New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 836760 link

Starred by 1 user
Status: Fixed
Owner:
sawlani@google.com
Last visit > 30 days ago
Closed: Jun 2018
Cc:
adityakali@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug-Security



Sign in to add a comment

CrOS: Vulnerability reported in dev-libs/openssl

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Apr 25 2018 
Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: dev-libs/openssl
Package Version: [cpe:/a:openssl:openssl:1.0.2j cpe:/a:openssl:openssl:1.0.2k]


Advisory: CVE-2018-0739
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2018-0739
  CVSS severity score: 4.3/10.0
  Confidence: high
  Description:

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).

Comment 1 by vapier@chromium.org, Apr 25 2018

Components: OS>Packages
Labels: -ComponentOSKernel

Comment 2 by allenwebb@chromium.org, Apr 26 2018

Labels: Security_Severity-Low
Owner: adityakali@google.com
Status: Assigned (was: Untriaged)
Aditya, could you look into pulling in a newer openssl from upstream to address this? If not, would you assign it to someone who can? Thanks.

Comment 3 by adityakali@google.com, Apr 27 2018 

Yeah. I will take a look. I have b/78556323 assigned to me for the same.
Thanks.

Comment 4 by adityakali@google.com, May 3 2018

Cc: adityakali@google.com
Owner: sawlani@google.com
Project Member

Comment 5 by bugdroid1@chromium.org, Jun 2 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/12e9f6f49b9d59e2310d0af854c614757df3d516

commit 12e9f6f49b9d59e2310d0af854c614757df3d516
Author: Pradeep Sawlani <sawlani@google.com>
Date: Sat Jun 02 00:44:48 2018

dev-libs/openssl: version bump to 1.0.2o

BUG= chromium:836760 , b:78556323
TEST=emerge-$BOARD dev-libs/openssl and trybots.

Change-Id: Id52c72b8b9ba3af36aa52bc5327a0e213bdd3a72
Signed-off-by: Pradeep Sawlani <sawlani@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1048867
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[rename] https://crrev.com/12e9f6f49b9d59e2310d0af854c614757df3d516/dev-libs/openssl/openssl-1.0.2o-r1.ebuild
[modify] https://crrev.com/12e9f6f49b9d59e2310d0af854c614757df3d516/dev-libs/openssl/Manifest

Comment 6 by sawlani@google.com, Jun 4 2018

Status: Fixed (was: Assigned)
Project Member

Comment 7 by sheriffbot@chromium.org, Jun 5 2018

Labels: -Restrict-View-SecurityTeam Restrict-View-SecurityNotify
Project Member

Comment 8 by sheriffbot@chromium.org, Sep 11

Labels: -Restrict-View-SecurityNotify allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment