Security OpenSSL January 26, 2017: OpenSSL 1.0.2k & 1.1.0d Security Update + Centmin Mod Nginx

eva2000 · Jan 27, 2017

OpenSSL 1.0.2k Release Information

OpenSSL folks are releasing OpenSSL 1.1.0d and 1.0.2k security updates on January 26th, 2017 - CVE-2017-3730, CVE-2017-3731, CVE-2017-3732, and backported patch fixed in OpenSSL 1.1.0c CVE-2016-7055. Centmin Mod 123.08stable only supports OpenSSL 1.0.2k for Nginx SSL. Centmin Mod 123.09beta01 supports both OpenSSL 1.1.0d and 1.0.2k for Nginx SSL.

OpenSSL Security Vulnerabilitys Fixed include:

CVE-2017-3730

CVE-2017-3731

CVE-2017-3732

backported patch fixed in OpenSSL 1.1.0c CVE-2016-7055

Changes between 1.0.2j and 1.0.2k [26 Jan 2017]
*) Truncated packet could crash via OOB read
If one side of an SSL/TLS path is running on a 32-bit host and a specific
cipher is being used, then a truncated packet can cause that host to
perform an out-of-bounds read, usually resulting in a crash.
This issue was reported to OpenSSL by Robert Święcki of Google.
(CVE-2017-3731)
[Andy Polyakov]

*) BN_mod_exp may produce incorrect results on x86_64
There is a carry propagating bug in the x86_64 Montgomery squaring
procedure. No EC algorithms are affected. Analysis suggests that attacks
against RSA and DSA as a result of this defect would be very difficult to
perform and are not believed likely. Attacks against DH are considered just
feasible (although very difficult) because most of the work necessary to
deduce information about a private key may be performed offline. The amount
of resources required for such an attack would be very significant and
likely only accessible to a limited number of attackers. An attacker would
additionally need online access to an unpatched system using the target
private key in a scenario with persistent DH parameters and a private
key that is shared between multiple clients. For example this can occur by
default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very
similar to CVE-2015-3193 but must be treated as a separate problem.
This issue was reported to OpenSSL by the OSS-Fuzz project.
(CVE-2017-3732)
[Andy Polyakov]

*) Montgomery multiplication may produce incorrect results
There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits. Analysis suggests that attacks against RSA, DSA
and DH private keys are impossible. This is because the subroutine in
question is not used in operations with the private key itself and an input
of the attacker's direct choice. Otherwise the bug can manifest itself as
transient authentication and key negotiation failures or reproducible
erroneous outcome of public-key operations with specially crafted input.
Among EC algorithms only Brainpool P-512 curves are affected and one
presumably can attack ECDH key negotiation. Impact was not analyzed in
detail, because pre-requisites for attack are considered unlikely. Namely
multiple clients have to choose the curve in question and the server has to
share the private key among them, neither of which is default behaviour.
Even then only clients that chose the curve will be affected.
This issue was publicly reported as transient failures and was not
initially recognized as a security issue. Thanks to Richard Morgan for
providing reproducible case.
(CVE-2016-7055)
[Andy Polyakov]

*) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
prevent issues where no progress is being made and the peer continually
sends unrecognised record types, using up resources processing them.
[Matt Caswell]
Click to expand...

Notes:

Prior to Feb 25th, 2016, Centmin Mod Nginx from 1.2.3-eva2000.08 (123.08stable) onwards by default are compiled against LibreSSL 2.2 instead of OpenSSL 1.0.2k, so generally don't need updating for Centmin Mod Nginx side. But CentOS system OpenSSL may need updates.

After Feb 25th, 2016, Centmin Mod 123.08stable version of Nginx has switched back to being compiled against OpenSSL 1.0.2+ for out of box defaults due to Nginx 1.9.12 compatibility issues with LibreSSL. While 123.09beta01 has switched back to LibreSSL 2.4 branch.

Centmin Mod LEMP Upgrade OpenSSL 1.0.2k

For Centmin Mod LEMP stack 1.2.3-eva2000.08 stable and higher, there's 2 parts to updating OpenSSL - system YUM package back ported update + Nginx OpenSSL static compilation for front facing Nginx server and https/SSL.

For Centmin Mod 1.2.3-eva2000.08 stable (123.08stable) and higher (including betas) you need to do 2 updates:
System OpenSSL update for CentOS
Nginx recompile with OPENSSL_VER='1.0.2k' variable set. Check your updated Centmin Mod centmin.sh to see if OPENSSL_VER='1.0.2k' is set. If not set, then you need to manually update and edit your server copy of by setting OPENSSL_VERSION='1.0.2k' in your persistent config file (create it if it doesn't exist) at /etc/centminmod/custom_config.inc and add to it
Code (Text):
OPENSSL_VERSION='1.0.2k'
Centmin Mod Nginx doesn't use system OpenSSL and is compiled statically - check command below will return blank/nothing for Centmin Mod Nginx. There's a reason why Centmin Mod Nginx is compiled against a statically linked OpenSSL version.
Code (Text):
 ldd `which nginx` | grep ssl
will come back empty for Centmin Mod Nginx based servers.

System OpenSSL update for CentOS

Usually Redhat and CentOS back port patches so you will see something like OpenSSL 1.0.1e-XX where XX is incremented version number with fixed patches. Will update this post once Redhat/CentOS have an updated YUM package.

Also sometimes Redhat or CentOS system versions won't be affected by the OpenSSL source listed bugs/security issues. You have to read each CVE* listing on Red Hat and CentOS bug trackers to see if they apply or not.

CentOS/Redhat system OpenSSL updates

CentOS 7
Code (Text):
TBA
CentOS 6
Code (Text):
TBA
For CentOS 7
Code (Text):
rpm -qa --changelog openssl | head -n8
TBA
For CentOS 6

CentOS system openssl update seems to be out for CentOS 6 - not yet for CentOS 7
Code (Text):
rpm -ql --changelog openssl | head -n13
TBA
For auto daily updates check out yum-cron for auto updates.
Code (Text):
yum list updates -q | grep openssl
Code (Text):
rpm -qa --changelog openssl | head -n11
To update
Code (Text):
yum -y update
Note: after system update you need to reboot your server to ensure all services which use OpenSSL also use the updated version.

Nginx recompile with OPENSSL_VER='1.0.2k'

Prior to Feb 25th, 2016, Centmin Mod Nginx from 1.2.3-eva2000.08 (123.08stable) onwards by default are compiled against LibreSSL 2.2 instead of OpenSSL 1.0.2k, so generally don't need updating for Centmin Mod Nginx side. But CentOS system OpenSSL may need updates.

After Feb 25th, 2016, Centmin Mod 123.08stable version of Nginx has switched back to being compiled against OpenSSL 1.0.2+ for out of box defaults due to Nginx 1.9.12 compatibility issues with LibreSSL. While 123.09beta01 has switched back to LibreSSL 2.4 branch.

To update if you are using OpenSSL and not the prior default Centmin Mod Nginx LibreSSL, edit your centmin.sh file variable for OPENSSL_VERSION. There's 2 ways to do that:
Best way is to use centmin.sh menu option 23 submenu option 2 for auto updating Centmin Mod code as outlined at centminmod.com/upgrade.html and at https://community.centminmod.com/threads/new-08-beta-menu-option-updating-centmin-mod-via-git.3084/. If Centmin Mod code has been updated, that method will auto update centmin.sh to latest version which already has OPENSSL_VERSION='1.0.2k' set. After updating via git centmin.sh menu option 23 submenu options, verify in centmin.sh that OPENSSL_VERSION='1.0.2k' is set.
If you do not have centmin.sh menu option 23 submenu option 1 for git environment setup or if centmin.sh doesn't have OPENSSL_VERSION='1.0.2k' set, then you need to manually update and edit your server copy of by setting OPENSSL_VERSION='1.0.2k' in your persistent config file (create it if it doesn't exist) at /etc/centminmod/custom_config.inc and add to it
Code (Text):
OPENSSL_VERSION='1.0.2k'
Then run centmin.sh menu option 4 to recompile Nginx. When prompted select yes or no from YUM checks, select NO (really system OpenSSL update step above wouldn't be needed if you select yes to YUM checks here ). Then when prompted specify Nginx version = 1.11.9 or newer. Let Nginx recompile run to completion, it should say Nginx installed successfully. Check if Nginx compiled against 1.0.2k using Nginx -V command
You can tell if your Centmin Mod Nginx is using OpenSSL or LibreSSL via output of SSH command
Code (Text):
nginx -V
If using LibreSSL, built with line will list such
Code (Text):
nginx -V
nginx version: nginx/1.11.9
built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
built with LibreSSL 2.4.4
If using OpenSSL, built with line will list such
Code (Text):
nginx -V
nginx version: nginx/1.11.9
built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
built with OpenSSL 1.0.2k  26 Jan 2017

eva2000 · Jan 27, 2017

As Centmin Mod Nginx defaults to LibreSSL for SSL, if you want to use OpenSSL 1.0.2k with Nginx SSL, need to set in persistent config file at /etc/centminmod/custom_config.inc the following variable
Code (Text):
LIBRESSL_SWITCH='n'
Then run centmin.sh menu option 4 to recompile Nginx.

So update your Centmin Mod code as outlined at Upgrade Centmin Mod - CentminMod.com LEMP Nginx web stack for CentOS via centmin.sh menu option 23 submenu option 2 first
Code (Text):
--------------------------------------------------------
     Centmin Mod Menu 123.09beta01 centminmod.com
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  XCache Re-install
7).  APC Cache Re-install
8).  XCache Install
9).  APC Cache Install
10). Memcached Server Re-install
11). MariaDB 5.2/5.5 & 10.x Upgrade Sub-Menu
12). Zend OpCache Install/Re-install
13). Install/Reinstall Redis PHP Extension
14). SELinux disable
15). Install/Reinstall ImagicK PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: pigz,pbzip2,lbzip2...
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Install/Re-Install
21). Update - Nginx + PHP-FPM + Siege
22). Add Wordpress Nginx vhost + Cache Plugin
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ] 23
--------------------------------------------------------
centmin.sh menu option 23 submenu option 2
Code (Text):
--------------------------------------------------------
        Centmin Mod Updater Sub-Menu          
--------------------------------------------------------
1). Setup Centmin Mod Github Environment
2). Update Centmin Mod Current Branch
3). Update Centmin Mod Newer Branch
4). Exit
--------------------------------------------------------
Enter option [ 1 - 4 ] 2
--------------------------------------------------------
select 4 to exit out of submenu, select 24 to exit out of centmin.sh, then re-cd into /usr/local/src/centminmod and re-run centmin.sh menu option 4
Code (Text):
cd /usr/local/src/centminmod
./centmin.sh
Or if you don't want to use centmin.sh menu option 23, you can do straight git pull update via
Code (Text):
cd /usr/local/src/centminmod
git stash
git pull
./centmin.sh
FYI, this forum is now using Nginx 1.11.9 + OpenSSL 1.0.2k via LIBRESSL_SWITCH='n' based centmin.sh menu option 4 recompile
Code (Text):
--------------------------------------------------------
     Centmin Mod Menu 123.09beta01 centminmod.com
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  XCache Re-install
7).  APC Cache Re-install
8).  XCache Install
9).  APC Cache Install
10). Memcached Server Re-install
11). MariaDB 5.2/5.5 & 10.x Upgrade Sub-Menu
12). Zend OpCache Install/Re-install
13). Install/Reinstall Redis PHP Extension
14). SELinux disable
15). Install/Reinstall ImagicK PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: pigz,pbzip2,lbzip2...
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Install/Re-Install
21). Update - Nginx + PHP-FPM + Siege
22). Add Wordpress Nginx vhost + Cache Plugin
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ] 4
--------------------------------------------------------
Code (Text):
Do you want to run YUM install checks ?  [y/n]

This will increase your upgrade duration time wise.
Check the change log centminmod.com/changelog.html
to see if any Nginx or PHP related new additions
which require checking YUM prequisites are met.
If no new additions made, you can skip the
YUM install check to speed up upgrade time.

 [y/n]: n
Code (Text):
Nginx Upgrade - Would you like to continue? [y/n] y

Install which version of Nginx? (version i.e. type 1.11.9): 1.11.9
End result

nginx -V
nginx version: nginx/1.11.9
built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
built with OpenSSL 1.0.2k 26 Jan 2017
TLS SNI support enabled
configure arguments: --with-ld-opt='-ljemalloc -Wl,-z,relro -Wl,-rpath,/usr/local/lib' --with-cc-opt='-m64 -mtune=native -mfpmath=sse -g -O3 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wno-sign-compare -Wno-string-plus-int -Wno-deprecated-declarations -Wno-unused-parameter -Wno-unused-const-variable -Wno-conditional-uninitialized -Wno-mismatched-tags -Wno-sometimes-uninitialized -Wno-parentheses-equality -Wno-tautological-compare -Wno-self-assign -Wno-deprecated-register -Wno-deprecated -Wno-invalid-source-encoding -Wno-pointer-sign -Wno-parentheses -Wno-enum-conversion -Wno-c++11-compat-deprecated-writable-strings -Wno-write-strings' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-http_stub_status_module --with-http_secure_link_module --add-module=../nginx-module-vts --with-libatomic --with-http_gzip_static_module --with-http_sub_module --with-http_addition_module --with-http_image_filter_module=dynamic --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-threads --with-stream=dynamic --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.0 --add-module=../ngx_cache_purge-2.3 --add-module=../ngx_devel_kit-0.3.0 --add-module=../set-misc-nginx-module-0.31 --add-module=../echo-nginx-module-0.60 --add-module=../redis2-nginx-module-0.13 --add-module=../ngx_http_redis-0.3.7 --add-module=../memc-nginx-module-0.17 --add-module=../srcache-nginx-module-0.31 --add-module=../headers-more-nginx-module-0.31 --with-pcre=../pcre-8.39 --with-pcre-jit --with-http_ssl_module --with-http_v2_module --with-openssl=../openssl-1.0.2k
Click to expand...

If your nginx -v output shows built with LibreSSL instead, then this OpenSSL 1.0.2k update doesn't apply to you. I'd expect LibreSSL 2.4.5 release soon for similar security fixes as right now LibreSSL 2.4.4 is latest still.

eva2000 · Jan 27, 2017

More details on security issues fixed in OpenSSL 1.0.2k and 1.1.0d OpenSSL Patches Four Vulnerabilities | SecurityWeek.Com

The OpenSSL Project announced on Thursday the availability of OpenSSL versions 1.1.0d and 1.0.2k, which address a total of four low and moderate severity vulnerabilities.

One of the flaws, tracked as CVE-2017-3731, allows an attacker to trigger an out-of-bounds read using a truncated packet and crash an SSL/TLS server or client running on a 32-bit host.

The weakness, reported in mid-November by Google security researcher Robert Swiecki, affects both the 1.1.0 and 1.0.2 branches when certain ciphers are used, specifically the ChaCha20-Poly1305 for version 1.1.0 and RC4-MD5 for 1.0.2.

Both OpenSSL branches are also affected by a carry propagation bug in the x86_64 Montgomery squaring procedure (CVE-2017-3732). A successful attack relying on a carry propagation bug can allow an attacker to recover encryption keys.

However, in this case, the OpenSSL Project said elliptic curve (EC) algorithms are not affected and attacks against RSA and DSA are difficult to carry out.
Click to expand...

The third vulnerability, identified as CVE-2017-3730, affects the 1.1.0 branch and it can be exploited in a denial-of-service (DoS) attack. A malicious server that supplies bad parameters for a DHE or ECDHE key exchange can cause the client to crash.

The flaw, reported recently by Guido Vranken, was fixed by OpenSSL developers before knowing that it had security implications.

OpenSSL 1.0.2k also addresses a low severity vulnerability that was patched in the 1.1.0 branch in November.

Currently, the only supported versions of OpenSSL are 1.0.2 and 1.1.0. Version 1.0.1 no longer receives security updates since January 1.
Click to expand...

For CVE-2017-3730 specifically CVE-2017-3730: OpenSSL 1.1.0 remote client denial-of-service, affects servers as well (+ PoC)

eva2000 · Jan 27, 2017

For Redhat/CentOS system OpenSSL

CVE-2017-3730 - Redhat/CentOS not affected CVE-2017-3730 - Red Hat Customer Portal

CVE-2017-3731 - Redhat/CentOS 6 and 7 affected and 5.x under investigation CVE-2017-3731 - Red Hat Customer Portal

CVE-2017-3732 - Redhat/CentOS 6 and 7 not affected CVE-2017-3732 - Red Hat Customer Portal

As expected as Redhat/CentOS use OpenSSL 1.0.1e with backported fixes and these seem to be related to OpenSSL 1.0.2+ and 1.1.0+ which only Centmin Mod Nginx uses for ALPN protocol and HTTP/2 support.

eva2000 · Jan 27, 2017

Interesting comparison stats/diff for openssl 1.0.2j vs 1.0.2k OpenSSL: Source code changes report for 1.0.2j vs. 1.0.2k | Fossies Diffs

CarpCharacin · Jan 31, 2017

Does this apply if I am using LetsEncrypt?

eva2000 · Jan 31, 2017

CarpCharacin said: ↑

Does this apply if I am using LetsEncrypt?
Click to expand...

applies if Nginx uses OpenSSL

As per bottom of 1st post above. You can tell if your Centmin Mod Nginx is using OpenSSL or LibreSSL via output of SSH command
Code (Text):
nginx -V
If using LibreSSL, built with line will list such
Code (Text):
nginx -V
nginx version: nginx/1.11.9
built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
built with LibreSSL 2.4.4
If using OpenSSL, built with line will list such
Code (Text):
nginx -V
nginx version: nginx/1.11.9
built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
built with OpenSSL 1.0.2k  26 Jan 2017

CarpCharacin · Jan 31, 2017

I just recompiled nginx. nginx -V says it is using libressl. What is the difference? Isn't libressl a fork of openssl?

eva2000 · Jan 31, 2017

CarpCharacin said: ↑

I just recompiled nginx. nginx -V says it is using libressl. What is the difference? Isn't libressl a fork of openssl?
Click to expand...

Yup, so you're fine, Centmin Mod defaults to LibreSSL for Nginx unless you set LIBRESSL_SWITCH='n' in persistent config /etc/centminmod/custom_config.inc BEFORE centmin.sh menu option 4 nginx compiles.

CarpCharacin · Jan 31, 2017

This is the full output of nginx -V.

Code (Text):

nginx version: nginx/1.11.9
built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
built with LibreSSL 2.4.4
TLS SNI support enabled
configure arguments: --with-ld-opt='-lrt -ljemalloc -Wl,-z,relro -Wl,-rpath,/usr/local/lib' --with-cc-opt='-m64 -mtune=native -mfpmath=sse -g -O3 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wno-sign-compare -Wno-string-plus-int -Wno-deprecated-declarations -Wno-unused-parameter -Wno-unused-const-variable -Wno-conditional-uninitialized -Wno-mismatched-tags -Wno-sometimes-uninitialized -Wno-parentheses-equality -Wno-tautological-compare -Wno-self-assign -Wno-deprecated-register -Wno-deprecated -Wno-invalid-source-encoding -Wno-pointer-sign -Wno-parentheses -Wno-enum-conversion -Wno-c++11-compat-deprecated-writable-strings -Wno-write-strings' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-http_stub_status_module --with-http_secure_link_module --add-module=../nginx-module-vts --with-libatomic --with-http_gzip_static_module --with-http_sub_module --with-http_addition_module --with-http_image_filter_module=dynamic --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --with-threads --with-stream=dynamic --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.0 --add-module=../ngx_cache_purge-2.3 --add-module=../ngx_devel_kit-0.3.0 --add-module=../set-misc-nginx-module-0.31 --add-module=../echo-nginx-module-0.60 --add-module=../redis2-nginx-module-0.13 --add-module=../ngx_http_redis-0.3.7 --add-module=../memc-nginx-module-0.17 --add-module=../srcache-nginx-module-0.31 --add-module=../headers-more-nginx-module-0.32 --with-pcre=../pcre-8.40 --with-pcre-jit --with-http_ssl_module --with-http_v2_module --with-openssl=../libressl-2.4.4

Log in / Register

Forums

Learn about Centmin Mod LEMP Stack today

Security OpenSSL January 26, 2017: OpenSSL 1.0.2k & 1.1.0d Security Update + Centmin Mod Nginx

eva2000 Administrator Staff Member

OpenSSL 1.0.2k Release Information

Centmin Mod LEMP Upgrade OpenSSL 1.0.2k

System OpenSSL update for CentOS

Nginx recompile with OPENSSL_VER='1.0.2k'

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

CarpCharacin Member

eva2000 Administrator Staff Member

CarpCharacin Member

eva2000 Administrator Staff Member

CarpCharacin Member

.

Log in / Register

Useful Searches

Learn about Centmin Mod LEMP Stack today

Security OpenSSL January 26, 2017: OpenSSL 1.0.2k & 1.1.0d Security Update + Centmin Mod Nginx

eva2000 Administrator Staff Member

OpenSSL 1.0.2k Release Information

Centmin Mod LEMP Upgrade OpenSSL 1.0.2k

System OpenSSL update for CentOS

Nginx recompile with OPENSSL_VER='1.0.2k'

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

CarpCharacin Member

eva2000 Administrator Staff Member

CarpCharacin Member

eva2000 Administrator Staff Member

CarpCharacin Member

.