On Thu, 28 Jan 2016 10:35:21 -0500 Nick Mathewson nickm@torproject.org wrote:
Somebody always asks whether Tor is affected by each OpenSSL advisory, so I'm sending this mail in order to get a URL to send people to. :)
Here are today's advisories: https://mta.openssl.org/pipermail/openssl-announce/2016-January/000061.html
With respect to the first ( "DH small subgroups (CVE-2016-0701)" ), Tor is not affected because we set the SSL_OP_SINGLE_DH_USE() option. We started setting this option back in Tor 0.1.1.9-alpha, back in 2005.
It's also worth noting that newer (0.2.7.x) versions of Tor should not be doing DHE except when talking to old versions of Tor, linked against old versions of OpenSSL as ECDH is both mandatory and preferred in the current stable series.
All versions of OpenSSL that predate support for ECC have been EOLed and no longer receive security fixes, so if your system is using OpenSSL 0.9.8 (or 1.0.0 for that matter though it has ECC), you are strongly encouraged to upgrade to something that is being maintained.
Regards,