"openssl smime -verify -in" verifies the signature of the input file and the "-verify" switch expects a signed or encrypted input file. Previously, running openssl on an S/MIME file that was not encrypted or signed caused openssl to segfault. With this update, the input file is now checked for a signature or encryption. Consequently, openssl now returns an error and quits when attempting to verify an unencrypted or unsigned S/MIME file. This was fixed in RHSA-2009:1335: http://rhn.redhat.com/errata/RHSA-2009-1335.html
Created attachment 566411 [details] openssl PR: 2711 Tolerate bad MIME headers in parser Patch is from RHEL-6 OpenSSL source RPM
This problem was previously reported via (private) bug #472440 and addressed as non-security bug fix in Red Hat Enterprise Linux 5 packages in 2009 via RHSA-2009:1335: http://rhn.redhat.com/errata/RHSA-2009-1335.html This patch was also included in openssl and openssl098e packages in Red Hat Enterprise Linux 6 since the initial release. It's also included in current Fedora packages. Patch is names as openssl-*-bad-mime.patch Later in 2012, it was discovered that the fix was previously not pushed upstream and that was done via: http://marc.info/?l=openssl-dev&m=132886769402643&w=2 http://rt.openssl.org/Ticket/Display.html?id=2711&user=guest&pass=guest and applied upstream in: http://cvs.openssl.org/chngview?cn=22147 (cvs head) and cn 22144, 22145, 22146 for commits to 0.9.8, 1.0.0 and 1.0.1 branches There was some confusion around CVE assignment due to a use of the CVE in unrelated bug report: http://thread.gmane.org/gmane.comp.security.oss.general/7012 http://thread.gmane.org/gmane.comp.security.oss.general/7005/focus=7035 CVE-2006-7248 was previously used for this issue. Statement: This issue was corrected in Red Hat Enterprise Linux 5 via RHSA-2009:1335. It did not affect openssl packages shipped with Red Hat Enterprise Linux 6.