On 09/07/2015 15:10, OpenSSL wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > OpenSSL Security Advisory [9 Jul 2015] > ======================================= > > Alternative chains certificate forgery (CVE-2015-1793) > ====================================================== > > Severity: High > > During certificate verification, OpenSSL (starting from version 1.0.1n and > 1.0.2b) will attempt to find an alternative certificate chain if the first > attempt to build such a chain fails. An error in the implementation of this > logic can mean that an attacker could cause certain checks on untrusted > certificates to be bypassed, such as the CA flag, enabling them to use a valid > leaf certificate to act as a CA and "issue" an invalid certificate. Why was this introduced in a patch release? I thought improved chain building was a new feature, and thus delineated by a library version number such as 1.0.2or 1.0.3. In fact, I thought that was the reason we all had to wait ages before this long standing shortcoming was fixed. > This issue will impact any application that verifies certificates including > SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication. Does this vulnerability also affect applications that use OpenSSL or the openssl command line to handle S/MIME or other CMS messages? For example, the mail client mutt handles S/MIME by invoking the openssl command line via macros in the default configuration file. P.S. Sorry for first trying to send to -announce, MUA must have ignored the Reply-To. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S.http://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150709/cf1526d6/attachment.html>
