​Logjam OpenSSL security hole patched

Logjam proved not to be a disaster in the making, but smart server administrators will still want to update their OpenSSL programs as soon as possible.
Written by Steven Vaughan-Nichols, Senior Contributing Editor

OpenSSL, thanks to the help of the Linux Foundation's Core Infrastructure Initiative (CII) and the NCC Group, is finally getting ahead of its security problems. OpenSSL, perhaps the world's most important web security library with its Secure Sockets Layer (SSL) and Transport Layer Security (TLS) support, issued security patches on June 11 for OpenSSL.

Of the other half-dozen fixes, the most significant one was for Logjam. Logjam sprang from a a problem with the Diffie-Hellman key exchange. Diffie-Hellman is a popular algorithm used by SSL and TLS to agree on a shared encryption key and create a secure connection. In theory, Logjam assaults allowed a man-in-the-middle (MITM) cyber attacker to downgrade vulnerable TLS connections to an attackable 512-bit export-grade cypher. In practice, there appeared to have been few, if any, successful Logjam attacks.

If you update OpenSSL today, you won't have to worry about Logjam tomorrow. With the fix, OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1,024 bits in a future release. In the meantime, OpenSSL 1.0.2 users should upgrade to 1.0.2b, and OpenSSL 1.0.1 users should upgrade to 1.0.1n.

None of these problems are on the level of Heartbleed or FREAK. Still, most of them could be used to cause denial-of-service attacks. In addition, one of them, which can be used to attack older versions of OpenSSL, could cause memory corruption.

This potential memory issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8. This memory buffer problem hits the following versions of OpenSSL:

  • OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
  • OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m
  • OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h

The other holes, while not as serious, can still cause a denial-of-service attack, and thus should also be patched as soon as possible.

Looking ahead, OpenSSL reminded users that support for OpenSSL versions 1.0.0 and 0.9.8 will cease on December 31, 2015. This means that there will be no security updates for these releases after that date. Users of these outdated releases should therefore upgrade to a modern version of OpenSSL as soon as possible.

Related stories:

Editorial standards