USN-179-1: openssl weak default configuration

10 September 2005

openssl weak default configuration

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

The current default algorithm for creating “message digests” (electronic signatures) for certificates created by openssl is MD5. However, this algorithm is not deemed secure any more, and some practical attacks have been demonstrated which could allow an attacker to forge certificates with a valid certification authority signature even if he does not know the secret CA signing key.

Therefore all Ubuntu versions of openssl have now been changed to use SHA-1 by default. This is a more appropriate default algorithm for the majority of use cases; however, if you still want to use MD5 as default, you can revert this change by changing the two instances of “default_md = sha1” to “default_md = md5” in /etc/ssl/openssl.cnf.

A detailed explanation and further links can be found at

http://www.cits.rub.de/MD5Collisions/

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
openssl
Ubuntu 4.10
openssl

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References