Took me a bit to find out so sharing it here: one RSS for these announces is here http://rss.gmane.org/gmane.comp.encryption.openssl.announce - plug this into Boxcar, IFTTT etc to get push notifications.

Here's an RSS -> Email recipe off this RSS feed, in case it's easier for folks. https://ifttt.com/recipes/212315-get-openssl-alerts-from-gma...

Or you could just subscribe to openssl-announce.

It might not be as cool as having an email notification sent by an ifttt recipe executed in the cloud which in turn polls an RSS service regularly which is updated by incoming emails from openssl-announce, but it might just be a tad bit more reliable.

Careful with filters that send to email; on one occurrence (a Rails security advisory), it went to spam in gmail for many people. That's why I use a push notification app currently instead of email as a target.

Otherwise, thanks for sharing this!

kudos to the akamai team for reporting the --nossl3 option issue in CVE-2014-3568.

really makes you wonder what else is lurking in openssl when options don't actually do what they say they do. as phk put it, openssl is the crown jewel https://www.youtube.com/watch?v=fwcl17Q0bpk

There is no testing of whether a disabled feature actually gets disabled. The only openssl test cases that exist are explicitly to test that a feature works, not that it doesn't work.

The 'test' directory of openssl is just a big pile of giant C programs and shell scripts which make up the test cases, and a lot of the features and options are piled together, and there's no documentation. There isn't even an indication of which test case fails when one does fail. I don't see how anyone could get an idea from this of whether a feature works as expected or not, or how many regressions you might have between releases or after new features. As is typical of openssl, it's a big mess.

agreed--as phk put it in his operation orchestra talk (link in previous post) regarding openssl: 1)API is a nightmare, 2)documentation is deficient and misleading, and 3) defaults are deceptive kudos again to the akamai team for reporting the bug.

I can not find any distribution updates yet, neither for Red Hat nor Debian.

Am I just stupid or are they not out yet? I guess I've been spoiled by the many embargoed and coordinated releases that was made recently.

What I really want to know is does this affect LibreSSL?

That would be an interesting comparison.

I assume you're referring to the memory leaks (CVE-2014-3513 & CVE-2014-3567)? (as there's a few items being patched).

My guess is that it doesn't since OpenSSL use a bespoke memory allocator / deallocator which, if I recall correctly, was one of the things that Theo de Raadt was criticising OpenSSL over.

The TLS_FALLBACK_SCSV patch (re POODLE) was ported from BoringSSL (Google's fork of OpenSSL) to address TLS 1.0 downgrading to SSL 3.0. From what I understand, and I might be wrong on this, this is a protocol issue rather than a bug with specific SSL libraries. So LibreSSL might also see a similar TLS_FALLBACK_SCSV patch applied.

POODLE is a protocol design issue, yes. In short, the padding is not covered by the MAC.

It was reported by LibreSSL.

Did you read the post? They specifically state that it was discovered and patched by LibreSSL.

Yes and I actually missed that bit. I hang my head in shame :(