Environment
Access Manager 4.4
Access Manager 4.3
Access Manager 4.2
NetIQ Access Gateway
Situation
The OpenSSL open source project team recently released an update to
1.0.2m with a number of fixes
(https://www.openssl.org/news/openssl-1.0.2-notes.html). The Access
Gateway component of Access Manager uses this library for cryptographic
functions. It is recommended that all the Access Gateways be updated
with this latest OpenSSL patch, using the instructions below, to avoid
any concerns.
Resolution
Depending on the Access Gateway platform, different approaches are required to apply the fix.
a) On an Access Manager or Access Gateway Appliance platform: Simply apply the security updates from the Security update channel to have the latest patches applied. The instructions at https://www.netiq.com/documentation/access-manager-42/install_upgrade/data/bowu0bx.html outline how to do this.
b) On a Linux based Access Gateway Service (SLES or RHEL): Apply the instructions from KB 7017580, passing in the filename of novell-nacm-apache-extra-4.1.3-1.0.2m to update to OpenSSL 1.0.2m.
c) On a Windows based Access Gateway Service: Apply the instructions from KB 7017582, passing in the filename of Openssl_Win_102p to update to OpenSSL 1.0.2m.
a) On an Access Manager or Access Gateway Appliance platform: Simply apply the security updates from the Security update channel to have the latest patches applied. The instructions at https://www.netiq.com/documentation/access-manager-42/install_upgrade/data/bowu0bx.html outline how to do this.
b) On a Linux based Access Gateway Service (SLES or RHEL): Apply the instructions from KB 7017580, passing in the filename of novell-nacm-apache-extra-4.1.3-1.0.2m to update to OpenSSL 1.0.2m.
c) On a Windows based Access Gateway Service: Apply the instructions from KB 7017582, passing in the filename of Openssl_Win_102p to update to OpenSSL 1.0.2m.
Cause
Changes between 1.0.2l and 1.0.2m [2 Nov 2017]
*) bn_sqrx8x_internal carry bug on x86_64
There is a carry propagating bug in the x86_64 Montgomery squaring
procedure. No EC algorithms are affected. Analysis suggests that attacks
against RSA and DSA as a result of this defect would be very difficult to
perform and are not believed likely. Attacks against DH are considered just
feasible (although very difficult) because most of the work necessary to
deduce information about a private key may be performed offline. The amount
of resources required for such an attack would be very significant and
likely only accessible to a limited number of attackers. An attacker would
additionally need online access to an unpatched system using the target
private key in a scenario with persistent DH parameters and a private
key that is shared between multiple clients.
This only affects processors that support the BMI1, BMI2 and ADX extensions
like Intel Broadwell (5th generation) and later or AMD Ryzen.
This issue was reported to OpenSSL by the OSS-Fuzz project.
(CVE-2017-3736)
[Andy Polyakov]
*) Malformed X.509 IPAddressFamily could cause OOB read
If an X.509 certificate has a malformed IPAddressFamily extension,
OpenSSL could do a one-byte buffer overread. The most likely result
would be an erroneous display of the certificate in text format.
This issue was reported to OpenSSL by the OSS-Fuzz project.
(CVE-2017-3735)