Updated: openssl-0.9.8j-1, openssl-devel-0.9.8j-1

Corinna Vinschen corinna-cygwin@cygwin.com
Thu Jan 8 11:28:00 GMT 2009

I've updated the version of OpenSSL to 0.9.8j-1.  This also includes the
openssl-devel package.

This is an upstream security and bugfix release.  The Cygwin release is
the vanilla version, no additional patches.

OpenSSL Security Advisory:
OpenSSL Security Advisory [07-Jan-2009]

Incorrect checks for malformed signatures
- -------------------------------------------

Several functions inside OpenSSL incorrectly checked the result after
calling the EVP_VerifyFinal function, allowing a malformed signature
to be treated as a good signature rather than as an error.  This issue
affected the signature checks on DSA and ECDSA keys used with

One way to exploit this flaw would be for a remote attacker who is in
control of a malicious server or who can use a 'man in the middle'
attack to present a malformed SSL/TLS signature from a certificate chain
to a vulnerable client, bypassing validation.

This vulnerability is tracked as CVE-2008-5077.

The OpenSSL security team would like to thank the Google Security Team
for reporting this issue.

Who is affected?
- -----------------

Everyone using OpenSSL releases prior to 0.9.8j as an SSL/TLS client
when connecting to a server whose certificate contains a DSA or ECDSA key.

Use of OpenSSL as an SSL/TLS client when connecting to a server whose
certificate uses an RSA key is NOT affected.

Verification of client certificates by OpenSSL servers for any key type
is NOT affected.

Recommendations for users of OpenSSL
- ------------------------------------

Users of OpenSSL 0.9.8 should update to the OpenSSL 0.9.8j release
which contains a patch to correct this issue.

The patch used is also appended to this advisory for users or
distributions who wish to backport this patch to versions they build
from source.

Recommendations for projects using OpenSSL
- ------------------------------------------

Projects and products using OpenSSL should audit any use of the
routine EVP_VerifyFinal() to ensure that the return code is being
correctly handled.  As documented, this function returns 1 for a
successful verification, 0 for failure, and -1 for an error.

General recommendations
- -----------------------

Any server that has clients using OpenSSL verifying DSA or ECDSA
certificates, regardless of the software used by the server, should
either ensure that all clients are upgraded or stop using DSA/ECDSA
certificates. Note that unless certificates are revoked (and clients
check for revocation) impersonation will still be possible until the
certificate expires.

[CV: I removed the patch from this announcement.  You can find it here:


Official release message:
   OpenSSL version 0.9.8j released

   OpenSSL - The Open Source toolkit for SSL/TLS

   The OpenSSL project team is pleased to announce the release of
   version 0.9.8j of our open source toolkit for SSL/TLS. This new
   OpenSSL version is a critical security, feature and bugfix release.
   For a complete list of changes, please see

   This is the first full release of OpenSSL that can link against the
   validated FIPS module version 1.2

   We consider OpenSSL 0.9.8j to be the best version of OpenSSL
   available and we strongly recommend that users of older versions
   upgrade as soon as possible. OpenSSL 0.9.8j is available for
   download via HTTP and FTP from the following master locations (you
   can find the various FTP mirrors under

     * http://www.openssl.org/source/
     * ftp://ftp.openssl.org/source/

   The distribution file names are:

    o openssl-0.9.8j.tar.gz
      Size: 3738359
      MD5 checksum: a5cb5f6c3d11affb387ecf7a997cac0c
      SHA1 checksum: f70f7127a26e951e8a0d854c0c9e6b4c24df78e4

   The checksums were calculated using the following commands:

    openssl md5 openssl-0.9.*.tar.gz
    openssl sha1 openssl-0.9.*.tar.gz


   The OpenSSL Project Team...

    Mark J. Cox             Nils Larsch         Ulf M\303\266ller
    Ralf S. Engelschall     Ben Laurie          Andy Polyakov
    Dr. Stephen Henson      Richard Levitte     Geoff Thorpe
    Lutz J\303\244nicke            Bodo M\303\266ller

To update your installation, click on the "Install Cygwin now" link on
the http://cygwin.com/ web page.  This downloads setup.exe to your
system.  Then, run setup and answer all of the questions.


If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there.  It will be in the format:


If you need more information on unsubscribing, start reading here:


Please read *all* of the information on unsubscribing that is available
starting at the above URL.

Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

More information about the Cygwin-announce mailing list