Security-Announce archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

NetBSD Security Advisory 2014-004: OpenSSL information disclosure ("heartbleed")

Hash: SHA1

                NetBSD Security Advisory 2014-004

Topic:          OpenSSL information disclosure ("heartbleed")

Version:        NetBSD-current:         before Tue April 8th, 2014
                NetBSD 6.1 - 6.1.3:     affected
                NetBSD 6.0 - 6.0.4:     affected
                NetBSD 5.1 - 5.1.4:     not affected (but see pkgsrc)
                NetBSD 5.2 - 5.2.2:     not affected (but see pkgsrc)
                pkgsrc:                 affected

Severity:       high

Fixed:          NetBSD-current:         Tue April 8th, 2014
                NetBSD-6-0 branch:      Tue April 8th, 2014
                NetBSD-6-1 branch:      Tue April 8th, 2014
                NetBSD-6 branch:        Tue April 8th, 2014
                pkgsrc:                 openssl-1.0.1g (Tue April 8th, 2014)

Teeny versions released later than the fix date will contain the fix.

Please note that NetBSD releases prior to 5.1 are no longer supported.
It is recommended that all users upgrade to a supported release.


Due to a programming error, a feature of the TLS protocol could
be used to deliver unselective chunks of memory of the process
running the TLS protocol.

The chunks of memory revealed to the attacker are likely to include
the private key the program is using to secure TLS connections,
but may include other vulnerable material, like e.g. in the case
of a https or ldaps server, account names and passwords of users.

Also, once the attacker has a copy of the private key they can run
very difficult to detect Man in the Middle attacks, or just listen
in on further communication with the affected program if they are
in a position to intercept traffic to it. (i.e. your encrypted
connection could as well be cleartext).

This vulnerability has been assigned CVE-2014-0160.

Technical Details

A missing bounds check in the openssl 1.0.1 libssl library before
version 1.0.1g in the implementation of the RFC6520 TLS heartbeat
extension exposes up to 64k of memory of the process using libssl
on each invocation (e.g. on every connection).

Solutions and Workarounds

Update your OpenSSL libraries, make sure the old libssl is no longer
used, and change your certificate.

Update your OpenSSL libraries
- -----------------------------
On NetBSD 6.*, the fastest method to obtain fixed libraries is to
download the fixed libraries for your system from
and to deploy them:
cd /some/scratchpath
gpg --verify SHA512.asc
# check for: Good signature from "NetBSD Security Officer 
cksum -a sha512 netbsd6-`uname -m`-heartbleedfix.tgz > /tmp/netbsd6-`uname 
grep netbsd6-`uname -m`-heartbleedfix.tgz SHA512 > /tmp/netbsd6-`uname 
diff /tmp/netbsd6-`uname -m`-heartbleedfix.tgz.sha512.*
(diff should have no output)

cd / && tar xzpf /some/scratchpath/heartbleed/netbsd6-`uname 
rm /usr/lib/
(remove the affected library just to make sure. Continue
reading below)

On NetBSD current, update src and rebuild and install.

Other ways to obtain a libssl that is not affected
- --------------------------------------------------
Rebuilding libssl (from src/crypto/external/bsd/openssl/lib/libssl)
with -DOPENSSL_NO_HEARTBEATS set will obtain a library that doesn't
support the extension and thus can't be attacked through it.

Get the fixed library into use
- ------------------------------
Since the vulnerability is in a shared library, getting the old
library purged and the fixed one into use requires shutting down
all programs that load libssl. This includes sshd (which is not
affected in its role as ssh-service-provider, but may be impacted
as a ldaps client f.e.). The easiest way to do this is to reboot
the system.

Fixed versions
- --------------
files relative to src/crypto/external/bsd/openssl/dist/ssl

branch      d1_both.c        t1_lib.c
- ----------  ---------------  -----------
HEAD          1.11

Thanks To

OpenSSL thanks Neel Mehta of Google Security for discovering this bug
and Adam Langley <> and Bodo Moeller 
for preparing the fix.

NetBSD furthermore thanks Christos Zoulas for updating -current and
the releng team for the fast pullup and the preparation of the fix

Revision History

        2014-04-09      Initial release

More Information

Advisories may be updated as new information becomes available.
The most recent version of this advisory (PGP signed) can be found at

Information about NetBSD and NetBSD security can be found at and .

Copyright 2014, The NetBSD Foundation, Inc.  All Rights Reserved.
Redistribution permitted only in full, unmodified form.

$NetBSD: NetBSD-SA2014-004.txt,v 1.1 2014/04/09 20:56:18 tonnerre Exp $

Version: GnuPG v1


Home | Main Index | Thread Index | Old Index