https://live.paloaltonetworks.com/t5/expedition-articles/guidance-for-openssl-vulnerability-disclosures-02-07-23/ta-p/530918 <DIV class="lia-message-template-symptoms-zone"> <H2>Advisory:</H2> <P>Guidance for OpenSSL Vulnerability Disclosures (02/07/23)</P> <P>CVE-2022-4304<BR />CVE-2022-4450<BR />CVE-2023-0215<BR />CVE-2023-0286</P> <P>&nbsp;</P> <P><STRONG>Affected version</STRONG>: Impacts all versions of OpenSSL 1.1.1 (installed default version on Ubuntu 20 is 1.1.1f-1ubuntu2.16)</P> <P>&nbsp;</P> </DIV> <DIV class="lia-message-template-diagnosis-zone"> <H2>Diagnosis</H2> <P>Execute below two commands to check the version of openssl and libssl1.1:</P> <P>&nbsp;</P> <P><SPAN><STRONG>apt list --installed | grep openssl/focal-updates</STRONG></SPAN><BR /><SPAN><STRONG>apt list --installed | grep libssl1.1</STRONG></SPAN></P> <P><SPAN class="error">if the output showing version less than&nbsp;<SPAN><STRONG>1.1.1f-1ubuntu2.17 amd64</STRONG>&nbsp;</SPAN><SPAN>, you will need to perform the steps to upgrade the openssl and libssl1.1</SPAN></SPAN></P> <P>&nbsp;</P> </DIV> <DIV class="lia-message-template-solution-zone"> <H2>Solution</H2> <P>In Expedition CLI execute below commands:</P> <P>&nbsp;</P> <OL> <LI>Update the package index:<BR /><STRONG>sudo apt-get update</STRONG></LI> <LI>Install deb lib packages:<BR /><STRONG>sudo apt-get install openssl</STRONG><BR /><STRONG>sudo apt-get install libssl1.1</STRONG></LI> <LI>Check packages are installed<BR /><STRONG>apt list --installed | grep openssl/focal-updates</STRONG><BR />Expected output: openssl/focal-updates,focal-security,now 1.1.1f-1ubuntu2.17 amd64<SPAN>&nbsp;</SPAN><SPAN class="error">[installed]</SPAN><BR /><STRONG>apt list --installed | grep libssl1.1</STRONG><BR />Expected output: libssl1.1/focal-updates,focal-security,now 1.1.1f-1ubuntu2.17 amd64<SPAN>&nbsp;</SPAN><SPAN class="error">[installed,automatic]</SPAN></LI> </OL> </DIV> Mon, 13 Feb 2023 18:47:19 GMT lychiang 2023-02-13T18:47:19Z https://live.paloaltonetworks.com/t5/expedition-articles/guidance-for-openssl-vulnerability-disclosures-02-07-23/ta-p/530918 <DIV class="lia-message-template-symptoms-zone"> <H2>Advisory:</H2> <P>Guidance for OpenSSL Vulnerability Disclosures (02/07/23)</P> <P>CVE-2022-4304<BR />CVE-2022-4450<BR />CVE-2023-0215<BR />CVE-2023-0286</P> <P>&nbsp;</P> <P><STRONG>Affected version</STRONG>: Impacts all versions of OpenSSL 1.1.1 (installed default version on Ubuntu 20 is 1.1.1f-1ubuntu2.16)</P> <P>&nbsp;</P> </DIV> <DIV class="lia-message-template-diagnosis-zone"> <H2>Diagnosis</H2> <P>Execute below two commands to check the version of openssl and libssl1.1:</P> <P>&nbsp;</P> <P><SPAN><STRONG>apt list --installed | grep openssl/focal-updates</STRONG></SPAN><BR /><SPAN><STRONG>apt list --installed | grep libssl1.1</STRONG></SPAN></P> <P><SPAN class="error">if the output showing version less than&nbsp;<SPAN><STRONG>1.1.1f-1ubuntu2.17 amd64</STRONG>&nbsp;</SPAN><SPAN>, you will need to perform the steps to upgrade the openssl and libssl1.1</SPAN></SPAN></P> <P>&nbsp;</P> </DIV> <DIV class="lia-message-template-solution-zone"> <H2>Solution</H2> <P>In Expedition CLI execute below commands:</P> <P>&nbsp;</P> <OL> <LI>Update the package index:<BR /><STRONG>sudo apt-get update</STRONG></LI> <LI>Install deb lib packages:<BR /><STRONG>sudo apt-get install openssl</STRONG><BR /><STRONG>sudo apt-get install libssl1.1</STRONG></LI> <LI>Check packages are installed<BR /><STRONG>apt list --installed | grep openssl/focal-updates</STRONG><BR />Expected output: openssl/focal-updates,focal-security,now 1.1.1f-1ubuntu2.17 amd64<SPAN>&nbsp;</SPAN><SPAN class="error">[installed]</SPAN><BR /><STRONG>apt list --installed | grep libssl1.1</STRONG><BR />Expected output: libssl1.1/focal-updates,focal-security,now 1.1.1f-1ubuntu2.17 amd64<SPAN>&nbsp;</SPAN><SPAN class="error">[installed,automatic]</SPAN></LI> </OL> </DIV> Mon, 13 Feb 2023 18:47:19 GMT https://live.paloaltonetworks.com/t5/expedition-articles/guidance-for-openssl-vulnerability-disclosures-02-07-23/ta-p/530918 lychiang 2023-02-13T18:47:19Z https://live.paloaltonetworks.com/t5/expedition-articles/guidance-for-openssl-vulnerability-disclosures-02-07-23/tac-p/531373#M384 <P>Hi&nbsp;<A id="link_8" class="lia-link-navigation lia-page-link lia-user-name-link" href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/38629" target="_self" aria-label="View Profile of lychiang"><SPAN class="">Lychiang</SPAN></A>,</P> <P>&nbsp;</P> <P>May I know if this is the remediation/workaround for the abovementioned CVEs?</P> <P>I checked Palo Alto advisories as well but there is no mention of this as this is still an ongoing investigation.</P> <P>Also, what about these CVEs?</P> <P>&nbsp;</P> <P>- CVE-2022-4203<BR />- CVE-2023-0216<BR />- CVE-2023-0217<BR />- CVE-2023-0401</P> Thu, 16 Feb 2023 09:58:32 GMT https://live.paloaltonetworks.com/t5/expedition-articles/guidance-for-openssl-vulnerability-disclosures-02-07-23/tac-p/531373#M384 Johnson_Tan 2023-02-16T09:58:32Z https://live.paloaltonetworks.com/t5/expedition-articles/guidance-for-openssl-vulnerability-disclosures-02-07-23/tac-p/531447#M385 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/223422">@Johnson_Tan</a>&nbsp;Yes this article is to address the mentioned CVE:</P> <P><SPAN>CVE-2022-4304</SPAN><BR /><SPAN>CVE-2022-4450</SPAN><BR /><SPAN>CVE-2023-0215</SPAN><BR /><SPAN>CVE-2023-0286</SPAN></P> <P>&nbsp;</P> <P>Regarding the CVEs you mentioned, there is no fix from openssl yet.&nbsp;</P> Thu, 16 Feb 2023 17:12:21 GMT https://live.paloaltonetworks.com/t5/expedition-articles/guidance-for-openssl-vulnerability-disclosures-02-07-23/tac-p/531447#M385 lychiang 2023-02-16T17:12:21Z