1f-1ubuntu2.19' for 'libssl1.0.0' was not found

# apt-get install libssl1.0.0=1.0.1f-1ubuntu2
...
The following packages will be REMOVED:
  libssl-dev node-gyp nodejs-dev npm php5-dev
The following packages will be DOWNGRADED:
  libssl1.0.0
0 upgraded, 0 newly installed, 1 downgraded, 5 to remove and 1 not upgraded.

Why would those dependencies be removed and why can't I pinpoint that I want 1.0.1f-1ubuntu2.19 installed?

# php -v
PHP 5.5.9-1ubuntu4.19 (cli) (built: Jul 28 2016 19:31:33)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
    with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies
    with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans

# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.5 LTS
Release: 14.04
Codename: trusty

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openssl (Ubuntu):
status: New → Confirmed
Olli Salli (ollisa) wrote :

@mikini, I actually had a similar situation with apt-get wanting to remove npm. That's due to npm depending on node-gyp, which depends on nodejs-dev, which depends on libssl-dev. You need to install an old version of that package as well, you can't have a new libssl-dev package and an old libssl package installed together.

So something like:

apt-get install libssl1.0.0=1.0.1f-1ubuntu2 libssl-dev=1.0.1f-1ubuntu2 npm node-gyp nodejs-dev

should ensure you'll get compatible older versions installed, and still have the Node.js stuff.

However, that 1.0.1f-1ubuntu2 version seems quite old and could contain lots of vulnerabilities... I'd be wary of using it unless your server won't be doing SSL termination for clients from untrusted sources. Either because you SSL terminate at a load balancer, a reverse proxy or the like, or because your server is only accessible from a private network, like mine.

A better option would be to try and source the libssl and libssl-dev binaries for the immediately preceding 1.0.1f-1ubuntu2.19 version from somewhere else.

Olli Salli (ollisa) on 2016-09-23
summary: - libssl 1.0.2g-1ubuntu4.4 causes PHP7 SSL cert validation to segfault
+ libssl 1.0.2g-1ubuntu4.4 and 1.0.1f-1ubuntu2.20 cause PHP SSL cert
+ validation to segfault

Thanks @ollisa.

I had the same thoughts about 1.0.1f-1ubuntu2 so I found a downloadable build at https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.19. Installing just the ubuntu2.19 version of libssl1.0.0 solved the issue;

wget https://launchpad.net/~ubuntu-security/+archive/ubuntu/ppa/+build/9679884/+files/libssl1.0.0_1.0.1f-1ubuntu2.19_amd64.deb
dpkg -i libssl1.0.0_1.0.1f-1ubuntu2.19_amd64.deb

Now the certs can be parsed without segfault;
# php -r "echo gettype(openssl_x509_parse(file_get_contents('/etc/ssl/certs/ca-certificates.crt')));"
array

A good idea would be to put the package on hold to prevent further automatic upgrades. Though you'd then need to manually verify and unhold when a fix is out

# apt-mark hold libssl1.0.0
libssl1.0.0 set on hold.

Changed in openssl (Ubuntu):
assignee: nobody → Marc Deslauriers (mdeslaur)
Marc Deslauriers (mdeslaur) wrote :

I can reproduce this and will release an updated openssl package today.

Andreas Rütten (aruetten) wrote :

Also affected 1.0.1-4ubuntu5.37 on 12.04

vdloo (rickvandeloo) wrote :

Can confirm that this affects 1.0.1-4ubuntu5.37 on 12.04

Reproducible by trying to openssl_x509_parse the ssl cert for sourceforge with PHP 5.5.30-1+deb.sury.org~precise+1

$ openssl s_client -connect sourceforge.net:443 </dev/null |& sed -n '/BEGIN CERTIFICATE/,$p' | sed '/END CERTIFICATE/q' > cert.txt
$ echo "<?php openssl_x509_parse(file_get_contents('cert.txt'));" > segfault.php
$ php segfault.php
Segmentation fault (core dumped)

The backtrace:
$ gdb php
GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) r segf.php
Starting program: /usr/bin/php segf.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5c40f81 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) bt
#0 0x00007ffff5c40f81 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x00000000006e8e8d in add_assoc_string_ex ()
#2 0x00000000004a67ba in zif_openssl_x509_parse ()
#3 0x00000000006d4959 in dtrace_execute_internal ()
#4 0x00000000007911de in ?? ()
#5 0x0000000000754358 in execute_ex ()
#6 0x00000000006d4846 in dtrace_execute_ex ()
#7 0x00007ffff4f72ecc in ?? () from /usr/lib/php5/20121212/ioncube_loader_lin_5.5.so
#8 0x00000000006e66b4 in zend_execute_scripts ()
#9 0x000000000068380d in php_execute_script ()
#10 0x00000000007949c3 in ?? ()
#11 0x0000000000465081 in main ()
(gdb)

Changed in openssl (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
importance: Undecided → High
status: New → Confirmed
Changed in openssl (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
importance: Undecided → High
status: New → Confirmed
Changed in openssl (Ubuntu Xenial):
status: New → Confirmed
importance: Undecided → High
assignee: nobody → Marc Deslauriers (mdeslaur)
Marc Deslauriers (mdeslaur) wrote :

Packages that fix this issue are currently being built in the security team PPA:

https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages

They will be published as soon as they finish building and have gone through QA.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssl - 1.0.1-4ubuntu5.38

---------------
openssl (1.0.1-4ubuntu5.38) precise-security; urgency=medium

  * SECURITY REGRESSION: incomplete fix for CVE-2016-2182 (LP: #1626883)
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.

 -- Marc Deslauriers <email address hidden> Fri, 23 Sep 2016 07:59:32 -0400

Changed in openssl (Ubuntu Precise):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssl - 1.0.1f-1ubuntu2.21

---------------
openssl (1.0.1f-1ubuntu2.21) trusty-security; urgency=medium

  * SECURITY REGRESSION: incomplete fix for CVE-2016-2182 (LP: #1626883)
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.

 -- Marc Deslauriers <email address hidden> Fri, 23 Sep 2016 07:57:00 -0400

Changed in openssl (Ubuntu Trusty):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssl - 1.0.2g-1ubuntu4.5

---------------
openssl (1.0.2g-1ubuntu4.5) xenial-security; urgency=medium

  * SECURITY REGRESSION: incomplete fix for CVE-2016-2182 (LP: #1626883)
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.

 -- Marc Deslauriers <email address hidden> Fri, 23 Sep 2016 08:00:13 -0400

Changed in openssl (Ubuntu Xenial):
status: Confirmed → Fix Released
Changed in openssl (Ubuntu Yakkety):
status: Confirmed → Invalid
no longer affects: openssl (Ubuntu Yakkety)
Changed in openssl (Ubuntu):
status: Invalid → Fix Released
tags: added: regression-update
Olli Salli (ollisa) wrote :

Thank you. I can verify libssl1.0.0 1.0.2g-1ubuntu4.5 no longer exhibits the crash:

jenkins@ubuntutemplate:/var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress$ apt-cache policy libssl1.0.0
libssl1.0.0:
  Installed: 1.0.2g-1ubuntu4.5
  Candidate: 1.0.2g-1ubuntu4.5
  Version table:
 *** 1.0.2g-1ubuntu4.5 500
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1.0.2g-1ubuntu4.2 500
        500 http://fi.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
     1.0.2g-1ubuntu4 500
        500 http://fi.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
jenkins@ubuntutemplate:/var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress$ DATABASE_DATABASE=wordpressmastere2e wp plugin install --force --activate wp-cfm
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; WP_Import has a deprecated constructor in /var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress/wp-content/plugins/wordpress-importer/wordpress-importer.php on line 38
Notice: Undefined offset: 4 in phar:///usr/local/bin/wp/php/WP_CLI/DocParser.php on line 124
Installing WP-CFM (1.4.5)
Ladataan pakettia lähteestä https://downloads.wordpress.org/plugin/wp-cfm.zip...
Using cached file '/home/jenkins/.wp-cli/cache/plugin/wp-cfm-1.4.5.zip'...
Puretaan pakettia...
Asennetaan lisäosaa...
Poistetaan lisäosan vanhaa versiota...
Lisäosa päivitetty onnistuneesti.
Activating 'wp-cfm'...
Warning: Plugin 'wp-cfm' is already active.
jenkins@ubuntutemplate:/var/lib/jenkins/workspace/imt-erp-e2e-flaky/webshop/vagrant/wordpress$

Thanks for the fix.

I too can verify that our system doesn't segfault on Ubuntu 14.04 (trusty) using latest libssl1.0.0 (=1.0.1f-1ubuntu2.21);

# dpkg -l |grep libssl1.0.0
ii libssl1.0.0:amd64 1.0.1f-1ubuntu2.21 amd64 Secure Sockets Layer toolkit - shared libraries

# php -r "echo gettype(openssl_x509_parse(file_get_contents('/etc/ssl/certs/ca-certificates.crt')));"
array

We'll definitely be reconsidering which systems will be applying security upgrades unattended in the future.

This experience makes me wonder how patches for the -security suites (default for unattended-upgrades) are tested and QA'ed. Can anything be done to the Ubuntu process to prevent things like this happening again?

I'm unfamiliar with how this is done currently so excuse my ignorance. But I'm wondering why there seem to be no collaboration or correlation between Ubuntu and Debian security updates. Debian seems to have got this one right in the first shot (DSA is here https://www.debian.org/security/2016/dsa-3673).

BTW: the links to upstream patches on the Ubuntu CVE page (http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2182.html) are invalid caused by a version string being appended to the commit hash (looks like borked wiki syntax).

Marc Deslauriers (mdeslaur) wrote :

> This experience makes me wonder how patches for the -security suites (default for unattended-upgrades) are tested and QA'ed. Can anything be done to the Ubuntu process to prevent things like this happening again?

For OpenSSL, we run it through a test suite and also test it with commonly run software such as Apache, Wget, etc. In this instance, the issue was an off-by-one which means it only affected certain certificates, and unfortunately not the certs that were used in our test suite. We've now added a test to parse all certs in the ca-certificates.crt file so this particular issue doesn't happen again.

> Debian seems to have got this one right in the first shot (DSA is here https://www.debian.org/security/2016/dsa-3673).

Debian hit the very same regression. See https://lists.debian.org/debian-security-announce/2016/msg00255.html

> BTW: the links to upstream patches on the Ubuntu CVE page (http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2182.html) are invalid caused by a version string being appended to the commit hash

Thanks, I'll get that fixed.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers