We currently have OpenSSL 3.2.0 in our build system. The latest stable version is 3.3.1, and there have been some security fixes since our last upgrade. Some of those fixes might be relevant for us: https://www.openssl.org/news/cl33.txt https://www.openssl.org/news/vulnerabilities.html
The following CVE's have been fixed between 3.2.0 and 3.3.1: * 3.2.0 -> 3.2.1 - CVE-2024-0727 - CVE-2023-6237 - CVE-2023-6129 * 3.2.1 -> 3.2.2 - CVE-2024-2511 * 3.2 -> 3.3.0 - None * 3.3.0 -> 3.3.1 - CVE-2024-4741 - CVE-2024-4603
* CVE-2024-0727 Can potentially lead to a crash if an application reads a malformed PKCS12 file. * CVE-2023-6237 Only affects the function EVP_PKEY_public_check(), which we don't use. * CVE-2023-6129 Only affects PowerPC. * CVE-2024-2511 Only affects servers, not clients. * CVE-2024-4741 Only affects the function SSL_free_buffers(), which we don't use. * CVE-2024-4603 Only affects the functions EVP_PKEY_public_check() and EVP_PKEY_param_check(), which we don't use. Overall, only CVE-2024-0727 affects our client, and is very low severity.
(In reply to Adam Halim from comment #2) > * CVE-2024-2511 > Only affects servers, not clients. To add to this, the bug happens only if the SSL_OP_NO_TICKET option is used with TLSv1.3. We don't use this option. The bug can force a DoS, either by a malicious client, or by accidentally under normal operation.
Building 3.3.1 fails on win32 due to the following error: > /rpmbuild/BUILD/openssl-3.3.1/crypto/threads_win.c:199: undefined reference to `InterlockedAdd64' There seems to have been some effort made not to call InterlockedAdd64 on 32 bit windows systems [1], but the patches in [1] aren't part of the 3.3.1 release. Still, I tried building the master branch in Cenbuild to see if the patches work, and indeed I was able to build the package successfully (with some additional patching to detect MinGW). [1] https://github.com/openssl/openssl/pull/24405
OpenSSL has now been upgraded to 3.3.1. I backported the patch from [1] (only this PR, not the other 2). This did not merge cleanly, and I had to do this by hand. The patch only affects win32, so we should test that platform extra carefully. I also added a patch to detect 32 bit MinGW and have made a PR [2]. Hopefully, both of these patches can be removed next time we upgrade OpenSSL. [1] https://github.com/openssl/openssl/pull/24405 [2] https://github.com/openssl/openssl/pull/25025
I was able to successfully build the client-bundle, and tested connecting with a win32 client, and a Linux client on Fedora 39 without any issue. We should probably wait with more extensive tests until OpenSSH (bug 8389) has been upgraded as well. > MUST: > ✅ OpenSSL included in ThinLinc should not have any known security issues > affecting ThinLinc users There is still one known security issue in 3.3.1: * CVE-2024-5355 Affects function SSL_select_next_proto(), which we don't use. > SHOULD: > * The latest stable OpenSSL should be included in ThinLinc Indeed, we have the latest stable release.
Regarding CVE-2024-0727, it only affects a couple of functions, where the affected function PKCS12_parse() is used by OpenSC to read a key from a file and store it on the card, which we never do. This is not something we do.
Tested ssh on all platforms on bug 8389. Tested smart card authentication from Fedora 39. No issues. Patches look good. > MUST: > > * OpenSSL included in ThinLinc should not have any known security issues affecting ThinLinc users We are using the latest version, so we should have all fixes. One CVE was issued after that, but was commented on above. > SHOULD: > > * The latest stable OpenSSL should be included in ThinLinc Indeed we do, 3.3.1.
