OpenSSL Security Advisory [25-Mar-2009] Three moderate severity security flaws have been fixed in OpenSSL 0.9.8k. ASN1 printing crash =================== The function ASN1_STRING_print_ex() when used to print a BMPString or UniversalString will crash with an invalid memory access if the encoded length of the string is illegal. (CVE-2009-0590) Any OpenSSL application which prints out the contents of a certificate could be affected by this bug, including SSL servers, clients and S/MIME software. Users of OpenSSL 0.9.8j or earlier should update to 0.9.8k which contains a patch to correct this issue. Incorrect Error Checking During CMS verification. ================================================= The function CMS_verify() does not correctly handle an error condition involving malformed signed attributes. This will cause an invalid set of signed attributes to appear valid and content digests will not be checked. (CVE-2009-0591) These malformed attributes cannot be generated without access to he signer's private key so an attacker cannot forge signatures. A valid signer could however generate an invalid signature which appears valid and later repudiate the signature. The older PKCS#7 code is not affected. This issue only affects CMS users: CMS is only present in OpenSSL 0.9.8h and later where it is disabled by default and 0.9.9-dev. Users of OpenSSL CMS code should update to 0.9.8k which contains a patch to correct this issue. Thanks to Ivan Nestlerode of IBM for reporting this issue. Invalid ASN1 clearing check =========================== When a malformed ASN1 structure is received it's contents are freed up and zeroed and an error condition returned. On a small number of platforms where sizeof(long) < sizeof(void *) (for example WIN64) this can cause an invalid memory access later resulting in a crash when some invalid structures are read, for example RSA public keys (CVE-2009-0789). Any OpenSSL application which uses the public key of an untrusted certificate could be crashed by a malformed structure. Including SSL servers, clients, CA and S/MIME software. Users of OpenSSL 0.9.8j or earlier on affected platforms should update to 0.9.8k which contains a patch to correct this issue. Thanks to Paolo Ganci for reporting this issue. References =========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20090325.txt