For details see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
"This release addresses five security issues in ntpd:
LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral
association attack
While fixed in ntp-4.2.8p7, there are significant additional protections for
this issue in 4.2.8p11.
Reported by Matt Van Gundy of Cisco.
INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer read overrun
leads to undefined behavior and information leak
Reported by Yihan Lian of Qihoo 360.
LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated ephemeral associations
Reported on the questions@ list.
LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode cannot recover
from bad state
Reported by Miroslav Lichvar of Red Hat.
LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet can reset
authenticated interleaved association
Reported by Miroslav Lichvar of Red Hat.
one security issue in ntpq:
MEDIUM: Sec 3414 / CVE-2018-7183 / VU#961909: ntpq:decodearr() can write beyond its
buffer limit
Reported by Michael Macnair of Thales-esecurity.com.
and provides over 33 bugfixes and 32 other improvements."
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
As described in bug 11257 there is a mistake in the qos templates. The sum of the guaranteed bandwidth of the classes 101 - 120 is bigger than the available bandwidth. I adjusted the guaranteed bandwidth of the classes 101 - 104 so that each of them has a
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
As suggested by Oliver "giller" Fieker <oli@new-lan.de>
in bug 10592 I added the functionality to use the squid as ram-only cache.
Further it defines the maximum_object_size_in_memory
as 2% of the in the webif defined "Memory cache size".
The maximum_object_size_in_memory should have a useful
size of the defined memory cache and I don't want to
create another variable which muste be fulled in by the user.
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Suggested-by: Oliver "giller" Fieker <oli@new-lan.de> Suggested-by: Kim Wölfel <xaver4all@gmx.de> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Cc: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sun, 4 Mar 2018 17:26:52 +0000 (18:26 +0100)]
test if nameservers with DNSSEC support return "ad"-flagged data
DNSSEC-validating nameservers return an "ad" (Authenticated Data)
flag in the DNS response header. This can be used as a negative
indicator for DNSSEC validation: In case a nameserver does not
return the flag, but failes to look up a domain with an invalid
signature, it does not support DNSSEC validation.
This makes it easier to detect nameservers which do not fully
comply to the RFCs or try to tamper DNS queries.
See bug #11595 (https://bugzilla.ipfire.org/show_bug.cgi?id=11595) for further details.
The second version of this patch avoids unnecessary usage of
grep. Thanks to Michael Tremer for the hint.
Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 28 Feb 2018 11:55:35 +0000 (11:55 +0000)]
apache: Require TLSv1.2 for access to the web user interface
This will work fine for FF 27 or newer, Chrome 30 or newer,
IE 11 on Windows 7 or newer, Opera 17 or newer, Safari 9 or
newer, Android 5.0 or newer and Java 8 or newer
Since IPFire is not supposed to host any other applications and
all have been removed in the last few Core Updates, only the web
user interface is served over HTTPS here. We clearly prefer
security over compatibility.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Tue, 7 Nov 2017 19:51:32 +0000 (20:51 +0100)]
change Apache TLS cipher list to "Mozilla Modern"
Change the TLS cipher list of Apache to "Mozilla Modern".
ECDSA is preferred over RSA to save CPU time on both server
and client. Clients without support for TLS 1.2 and AES will
experience connection failures.
Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
set OpenSSL 1.1.0 DEFAULT cipher list to secure value
Only use secure cipher list for the OpenSSL DEFAULT list:
* ECDSA is preferred over RSA since it is faster and more scalable
* TLS 1.2 suites are preferred over anything older
* weak ciphers such as RC4 and 3DES have been eliminated
* AES-GCM is preferred over AES-CBC (known as "mac-then-encrypt" problem)
* ciphers without PFS are moved to the end of the cipher list
This patch leaves AES-CCM, AES-CCM8 and CHACHA20-POLY1305 suites
where they are since they are considered secure and there is no
need to change anything.
The DEFAULT cipher list is now (output of "openssl ciphers -v"):
OpenVPN: Ship missing OpenSSL configuration file for update
Core 115 delivered a patch which prevents the '--ns-cert-type server is deprecated' message
and introduced also '--remote-cert-tls server' -->
https://patchwork.ipfire.org/patch/1441/ whereby the changed ovpn.cnf has not been delivered.
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
AES-GCM 128, 196 and 256 bit has been added to Net-to-Net and Roadwarrior section.
HMAC selection for N2N will be disabled if AES-GCM is used since GCM provides an own message authentication (GMAC).
'auth *' line in N2N.conf will be deleted appropriately if AES-GCM is used since '--tls-auth' is not available for N2N.
HMAC selection menu for Roadwarriors is still available since '--tls-auth' is available for RWs
which uses the configuered HMAC even AES-GCM has been applied.
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 21 Feb 2018 11:24:48 +0000 (11:24 +0000)]
backup: Don't backup apache configuration, keys only
In the past the apache configuration was part of the backup
and may have been restored after Core Update 118 was installed
with PHP being dropped amongst other things.
This patch will make sure that only keys are being backuped.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 19 Feb 2018 23:44:57 +0000 (23:44 +0000)]
strongswan: Update to 5.6.2
Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS
signatures that was caused by insufficient input validation.
One of the configurable parameters in algorithm identifier
structures for RSASSA-PSS signatures is the mask generation
function (MGF). Only MGF1 is currently specified for this purpose.
However, this in turn takes itself a parameter that specifies
the underlying hash function. strongSwan's parser did not
correctly handle the case of this parameter being absent,
causing an undefined data read.
This vulnerability has been registered as CVE-2018-6459.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 19 Feb 2018 23:42:17 +0000 (23:42 +0000)]
IPsec: Try to restart always-on tunnels immediately
When a tunnel that is in always-on configuration closes
unexpectedly, we can instruct strongSwan to restart it
immediately which is precisely what we do now.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Erik Kapfer [Thu, 15 Feb 2018 04:43:49 +0000 (05:43 +0100)]
OpenVPN: Added needed directive for v2.4 update
script-security: The support for the 'system' flag has been removed due to security implications
with shell expansions when executing scripts via system() call.
For more informations: https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage .
ncp-disable: Negotiable crypto parameters has been disabled for the first.
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Erik Kapfer [Thu, 8 Feb 2018 08:54:58 +0000 (09:54 +0100)]
OpenVPN: Mark unsecure ciphers and DH-parameter as 'weak' in WUI menu
64 bit block ciphers like Blowfish, TDEA and CAST5 are vulnerable to the so called 'Birthday attacks' .
Infos for 'Sweet32' Birthday attacks can be found in here
https://sweet32.info/ .
An Overview of 64 bit clock ciphers can also be found in here
http://en.citizendium.org/wiki/Block_cipher/Catalogs/Cipher_list#64-bit_blocks
1024 bit Diffie-Hellman parameter has also been marked as weak causing the 'Logjam Attack' .
Infos for 'Logjam Attack' can be found in here
https://weakdh.org/ .
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Erik Kapfer [Wed, 7 Feb 2018 17:31:49 +0000 (18:31 +0100)]
CRL updater: Update script for OpenVPNs CRL
Update script for OpenVPNs CRL cause OpenVPN refactors the CRL handling since v.2.4.0 .
Script checks the next update field from the CRL and executes an update before it expires.
Script is placed under fcron.daily for daily checks.
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>