5 - USN-204-1

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

libssl0.9.7

The problem can be corrected by upgrading the affected package to version 0.9.7d-3ubuntu0.3 (for Ubuntu 4.10), 0.9.7e-3ubuntu0.2 (for Ubuntu 5.04), or 0.9.7g-1ubuntu1.1 (for Ubuntu 5.10). Since the SSL library is used by a lot of server and desktop applications, you should restart your computer after a standard system upgrade to ensure that all programs use the new library.

Details follow:

Yutaka Oiwa discovered a possible cryptographic weakness in OpenSSL applications. Applications using the OpenSSL library can use the SSL_OP_MSIE_SSLV2_RSA_PADDING option (or SSL_OP_ALL, which implies the former) to maintain compatibility with third party products, which is achieved by working around known bugs in them.

The SSL_OP_MSIE_SSLV2_RSA_PADDING option disabled a verification step in the SSL 2.0 server supposed to prevent active protocol-version rollback attacks. With this verification step disabled, an attacker acting as a "man in the middle" could force a client and a server to negotiate the SSL 2.0 protocol even if these parties both supported SSL 3.0 or TLS 1.0. The SSL 2.0 protocol is known to have severe cryptographic weaknesses and is supported as a fallback only.