Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20140605135453.GA22783@openwall.com>
Date: Thu, 5 Jun 2014 17:54:53 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: OpenSSL seven security fixes

On Thu, Jun 05, 2014 at 04:43:25PM +0400, Solar Designer wrote:
> The distros list was informed of the upcoming OpenSSL release a few days
> in advance, but detail on the vulnerabilities was being provided
> separately, on request from each specific distro individually (PGP
> encrypted).  Overall, I'd say the advance notification to distros was
> just right - not too much (only a few days), not too little (just
> enough), and without unnecessarily exposing the detail to distros who
> wouldn't need it.
> 
> A bit worrying is the statement that the "issue was reported to OpenSSL
> on 1st May 2014", though, but I appreciate the OpenSSL team making that
> statement (it's in the advisory).

Mark Cox, who was providing vulnerability detail to individual distros,
has just posted the timeline:

https://plus.google.com/+MarkJCox/posts/L8i6PSsKJKs

---
Here is the timeline from my (OpenSSL) perspective for the recent CCS
Inject MITM vulnerability as well as the other flaws being fixed today.

** SSL/TLS MITM vulnerability (CVE-2014-0224)

2014-04-22 (Date we were told the reporters shared the issue with
                        JPCERT/CC)
2014-05-01 JPCERT/CC make first contact with OpenSSL security
2014-05-02 JPCERT/CC send detailed report and reproducer to        
                        OpenSSL security
2014-05-09 CERT/CC make first contact with OpenSSL security      
                         and send an updated report
2014-05-09 OpenSSL verify the issue and assign CVE-2014-0224
2014-05-12 JPCERT/CC contact OpenSSL with updated reproducer
2014-05-13 OpenSSL start communication directly to reporters to  
                       share updated patch and other technical details
2014-05-21 JPCERT/CC notify OpenSSL they have notified
                       "vendors who have implemented  OpenSSL in their          
                        products" under their framework agreement
2014-05-21 CERT/CC request permission to prenotify vendors of
                       the issue
2014-05-21 OpenSSL work with two major infrastructure providers
                       to test the fix and  ensure the fix is sufficient
2014-06-02 CERT/CC notify their distribution list about the security
                        update but with no details
2014-06-02 "OS distros" private vendor list is given headsup and
                        ability to request the patches and draft advisory
                        (0710).  Told Red Hat (0710) Debian (0750) FreeBSD
                        (0850),  AltLinux (1050), Gentoo (1150), Canonical
                        (1150), IBM (1700), Oracle (1700), 
                        SUSE (2014-06-03:0820), Amazon AMI
                        (2014-06-03:1330), NetBSD/pkgsrc (2014-06-04:0710),
                        Openwall (2014-06-04:0710)
2014-06-02 Red Hat find issue with patch (1400), updated patch
                        sent to vendors
2014-06-02 Canonical find regression with patch (1700), Stephen
                         produces updated patch, sent to vendors (1820)
2014-06-03 "ops-trust" (1015) and selected OpenSSL Foundation
                         contracts (0820) are told a security  update will be
                         released on 2014-06-05 but with no details
2014-06-05 Security updates and advisory is released

** DTLS recursion flaw (CVE-2014-0221)

2014-05-09 Reporter contacts OpenSSL security
2014-05-09 OpenSSL contacts reporter with possible patch for
                       verification
2014-05-16 Reporter confirmes patch
2014-05-18 OpenSSL tells reporter CVE name
2014-06-02 "OS distros" notification as above
2014-06-03 OpenSSL lets reporter know the release date
2014-06-05 Security updates and advisory is released

** DTLS invalid fragment vulnerability (CVE-2014-0195)

2014-04-23 HP ZDI contact OpenSSL security and pass on security
                        report
2014-05-29 OpenSSL let ZDI know the release date
2014-06-02 "OS distros" notification as above
2014-06-05 Security updates and advisory is released

** Anonymous ECDH denial of service (CVE-2014-3470)

2014-05-28 Felix Grbert and Ivan Fratri at Google report to
                       OpenSSL
2014-05-29 OpenSSL tell reporters CVE name and release date
2014-06-02 "OS distros" notification as above
2014-06-05 Security updates and advisory is released

(All times UTC)
---

On Twitter, Mark (@iamamoose) pointed out that "by telling OS vendors in
advance we actually caught two problems with the patches!", I guess
referring to these two timeline entries:

2014-06-02 Red Hat find issue with patch (1400), updated patch
                        sent to vendors
2014-06-02 Canonical find regression with patch (1700), Stephen
                         produces updated patch, sent to vendors (1820)

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.