Good to note that this was found with KLEE[1]. KLEE is a good for symbolic execution of code and is very cool[2].
This only triggers a crash if you use RELEASE_BUFFERS (not the default) and a warning alert is written when the socket buffer is full. About the only case where a warning alert is generated is when a client attempts a renegotiation without the renegotiation extension (unless insecure renegotiation is allowed by the app). I've not been able to trigger the bug in a test because code generally stops reading once the socket buffer is full so you need the application to exactly fill the socket buffer (so that it doesn't get EAGAIN), then a warning alert can just exceed it.
I can't see why the headline says this is exclusive to Debian stable - it applies to any distribution that shipped with OpenSSL 1.0 or greater. The RH bugtracker only mentions that RHEL5 is immune because they didn't ship OpenSSL 1.0. It seems that several packages enable SSL_MODE_RELEASE_BUFFERS including ruby and node:
Not only does this not seem to mention Debian at all, it links to a redhad bug tracker. Where is the Debian component coming from re the title? Sounds like maybe someone has their hate on for Debian to me.
I mean, it does impact only the Stable release of Debian [0] but no more than really any other distro or release which uses a vulnerable version of OpenSSL. Any sane person on deb-stable should be on the seclist for updates anyway
My comment from last time:
Good to note that this was found with KLEE[1]. KLEE is a good for symbolic execution of code and is very cool[2].
This only triggers a crash if you use RELEASE_BUFFERS (not the default) and a warning alert is written when the socket buffer is full. About the only case where a warning alert is generated is when a client attempts a renegotiation without the renegotiation extension (unless insecure renegotiation is allowed by the app). I've not been able to trigger the bug in a test because code generally stops reading once the socket buffer is full so you need the application to exactly fill the socket buffer (so that it doesn't get EAGAIN), then a warning alert can just exceed it.
[1] http://marc.info/?l=openssl-dev&m=139809493725682&w=2 [2] http://klee.github.io/klee/