No More Security Fixes For Older OpenSSL Branches (csoonline.com)

← Back to Stories (view on slashdot.org)

No More Security Fixes For Older OpenSSL Branches (csoonline.com)

Posted by timothy on Friday December 4, 2015 @09:34PM from the son-you're-on-your-own dept.

itwbennett writes: The OpenSSL Software Foundation has released new patches for the popular open-source cryptographic library, but for two of its older branches, OpenSSL 1.0.0t and 0.9.8zh, they will likely be the last security updates because support for these these two branches will end on Dec. 31. Previous research has shown that many companies using in-house built software keep poor records of which library versions their developers used in which of their applications. 'This makes it very likely that some systems and applications with OpenSSL 0.9.8 and 1.0.0 will never be updated, leaving them exposed to any critical vulnerabilities found in the library in the future,' writes Lucian Constantin.

60 comments

Min score:

Reason:

Sort:

This is awful and irresponsible. by Garridan · 2015-12-04 21:36 · Score: 0

If you're going to break the fucking library by declaring it insecure trash for life, break the library. Make it crash hard when it's used. The problem software will percolate up to the users' attention.
1. Re:This is awful and irresponsible. by Aethedor · 2015-12-04 21:57 · Score: 2
  
  Sticking with OpenSSL while other more secure and reliable SSL/TLS libraries exist, that's awful and irresponsible. I switched to mbed TLS (former PolarSSL) years ago and never cared to look back. I seriously can't understand why developers keep on using OpenSSL.
  
  --
  It doesn't have to be like this. All we need to do is make sure we keep talking.
2. Re:This is awful and irresponsible. by KGIII · 2015-12-04 22:01 · Score: 1
  
  My first thought: "Well, that's going to be just great for their reputation."
  
  --
  "So long and thanks for all the fish."
3. Re:This is awful and irresponsible. by Anonymous Coward · 2015-12-04 22:02 · Score: 1
  
  Break the library? Eh? It's not broken.
  Just - when an exploit for it gets found, why don't [i]you[/i] fix it? Or better yet, migrate your projects to the supported branch and continue on receiving free updates.
4. Re:This is awful and irresponsible. by AchilleTalon · 2015-12-04 22:14 · Score: 3, Insightful
  
  I don't believe the problem software will percolate up to the users' attention given the very root problem is companies using in-house software DO NOT keep track of what version of OpenSSL their own developers are using. So, even if you patch the old versions, you have absolutely no guarantee your own developers will use the patched version. So, given this, why should OpenSSL developers continue to patch OLD versions which NOBODY keeps track? Seems to me waste of time and resources that could be dedicated to the latest versions instead. It takes two to tango. The security problem is not only on the OpenSSL developers team's shoulders. My experience, is in-house developers don't give a fuck about security unless you force them, and even it that case, they are often doing it wrong.
  
  --
  Achille Talon
  Hop!
5. Re:This is awful and irresponsible. by AchilleTalon · 2015-12-04 22:23 · Score: 1
  
  No I am not replying to myself. I just want to make my point clearer. Oracle stopped supporting Java 6 and 7 for security reasons. They are no longer patched and the recommendation is to move to Java 8. Do you know how many websites out there are still powered by Java 6 and 7? How many web browsers are still using Java 6 and 7? Where I currently work, a very large company, there is a ton of them. Who is complaining about this? (BTW, we are even having a lot, thousands, of workstations running on unpatched Windows XP).
  
  --
  Achille Talon
  Hop!
6. Re:This is awful and irresponsible. by Anonymous Coward · 2015-12-05 00:06 · Score: 0
  
  The companies which don't know what they are using, are unlikely to update anyway, because that categorize them under companies which do know what they are using.
7. Re: This is awful and irresponsible. by Anonymous Coward · 2015-12-05 00:44 · Score: 0
  
  So how do you update it yourself if there is no patch? I thought the problem was OpenSSL would bit make such patch available.
8. Re: This is awful and irresponsible. by Anonymous Coward · 2015-12-05 00:46 · Score: 0
  
  They should switch to OpenSSL 1.0.1 or 1.0.2 which are supported. There is nothing new here, OpenSSL 0.9.7 was also dropped some time ago and the 0.9.8 branch has been supported for about ten years now.
9. Re: This is awful and irresponsible. by Anonymous Coward · 2015-12-05 00:53 · Score: 0
  
  OpenJDK 6 is by the way still supported.
10. Re: This is awful and irresponsible. by kthreadd · 2015-12-05 00:56 · Score: 2
  
  I would guess most of those web sites are running on GNU/Linux with OpenJDK which is supported. Both OpenJDK 6 and 7 are still supported. It's only the binaries that you get from Oracle that aren't supported anymore, at least not without a support contract.
11. Re:This is awful and irresponsible. by thegarbz · 2015-12-05 01:06 · Score: 1
  
  I seriously can't understand why developers keep on using OpenSSL.
  FIPS 140-2 compliance.
12. Re: This is awful and irresponsible. by Anonymous Coward · 2015-12-05 01:12 · Score: 1
  
  It's also very good.
13. Re:This is awful and irresponsible. by Anonymous Coward · 2015-12-05 02:22 · Score: 1
  
  If you're going to break the fucking library by declaring it insecure trash for life, break the library. Make it crash hard when it's used. The problem software will percolate up to the users' attention.
  And how will that work? Oh yeah, like this:
  "Hey, the new version of OpenSSL 0.98 breaks our build! Fuck it. Stick with what we have. It works."
  Because no matter what you do, the last version that works is the last version that works. Putting out a deliberately broken version won't change that.
14. Re: This is awful and irresponsible. by rjstanford · 2015-12-05 02:38 · Score: 1
  
  Of course since Java is almost painfully backwardly compatible, it's just as easy for them to move to a Java 8 runtime as to move to a new Java 6 runtime. Those who don't care about security probably haven't been keeping up with patches in the first place.
  
  --
  You're special forces then? That's great! I just love your olympics!
15. Re:This is awful and irresponsible. by SwashbucklingCowboy · 2015-12-05 02:58 · Score: 1
  
  You really don't understand this, do you?
  This is typical when something goes end-of-life (EOL). They're not "breaking" it, they're just not supporting it anymore. Even if they did "break" it users would have to update to the broken and version and when it didn't work they'd just move back to the previous version.
  What's irresponsible is users not knowing (or caring) about what third party software they're using and whether it's secure or not.
16. Re:This is awful and irresponsible. by Skuld-Chan · 2015-12-05 04:00 · Score: 1
  
  Serious question - why should any software vendor have to support anything 8-10 years old for free? Why not do what Microsoft does and just patch the crypto libs along with the OS on a regular cycle.
  As someone who has done quality assurance - testing these patches has to be an absolute nightmare.
17. Re:This is awful and irresponsible. by Anonymous Coward · 2015-12-05 04:23 · Score: 0
  
  If you are still using those old branches, you aren't updating your library anyway. So even if they were to release security patches for the old branches, you aren't updating so you aren't getting the patches.
18. Re: This is awful and irresponsible. by armanox · 2015-12-05 04:51 · Score: 1
  
  Java (the language) is compatible, but it's my understanding that going from Java 6 to Java 7 some of the package names changed (and some packages were dropped). I could be wrong (I haven't developed in Java since 6) but didn't all of the com.sun packages change to com.oracle or something like that?
  
  --
  I'm starting to think GNU is the problem with "GNU/Linux" these days.
19. Re:This is awful and irresponsible. by Anonymous Coward · 2015-12-05 05:15 · Score: 0
  
  And yay for containers! They make it so easy to keep tons of whole separate instances that come from who knows where and are updated according to know telling who knows what schedule. Then you rest assured that every admin will be careful to keep all their container instances up to date.
  That "awful and irresponsible" thing of which you speak is just going to get worse.
20. Re: This is awful and irresponsible. by Anonymous Coward · 2015-12-05 07:47 · Score: 0
  
  You write a patch.
21. Re: This is awful and irresponsible. by swillden · 2015-12-05 11:49 · Score: 1
  
  didn't all of the com.sun packages change to com.oracle or something like that?
  Yes, but you really shouldn't be using those packages anyway. They're non-standard, internal implementation details.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
22. Re: This is awful and irresponsible. by Anonymous Coward · 2015-12-05 12:17 · Score: 0
  
  Which is going away in 2016.
23. Re:This is awful and irresponsible. by turbidostato · 2015-12-05 16:13 · Score: 1
  
  "Serious question - why should any software vendor have to support anything 8-10 years old for free"
  Because they introduced the bugs for free to start with.
24. Re:This is awful and irresponsible. by Anonymous Coward · 2015-12-06 14:09 · Score: 0
  
  Free is irrelevant in this case, as is who introduced the bugs. It's about old versions that have been deprecated. In fact this might be a problem if the authors have not announced deprecation, which I could see being a potential problem in the FOSS world.
25. Re:This is awful and irresponsible. by turbidostato · 2015-12-07 05:52 · Score: 1
  
  "Free is irrelevant in this case, as is who introduced the bugs."
  Free is as irrelevant in this case as in the one above. Who introduced the bugs is not at all irrelevant. Someone can either be proud of his trade and then not allow software oneself produced having bugs or someone can indulge himself and say "you know what? I consider this to be deprecated".
  "In fact this might be a problem if the authors have not announced deprecation"
  In my book, deprecated means "no more features will be added to this branch". Also in my book, bugs should be fixed for as long as they appear and you are still on the trade on *any* version you deemed to be public: if you had the time to introduce the bugs, you should have time to repair them.
In other news... by zyche · 2015-12-04 22:22 · Score: 1

https://marc.info/?l=openbsd-t...
So one bug was in code deemed dodgy in external peer-review and the other was in code not really needed. Right.
If you are so outraged by Anonymous Coward · 2015-12-04 22:56 · Score: 0

Maintain it yourself
Truth is, everyone on those versions has had plenty of warning and should have moved off years ago. The changes needed to use the newer versions are minimal and anyone complaining can afford the effort.
1. Re:If you are so outraged by dgatwood · 2015-12-05 05:27 · Score: 1
  
  Truth is, everyone on those versions has had plenty of warning and should have moved off years ago. The changes needed to use the newer versions are minimal and anyone complaining can afford the effort.
  Well, sort of. This will be somewhat more interesting than usual, because Apple ships 0.9.8* on OS X and iOS. They were unable to upgrade, because it would break binary compatibility with shipping apps. So the question is whether Apple will back-port patches to their implementation manually or remove OpenSSL entirely and risk breaking apps.
  Now obviously, Apple can afford the effort to back-port patches. However, it makes little sense that they would do so without contributing their changes upstream, and if they did so, then it makes little sense that OpenSSL wouldn't accept those changes, turn a build, and keep providing security fixes for 0.9.8, because it should be approximately zero effort for the OpenSSL team.
  So this makes me suspect that Apple is going to finally break OpenSSL binary compatibility in 10.12 and iOS 10. Word to the wise: if your ancient app still inks against the deprecated OpenSSL library, it is probably time to bite t
  
  --
  Check out my sci-fi/humor trilogy at PatriotsBooks.
2. Re: If you are so outraged by kthreadd · 2015-12-05 07:36 · Score: 1
  
  Apple has deprecated their OpenSSL distribution for some time now urging users to either bundle their own copy or switch to the Secure Transport framework. I wouldn't be surprised if they just drop it.
3. Re: If you are so outraged by dgatwood · 2015-12-05 08:07 · Score: 1
  
  Yeah. I wrote that deprecation blurb for Apple back when 10.7 came out. It has probably been long enough that they can safely drop it, but if they do, it will still be interesting to see how many developers ignored the deprecation. :-)
  
  --
  Check out my sci-fi/humor trilogy at PatriotsBooks.
OpenWRT by Anonymous Coward · 2015-12-04 23:22 · Score: 0

Doesn't OpenWRT only use those branches?
1. Re: OpenWRT by kthreadd · 2015-12-05 01:06 · Score: 1
  
  OpenWRT uses OpenSSL 1.0.2e which is the latest version of the latest branch, so as long as you have updated you're fine. https://dev.openwrt.org/browse...
2. Re: OpenWRT by jd · 2015-12-05 03:14 · Score: 1
  
  I'd have thought they'd be using LibreSSL, the fork OpenBSD developers made of OpenSSL.
  
  --
  It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
3. Re: OpenWRT by armanox · 2015-12-05 04:52 · Score: 1
  
  LibreSSL is still growing, and is limited in what platforms (OS and arch) that it supports.
  
  --
  I'm starting to think GNU is the problem with "GNU/Linux" these days.
This is why you can't use opensource by Anonymous Coward · 2015-12-05 01:29 · Score: 0

software terrorism. Microsoft wouldn't do this. Apple wouldn't do this (on purpose). Is anyone else tired of dodging agendas of the freedom fighters?
1. Re:This is why you can't use opensource by armanox · 2015-12-05 04:54 · Score: 1
  
  Apple and Microsoft both do this, what are you talking about?
  
  --
  I'm starting to think GNU is the problem with "GNU/Linux" these days.
No worries by Meneth · 2015-12-05 01:47 · Score: 1

Distros that still use older versions (like Ubuntu LTS) can backport patches by themselves. Shouldn't be much of a problem. Ah, the beauty of free software. :)
1. Re: No worries by kthreadd · 2015-12-05 02:04 · Score: 2
  
  There is no Ubuntu LTS using one of the unsupported branches. Ubuntu 10.04 was the last one using the 0.9.8 branch and Ubuntu dropped support for it in April. Ubuntu 12.04 and 14.04 uses the 1.0.1 branch which is still supported by upstream.
2. Re:No worries by PyramidOfDoom · 2015-12-05 02:31 · Score: 1
  
  I think OpenSSL might be a special case here. By an odd coincidence I was watching the OpenBSD devs talks on LibreSSL yesterday and they actually covered backporting fixes from OpenSSL.
  http://www.openbsd.org/papers/eurobsdcon2014-libressl.html - See the section title "apply the brakes". (for those interested, the slides here are from this video: https://www.youtube.com/watch?v=WFMYeMNCcSY)
  My overall impression is that the OpenSSL developers don't really make peoples lives easy when it comes to backporting security fixes because they'll be bundled with a heap of other, poorly tested crap at the same time. This isn't helped by the quality of their code.
3. Re:No worries by ledow · 2015-12-05 03:49 · Score: 1
  
  Nobody's done that properly for Python 2.7 SSL libraries, for instances.
  They just disabled certain functions which break a lot of, say, Python programs auto-updating from Github SSL sites. Fixes for several bits of software affected by this (e.g. Emscripten) just say "modify the source program, modify your python library to skip those bits, or put in massive function overrides for those functions to make it always enable a certain option".
  Getting Emscripten to install/update/pull down new libraries when you first use them, on older LTS, is a bit of a nightmare. Given that emscripten is on the apt-get lists, you'd think they'd patch it so it works on them. They haven't.
4. Re:No worries by Anonymous Coward · 2015-12-05 06:36 · Score: 0
  
  Patch releases have not included unrelated new features for some time now. New features go into micro releases, the patch releases fix bugs. Spreading FUD about OpenSSL is not a responsible way to evangelize LibreSSL, surely there are some positive things they are doing that stand on their own.
Still on Windows 95? 1.0.0 was replaced in 1998 by raymorris · 2015-12-05 02:04 · Score: 3, Informative

1.0.0 which is no longer being updated, was replaced by 1.0.1 in December of 1998. In other words, if you want to be secure, use a version from 1998 or later.
That seems pretty reasonable to me.
Re: Still on Windows 95? 1.0.0 was replaced in 199 by kthreadd · 2015-12-05 02:06 · Score: 3, Informative

If you're talking about OpenSSL then you're off by a decade. 1.0.0 was released in 2010.
False. MS doesn't patch Win95. Or XP by raymorris · 2015-12-05 02:10 · Score: 1

Your assertion is false.
The 1.0.1 branch from 1998 will still get patches. Openssl versions earlier than 1998 will not. So it's precisely the same as if Microsoft said they're only going to release patches for Windows98 and above, and stop supporting Windows 95. I'm pretty sure they've done exactly that. And both companies dropped support for much newer versions as well. ONLY open source would still be releasing patches for an 18-year old version of the software.
1. Re: False. MS doesn't patch Win95. Or XP by kthreadd · 2015-12-05 02:12 · Score: 1
  
  OpenSSL wasn't even around in 1998. OpenSSL 1.0.1 was released in 2012.
misread. 1.0.1 (supported) is March 2012 by raymorris · 2015-12-05 02:22 · Score: 2

You're correct, I read something wrong. 1.0.1, which is supported, is from March 2012.
1. Re:misread. 1.0.1 (supported) is March 2012 by KGIII · 2015-12-05 02:25 · Score: 1
  
  Oh, I understand. I just think it will negatively impact their reputation. Call it a hunch but ... No, if I type it then normal behaviors might not be followed. ;-) So, yeah, I suspect it will be taken as a negative and that's not really something they need right now. For better or worse, justifiable or not, that's just what's probably going to happen - and probably by people who don't actually know any better.
  
  --
  "So long and thanks for all the fish."
2. Re: misread. 1.0.1 (supported) is March 2012 by jd · 2015-12-05 03:11 · Score: 1
  
  The obvious (to me) solution is to make prior versions of OpenSSL compatibility wrappers for the current version. Thus, the new code is used (and is therefore more secure) but the old interface exists for applications outside the control of users.
  
  --
  It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
3. Re: misread. 1.0.1 (supported) is March 2012 by kthreadd · 2015-12-05 04:01 · Score: 2
  
  New versions of OpenSSL are in general source compatible with older versions. They are however not necessarily binary compatible. That means that you have to rebuild your program when going from OpenSSL 0.9.8 to 1.0.2 but in general without any source changes. OpenSSL has an unusual version numbering where 0.9.7, 0.9.8, 1.0.0, 1.0.1 and 1.0.2 are different major versions. 0.9.7, 0.9.8 and 1.0.0 are binary incompatible but starting with 1.0.0 all 1.0.x releases have been binary compatible.
yes it was. Here's the changelog by raymorris · 2015-12-05 02:40 · Score: 1

> OpenSSL wasn't even around in 1998.
Here's the OpenSSL changelog, including changes in 1998 releases such as 0.9.8g. The 0.9.x.y branch lasted a long time.
https://www.openssl.org/news/c...
As you said , 1.0.1 wasn't released until 2012.
1. Re: yes it was. Here's the changelog by kthreadd · 2015-12-05 02:45 · Score: 1
  
  True, I somehow remembered it being released in 1999 but it was clearly around before then.
2. Re: yes it was. Here's the changelog by Anonymous Coward · 2015-12-05 04:11 · Score: 0
  
  I think it was SSLeay before then:
  https://en.wikipedia.org/wiki/SSLeay
They do this all the time by jd · 2015-12-05 03:17 · Score: 1

That's why Microsoft has so much abandonware and so many defunct branches of software. Same with Apple. Difference is, anyone can revive those OpenSSL branches, whereas Microsoft destroys source code that could be subject to future lawsuits.

--
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Using OpenSSL by Anonymous Coward · 2015-12-05 05:02 · Score: 0

Fips-140, cross platform (windows + linux), and lots and lots
of crypto and PKI certificate utilities built in makes it pretty appealing.
Open Whores. by Anonymous Coward · 2015-12-05 05:05 · Score: 0

Difference is, anyone can revive those OpenSSL branches, whereas Microsoft destroys source code that could be subject to future lawsuits.
The world is truly a darker place because some amateur hacks can't resurrect Windows 3.11 for Workgroups.
Zork by jd · 2015-12-05 08:53 · Score: 1

It resulted in lawsuits, such as DRDOS, being extended over decades, and many potentially exciting businesses being driven into bankruptcy.
To this day, it results in WINE incompatibilities where none should exist. This is a genuine problem.
Far as Windows 3.11 is concerned, lots of systems you really don't want failing (such as control systems for hydroelectric dams and nuclear reactors) use ancient versions of operating systems (NT 3.x, for example) because it's too dangerous to reimplement the control software. The consequences of an error are too great and modern operating systems are too complex to be made reliable enough.
These systems rely on legacy hardware, much of which is no longer made. They rely on no novel fault conditions arising. Because they're increasingly on the public internet, this cannot possibly be guaranteed. Without maintenance, without the prospect of anyone even knowing how to handle error conditions, these are ticking time bombs.
So, yes, the world is less safe and less satisfactory because of abandoned lines for which no source exists and for which workarounds are more dangerous than just allowing a catastrophic failure to arise.

--
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
1. Re:Zork by WorBlux · 2015-12-05 15:08 · Score: 1
  
  "The consequences of an error are too great and modern operating systems are too complex to be made reliable enough." No, that's not true. Linux, Windows NT, and Darwin/OS X are not reliable enough, but neither is DOS for current standards. You'd be looking at RTOS, QNX, L4 or similar embedded real-rime operating systems that were designed from the ground up for reliability. You could absolutely re-implement these control system and make them better than they were before. The issue is why spend the money to fix what ain't broken?
The key point of which, current is compatible with by raymorris · 2015-12-05 12:39 · Score: 1

The key phrase in all of that may be:
> starting with 1.0.0 all 1.0.x releases have been binary compatible.
Meaning that the current version 1.0.2 is an exact drop-in replacement for the 2010 version 1.0.0 - no wrapper is needed. For software from before 1.0.0 (2010), it will need to be recompiled.
OpenSSL does security fixes? by Anonymous Coward · 2015-12-05 12:51 · Score: 0

What's next? Fixing reported bugs?