retitle 307641 Bug in RSA key export tags 307641 - security thanks On Wed, May 04, 2005 at 02:31:26PM +0200, Moritz Muehlenhoff wrote: > Package: gnutls11 > Version: unavailable; reported 2005-05-04 > Severity: important > Tags: security patch > > http://lists.gnupg.org/pipermail/gnutls-dev/2005-April/000858.html mentions > a DoS vulnerability in gnutls' record packet parsing. It's fixed in 1.0.25, > which is obviously not an option. Unfortunately they are unwilling to provide > further details: > > > We do not have the resources to analyze and write an explanation of > > this security problem. Volunteers who want to read the bug reports > > and the CVS changes, and write up an explanation in plain English, are > > most welcome! Having a detailed track record of security problems can > > be a useful reference when discussing security in free software > > packages in general. Naturally, if you wish to sponsor us to do this > > work for you, please contact me. > > I've had a look at the GNUTLS CVS and the changelog points to two combined > fixes that have been backported from 1.2: > 2005-04-27 nmav <[EMAIL PROTECTED]> > > * NEWS, lib/gnutls_cipher.c, lib/gnutls_mpi.h, lib/x509/privkey.c: > Backported from the new stable branch: > - Corrected bug in record packet parsing that could lead > to a denial of service attack. > - Corrected bug in RSA key export. > > I've attached two patches; the above change against 1.0.16 and the portion > of the patch that is only related to the DoS. Please check whether the > RSA part is needed for Sarge as well.
I'm NMU'ing gnutls11 for the DoS, but will leave the RSA key export bug untouched. I'll tag #309111 fixed by my NMU, and leave this one open for the RSA key export bug. --Jeroen -- Jeroen van Wolffelaar [EMAIL PROTECTED] http://jeroen.A-Eskwadraat.nl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
