Your message dated Sat, 08 Feb 2020 14:23:35 +0000
with message-id
<a894a0233c2d264936953d7a69507573c4a5742a.ca...@adam-barratt.org.uk>
and subject line Closing bugs included in 9.12
has caused the Debian Bug report #948715,
regarding stretch-pu: package xml-security-c/1.7.3-4+deb9u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
948715: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948715
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: stretch
User: [email protected]
Usertags: pu
Dear Stable Release Team,
The Security Team declined handling #913136 via a security upload and
recommended the stable upgrade route instead. So I retargeted the
upload; the debdiff below differs in the changelog header only.
I'm ready to upload if you agree.
Thanks for your consideration.
Feri.
$ debdiff xml-security-c_1.7.3-4+deb9u1.dsc xml-security-c_1.7.3-4+deb9u2.dsc
diff -Nru xml-security-c-1.7.3/debian/changelog
xml-security-c-1.7.3/debian/changelog
--- xml-security-c-1.7.3/debian/changelog 2018-08-03 11:32:52.000000000
+0200
+++ xml-security-c-1.7.3/debian/changelog 2018-12-10 11:45:41.000000000
+0100
@@ -1,3 +1,20 @@
+xml-security-c (1.7.3-4+deb9u2) stretch; urgency=medium
+
+ * [12dd825] New patches: DSA verification crashes OpenSSL on invalid
+ combinations of key content.
+ Particular KeyInfo combinations result in incomplete DSA key structures
+ that OpenSSL can't handle without crashing. In the case of Shibboleth
+ SP software this manifests as a crash in the shibd daemon. Exploitation
+ is believed to be possible only in deployments employing the PKIX trust
+ engine, which is generally recommended against.
+ The upstream patches backported from 2.0.2 apply analogous safeguards to
+ the RSA and ECDSA key handling as well.
+ Upstream bug: https://issues.apache.org/jira/browse/SANTUARIO-496
+ CVE: not assigned
+ Thanks to Scott Cantor (Closes: #913136)
+
+ -- Ferenc Wágner <[email protected]> Mon, 10 Dec 2018 11:45:41 +0100
+
xml-security-c (1.7.3-4+deb9u1) stretch-security; urgency=high
* [93b87c6] New patch: Default KeyInfo resolver doesn't check for empty
diff -Nru
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-DSA-verification-crashes-OpenSSL-on-invalid.patch
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-DSA-verification-crashes-OpenSSL-on-invalid.patch
---
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-DSA-verification-crashes-OpenSSL-on-invalid.patch
1970-01-01 01:00:00.000000000 +0100
+++
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-DSA-verification-crashes-OpenSSL-on-invalid.patch
2018-12-10 11:45:41.000000000 +0100
@@ -0,0 +1,103 @@
+From: Scott Cantor <[email protected]>
+Date: Thu, 11 Oct 2018 15:13:40 +0000
+Subject: SANTUARIO-496 - DSA verification crashes OpenSSL on invalid
+ combinations of key content
+
+Backport of
+git-svn-id:
https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1843562
13f79535-47bb-0310-9956-ffa450edef68
+---
+ xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp | 12 ++++++++++++
+ xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.cpp | 12 ++++++++++++
+ xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp | 12 ++++++++++++
+ 3 files changed, 36 insertions(+)
+
+diff --git a/xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp
b/xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp
+index 57999a2..5bdf133 100644
+--- a/xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp
++++ b/xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.cpp
+@@ -164,6 +164,12 @@ bool OpenSSLCryptoKeyDSA::verifyBase64Signature(unsigned
char * hashBuf,
+ "OpenSSL:DSA - Attempt to validate signature with empty
key");
+ }
+
++ XSECCryptoKey::KeyType keyType = getKeyType();
++ if (keyType != KEY_DSA_PAIR && keyType != KEY_DSA_PUBLIC) {
++ throw XSECCryptoException(XSECCryptoException::DSAError,
++ "OpenSSL:DSA - Attempt to validate signature without public key");
++ }
++
+ char* cleanedBase64Signature;
+ unsigned int cleanedBase64SignatureLen = 0;
+
+@@ -264,6 +270,12 @@ unsigned int
OpenSSLCryptoKeyDSA::signBase64Signature(unsigned char * hashBuf,
+ "OpenSSL:DSA - Attempt to sign data with empty key");
+ }
+
++ KeyType keyType = getKeyType();
++ if (keyType != KEY_DSA_PAIR && keyType != KEY_DSA_PRIVATE) {
++ throw XSECCryptoException(XSECCryptoException::DSAError,
++ "OpenSSL:DSA - Attempt to sign data without private key");
++ }
++
+ DSA_SIG * dsa_sig;
+
+ dsa_sig = DSA_do_sign(hashBuf, hashLen, mp_dsaKey);
+diff --git a/xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.cpp
b/xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.cpp
+index 3233343..09ba69e 100644
+--- a/xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.cpp
++++ b/xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.cpp
+@@ -151,6 +151,12 @@ bool
OpenSSLCryptoKeyEC::verifyBase64SignatureDSA(unsigned char * hashBuf,
+ "OpenSSL:EC - Attempt to validate signature with empty
key");
+ }
+
++ KeyType keyType = getKeyType();
++ if (keyType != KEY_EC_PAIR && keyType != KEY_EC_PUBLIC) {
++ throw XSECCryptoException(XSECCryptoException::ECError,
++ "OpenSSL:EC - Attempt to validate signature without public key");
++ }
++
+ char * cleanedBase64Signature;
+ unsigned int cleanedBase64SignatureLen = 0;
+
+@@ -225,6 +231,12 @@ unsigned int
OpenSSLCryptoKeyEC::signBase64SignatureDSA(unsigned char * hashBuf,
+ "OpenSSL:EC - Attempt to sign data with empty key");
+ }
+
++ KeyType keyType = getKeyType();
++ if (keyType != KEY_EC_PAIR && keyType != KEY_EC_PRIVATE) {
++ throw XSECCryptoException(XSECCryptoException::ECError,
++ "OpenSSL:EC - Attempt to sign data without private key");
++ }
++
+ ECDSA_SIG * dsa_sig;
+
+ dsa_sig = ECDSA_do_sign(hashBuf, hashLen, mp_ecKey);
+diff --git a/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
b/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
+index e21b001..c0d7b2b 100644
+--- a/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
++++ b/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
+@@ -416,6 +416,12 @@ bool
OpenSSLCryptoKeyRSA::verifySHA1PKCS1Base64Signature(const unsigned char * h
+ "OpenSSL:RSA - Attempt to validate signature with empty
key");
+ }
+
++ XSECCryptoKey::KeyType keyType = getKeyType();
++ if (keyType != KEY_RSA_PAIR && keyType != KEY_RSA_PUBLIC) {
++ throw XSECCryptoException(XSECCryptoException::RSAError,
++ "OpenSSL:RSA - Attempt to validate signature without public key");
++ }
++
+ char* cleanedBase64Signature;
+ unsigned int cleanedBase64SignatureLen = 0;
+
+@@ -534,6 +540,12 @@ unsigned int
OpenSSLCryptoKeyRSA::signSHA1PKCS1Base64Signature(unsigned char * h
+ "OpenSSL:RSA - Attempt to sign data with empty key");
+ }
+
++ KeyType keyType = getKeyType();
++ if (keyType != KEY_RSA_PAIR && keyType != KEY_RSA_PRIVATE) {
++ throw XSECCryptoException(XSECCryptoException::RSAError,
++ "OpenSSL:RSA - Attempt to sign data without private key");
++ }
++
+ // Build the buffer to be encrypted by prepending the SHA1 OID to the
hash
+
+ unsigned char * encryptBuf;
diff -Nru
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-Prevent-KeyInfoResolver-returning-NONE-keys.patch
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-Prevent-KeyInfoResolver-returning-NONE-keys.patch
---
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-Prevent-KeyInfoResolver-returning-NONE-keys.patch
1970-01-01 01:00:00.000000000 +0100
+++
xml-security-c-1.7.3/debian/patches/SANTUARIO-496-Prevent-KeyInfoResolver-returning-NONE-keys.patch
2018-12-10 11:45:41.000000000 +0100
@@ -0,0 +1,65 @@
+From: Scott Cantor <[email protected]>
+Date: Thu, 11 Oct 2018 15:39:30 +0000
+Subject: SANTUARIO-496 - Prevent KeyInfoResolver returning NONE keys.
+
+git-svn-id:
https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1843566
13f79535-47bb-0310-9956-ffa450edef68
+---
+ xsec/enc/XSECKeyInfoResolverDefault.cpp | 24 +++++++++++++++++-------
+ 1 file changed, 17 insertions(+), 7 deletions(-)
+
+diff --git a/xsec/enc/XSECKeyInfoResolverDefault.cpp
b/xsec/enc/XSECKeyInfoResolverDefault.cpp
+index c4c81cb..7356fc4 100644
+--- a/xsec/enc/XSECKeyInfoResolverDefault.cpp
++++ b/xsec/enc/XSECKeyInfoResolverDefault.cpp
+@@ -127,8 +127,10 @@ XSECCryptoKey *
XSECKeyInfoResolverDefault::resolveKey(DSIGKeyInfoList * lst) {
+ dsa->loadYBase64BigNums(value.rawCharBuffer(), (unsigned
int) strlen(value.rawCharBuffer()));
+ }
+
+- j_dsa.release();
+- return dsa;
++ if (dsa->getKeyType() != XSECCryptoKey::KEY_NONE) {
++ j_dsa.release();
++ return dsa;
++ }
+ }
+ }
+ break;
+@@ -148,8 +150,10 @@ XSECCryptoKey *
XSECKeyInfoResolverDefault::resolveKey(DSIGKeyInfoList * lst) {
+ value << (*mp_formatter << rsaval->getRSAExponent());
+ rsa->loadPublicExponentBase64BigNums(value.rawCharBuffer(),
(unsigned int) strlen(value.rawCharBuffer()));
+
+- j_rsa.release();
+- return rsa;
++ if (rsa->getKeyType() != XSECCryptoKey::KEY_NONE) {
++ j_rsa.release();
++ return rsa;
++ }
+ }
+
+ }
+@@ -169,8 +173,10 @@ XSECCryptoKey *
XSECKeyInfoResolverDefault::resolveKey(DSIGKeyInfoList * lst) {
+ XSECAutoPtrChar curve(ecval->getECNamedCurve());
+ if (curve.get()) {
+ ec->loadPublicKeyBase64(curve.get(),
value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer()));
+- j_ec.release();
+- return ec;
++ if (ec->getKeyType() != XSECCryptoKey::KEY_NONE) {
++ j_ec.release();
++ return ec;
++ }
+ }
+ }
+ }
+@@ -184,7 +190,11 @@ XSECCryptoKey *
XSECKeyInfoResolverDefault::resolveKey(DSIGKeyInfoList * lst) {
+ safeBuffer value;
+
+ value << (*mp_formatter << derval->getData());
+- return
XSECPlatformUtils::g_cryptoProvider->keyDER(value.rawCharBuffer(), (unsigned
int)strlen(value.rawCharBuffer()), true);
++ XSECCryptoKey* key =
XSECPlatformUtils::g_cryptoProvider->keyDER(value.rawCharBuffer(), (unsigned
int)strlen(value.rawCharBuffer()), true);
++ if (key && key->getKeyType() != XSECCryptoKey::KEY_NONE) {
++ return key;
++ }
++ delete key;
+ }
+ }
+ break;
diff -Nru xml-security-c-1.7.3/debian/patches/series
xml-security-c-1.7.3/debian/patches/series
--- xml-security-c-1.7.3/debian/patches/series 2018-08-03 11:32:52.000000000
+0200
+++ xml-security-c-1.7.3/debian/patches/series 2018-12-10 11:45:41.000000000
+0100
@@ -22,3 +22,5 @@
We-do-not-use-pthreads-threadtest.cpp-is-Windows-onl.patch
Only-add-found-packages-to-the-pkg-config-dependenci.patch
Default-KeyInfo-resolver-doesn-t-check-for-empty-element-.patch
+SANTUARIO-496-DSA-verification-crashes-OpenSSL-on-invalid.patch
+SANTUARIO-496-Prevent-KeyInfoResolver-returning-NONE-keys.patch
--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 9.12
Hi,
Each of the uploads referred to by these bugs was included in today's
oldstable point release.
Regards,
Adam
--- End Message ---
