Your message dated Wed, 14 Sep 2011 17:19:30 +0000
with message-id <[email protected]>
and subject line Bug#641540: fixed in tahoe-lafs 1.8.3-1
has caused the Debian Bug report #641540,
regarding tahoe-lafs: Security vulnerability in 1.8.2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
641540: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641540
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: tahoe-lafs
Version: 1.8.2-3
Severity: important
Tags: security
Upstream released a new minor version after the discovery of a
vulnerability in the 1.8.2 and older version.
Here's the announcement explaining the insights:
Dear Security Team,
The Tahoe-LAFS core team has discovered a bug in Tahoe-LAFS v1.8.2 and
all earlier versions starting with Tahoe-LAFS v1.3.0 that could allow
users to unauthorizedly delete immutable files in some cases.
In Tahoe-LAFS, each file is encoded into a redundant set of "shares"
(like in RAID-5 or RAID-6), and each share is stored on a different
server. There is a secret string called the "cancellation secret"
which is stored on the server by being appended to the end of the
share data. The bug is that the server allows a client to read past
the end of the share data and thus learn the cancellation secret. A
client which knows the cancellation secret can use it to cause that
server to delete the shares it stores of that file.
We have prepared a set of patches (attached) which do three things:
1. Fix the bounds violation in reading of immutable files which
allowed the clients to learn the cancellation secrets.
2. Remove the function which takes a cancellation secret and deletes
shares. This function (named "remote_cancel_lease") was not actually
used, as all users currently rely on a different mechanism for
deleting unused data (a garbage collection mechanism in which unused
shares get deleted by the server once no client has renewed its lease
on them in more than a month).
3. Fix some similar bounds violations in mutable files that could
potentially lead to similar vulnerability. This vulnerability is
probably not a concern in practice, because it doesn't arise unless
the legitimate, authorized client deliberately writes a "hole" into
the mutable file (by seeking past the end of the current data and not
writing over all the bytes thus uncovered). No extant version of
Tahoe-LAFS does this, so presumably no legitimate user would be
exposed to that vulnerability.
We intend to release and announce Tahoe-LAFS v1.8.3, containing only
these bugfixes compared to Tahoe-LAFS v1.8.2, and we'd like to
synchronize with you as much as possible in order to minimize the
window of time after this issue is publicly known and before
Tahoe-LAFS users can easily upgrade to a fixed version.
The patches backport cleanly to Tahoe-LAFS v1.7.1 and to Tahoe-LAFS
v1.6.1, which had exactly the same issues. We would actually encourage
you to upgrade to any older stable releases of Tahoe-LAFS to the
latest v1.8.3, because our very strong policy of backward
compatibility and quality control means that this is unlikely to
impose any surprises on your users. Nonetheless, we recognize that you
may prefer to backport the patches to older versions of Tahoe-LAFS
that you maintain.
Please let us know how to facilitate your adoption of these security
fixes. We intend to release these new versions of Tahoe-LAFS as soon
as possible -- hopefully by the end of Tuesday, the 13th of September,
2011.
Regards,
Zooko Wilcox-O'Hearn
on behalf of the Tahoe-LAFS team
--- End Message ---
--- Begin Message ---
Source: tahoe-lafs
Source-Version: 1.8.3-1
We believe that the bug you reported is fixed in the latest version of
tahoe-lafs, which is due to be installed in the Debian FTP archive:
tahoe-lafs_1.8.3-1.debian.tar.gz
to main/t/tahoe-lafs/tahoe-lafs_1.8.3-1.debian.tar.gz
tahoe-lafs_1.8.3-1.dsc
to main/t/tahoe-lafs/tahoe-lafs_1.8.3-1.dsc
tahoe-lafs_1.8.3-1_all.deb
to main/t/tahoe-lafs/tahoe-lafs_1.8.3-1_all.deb
tahoe-lafs_1.8.3.orig.tar.gz
to main/t/tahoe-lafs/tahoe-lafs_1.8.3.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Micah Anderson <[email protected]> (supplier of updated tahoe-lafs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 21 Jun 2011 14:01:31 +0200
Source: tahoe-lafs
Binary: tahoe-lafs
Architecture: source all
Version: 1.8.3-1
Distribution: unstable
Urgency: high
Maintainer: Bert Agaz <[email protected]>
Changed-By: Micah Anderson <[email protected]>
Description:
tahoe-lafs - Secure distributed filesystem
Closes: 630825 631163 641540
Changes:
tahoe-lafs (1.8.3-1) unstable; urgency=high
.
[ Bert Agaz ]
* New upstream release (Closes: #641540), urgency high due to security fix
* Refresh Debian patches.
* Add header to Debian patches.
* Remove Debian version of python-pycryptopp dependency (Closes: #630825).
* Remove python-twisted dependency.
python-foolscap already depends on the needed twisted packages.
* Remove link to /usr/share/common-licenses/BSD.
* Add Vcs-{Git,Browser} to debian/control.
* Add a patch to reduce Twisted dependencies (Closes: #631163).
(credit goes to Julian Taylor <[email protected]>).
Checksums-Sha1:
612eb51f49c39b5652e7a47e73c43a5fd28a619c 1938 tahoe-lafs_1.8.3-1.dsc
f33f1bc1a4708def6616fd79b3f6d1da4c5f0f88 1264493 tahoe-lafs_1.8.3.orig.tar.gz
7be1881ff8e7f6ba8d31928b81cd5d6de7c6c78c 14646 tahoe-lafs_1.8.3-1.debian.tar.gz
0274e3d0159462f171c5017a4c0b3702ba6b747b 1040584 tahoe-lafs_1.8.3-1_all.deb
Checksums-Sha256:
71386f51dc45f5086ab308525fd8cb0a5865abe32813dd8ef6a7bf554666ee2b 1938
tahoe-lafs_1.8.3-1.dsc
a0fef0351c3d48677894ab267fef2c9b661687481aa0f65da4d0cb90696bece1 1264493
tahoe-lafs_1.8.3.orig.tar.gz
897d58f4baff7dafb750d208cdf6664402f0a4160d0427446057b6ae2c47c201 14646
tahoe-lafs_1.8.3-1.debian.tar.gz
36c21bdd814ed05faa1ec1b16cf50d448af2eeedd20f2b1b1f60d906a764360c 1040584
tahoe-lafs_1.8.3-1_all.deb
Files:
dc1cc536a53bf8ea720bfeaeb72724f9 1938 utils optional tahoe-lafs_1.8.3-1.dsc
1e5c40df99f634c5ce6ef9e29a68067c 1264493 utils optional
tahoe-lafs_1.8.3.orig.tar.gz
01311e7f86cd39e733c4ec355a4e25cf 14646 utils optional
tahoe-lafs_1.8.3-1.debian.tar.gz
4b274c4955637b874809c528601a0310 1040584 utils optional
tahoe-lafs_1.8.3-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJOcN5ZAAoJEIy/mjIoYaeQ/2IP/AvQUhLiVchoStAGMjNJoCcK
G2tRkPc4UizbnG2s10pi6mqZeC3bw9Fz79grQVgtSzPHcK/PAWoZLwZ0S3/be1db
E53wQ6QJ9linOZWMy/BTpoeDO9nMOgsITEFCFn12c2Pfe687fYi/QEyY43Bev4MN
z0wYFkv3sAXtsyRlBEWlwXovD29gw+avegPLzgmDEsdEchFLDK4kEoyCD01iboGU
sRBZlnIqsDr12YCY1HNaovGTvHp9SpTRzk4CF84tBrH2iXrxO/uzgnDAAa/zFpGO
FwQoRdz0G0i4lRdVCuXma2Au50gTdD03lJZUpvR8LnoyoX0ZW8rSZiu+z6qo02B4
bFDitlwPPHyTenDrHBzW5K0QQ3npEYHvhWQ6/6hLKw+kqmv02MdrVUtJaFA1B+Zm
RV7FyLw4q83HZL6gTEHaT7xdkDCTeuWD9zDf+u2nJEdmEv1+3WnSGsa/9cxf7v2m
rxoD98pgAFlOE+2FUTu7/l6h3wah2rCECQL4RAbPETpzSZaeK2vy1kdjYp2JsMo7
VDlspjVLHDij4RnubCDEe84ojHvmjaltwc7P2zE7gICDuWTf2OFGRAp2G3PJjhen
QKc1sOeETI+3AbeRQuLTLquc3jKciUgGiQNTQ9ADTyHfnbzuAJ5eCer5CBsV6jD7
IXjGw06gGYo8c7yCj1/m
=Mta7
-----END PGP SIGNATURE-----
--- End Message ---
