All users of OpenSSL 1.0.2 should upgrade immediately to version 1.0.2a. In the advisory published on their website the OpenSSL vulnerability is called “ClientHello sigalgs DoS (CVE-2015-0291)”. If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension, a NULL pointer dereference will occur. This can be exploited in a DoS attack against the server.
According to OpenSSL’s Security Policy, a “high severity issue” includes issues affecting common configurations which are also likely to be exploitable. Examples include a server DoS (like this one), a significant leak of server memory (Heartbleed), and remote code execution.
OpenSSL promises that such issues “will be kept private and will trigger a new release of all supported versions”. They will attempt to keep the time these issues are private to a minimum, but the goal would be “no longer than a month” where this is something that can be controlled, and significantly quicker if there is a significant risk or we are aware the issue is being exploited.
The OpenSSL vulnerability has been reported on February 26th and the fix was released yesterday (March 19th), so well within the limit.
If this was no surprise, this advisory comes with something everyone was expecting: the FREAK vulnerability, which was initially categorized as “low severity”, has been reclassified as “high severity”. This was initially classified low because it was originally thought that servers with RSA export cipher suite support were rare: a client was only vulnerable to a MITM attack against a server which supports an RSA export cipher suite. Recent studies have shown that RSA export cipher suites support is far more common.
The patch comes also with fixes for a dozen or so vulnerabilities categorized as “moderate” and “low” severity.
Our recommendation is to update to version 1.0.2a immediately. Now that the vulnerability is public, it is to be expected that cybercriminals will try to exploit it.