I’ve built the patched gnutls26 (now as of 2.12.20-8+deb7u2) package with pbuilder and briefly tested Exim (as of 4.80-7) with the resulting libgnutls26, and seen no issues so far.
The resulting packages, both source (signed) and binary (along with signed .changes files) are available from the following location. (Should you decide to use these, /please take care/ to check .dsc and .changes signatures against my public key, and binary packages against the .changes files.) ⋯✂⋯ /etc/apt/sources.list.d/99-am-1.org-1gray-test.list ⋯✂⋯ deb http://am-1.org/~ivan/mini-dinstall/ 1gray-test/$(ARCH)/ deb http://am-1.org/~ivan/mini-dinstall/ 1gray-test/all/ deb-src http://am-1.org/~ivan/mini-dinstall/ 1gray-test/source/ ⋯✂⋯ /etc/apt/sources.list.d/99-am-1.org-1gray-test.list ⋯✂⋯ For the sake of completeness, the changes are also MIMEd. -- FSF associate member #7257 http://boycottsystemd.org/ Public key fingerprint: 58F8 0F47 53F5 2EB2 F6A5 8916 3013 B6A0 230E 334A
diff -dru -- a/debian/changelog b/debian/changelog --- a/debian/changelog 2014-05-31 14:28:44.000000000 +0000 +++ b/debian/changelog 2014-07-29 18:48:51.000000000 +0000 @@ -1,3 +1,13 @@ +gnutls26 (2.12.20-8+deb7u2.0+is.2) 1gray-misc; urgency=medium + + * 12_no_sign_algo.diff: adapted from 1a02ec18e9e3 by Nikos + Mavrogiannopoulos. Closes: #737921, #740160 + * 42_no-more-gets.diff: do not assume that gets () is declared + by the libc; adapted from + https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00186.html + + -- Ivan Shmakov <i...@siamics.net> Tue, 29 Jul 2014 18:48:51 +0000 + gnutls26 (2.12.20-8+deb7u2) wheezy-security; urgency=high * 39_Prevent-memory-corruption.diff from upstream GIT. Fix memory corruption Only in b/debian/patches: 12_no_sign_algo.diff Only in b/debian/patches: 42_no-more-gets.diff diff -dru -- a/debian/patches/series b/debian/patches/series --- a/debian/patches/series 2014-05-31 14:27:28.000000000 +0000 +++ b/debian/patches/series 2014-07-29 18:57:21.000000000 +0000 @@ -1,3 +1,4 @@ +12_no_sign_algo.diff 14_version_gettextcat.diff 16_unnecessarydep.diff 17_ignoretestsuitteerrors.diff @@ -13,3 +14,4 @@ 37_fix_rejection-of-v1-intermedi.diff 38_CVE-2014-0092.diff 39_Prevent-memory-corruption.diff +42_no-more-gets.diff
This is an adaptation of the change made in 1a02ec18e9e3 and subsequently amended (with regards to GNUTLS_CRT_OPENPGP.) commit 6e4e6b0aa30acc8db68fcc19a9406abcfe44ae9c Author: Nikos Mavrogiannopoulos <n...@gnutls.org> Date: Thu Apr 21 00:21:56 2011 +0200 commit 1a02ec18e9e39f82cee7f9cff74e1f1574bac472 Author: Nikos Mavrogiannopoulos <n...@gnutls.org> Date: Wed Apr 20 19:45:20 2011 +0200 Eliminated the need for sign_algo in gnutls_pcert_st. This means that we don't follow RFC5246 by letter, but there wasn't any other implementation using the sign_algorithm part of the certificate selection, and this helps reduce complexity. diff --git a/lib/auth/cert.c b/lib/auth/cert.c index 275e9bf..39cf8ed 100644 --- a/lib/auth_cert.c +++ b/lib/auth_cert.c @@ -1111,29 +1111,18 @@ _gnutls_proc_x509_server_certificate (gnutls_session_t session, if ((ret = _gnutls_x509_raw_cert_to_gcert (&peer_certificate_list [j], &tmp, CERT_ONLY_EXTENSIONS)) < 0) { gnutls_assert (); goto cleanup; } - /* check if signature algorithm is supported */ - ret = - _gnutls_session_sign_algo_enabled (session, - peer_certificate_list - [j].sign_algo); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - p += len; } if ((ret = _gnutls_copy_certificate_auth_info (info, peer_certificate_list, peer_certificate_list_size)) < 0) { @@ -2092,26 +2081,18 @@ _gnutls_server_select_cert (gnutls_session_t session, */ if (requested_algo == GNUTLS_PK_ANY || requested_algo == cred->cert_list[i][0].subject_pk_algorithm) { /* if cert type and signature algorithm matches */ /* *INDENT-OFF* */ if (session->security_parameters.cert_type - == cred->cert_list[i][0].cert_type - && (cred->cert_list[i][0].cert_type == GNUTLS_CRT_OPENPGP - || /* FIXME: make this a check for certificate - type capabilities */ - !_gnutls_version_has_selectable_sighash - (gnutls_protocol_get_version (session)) - || - _gnutls_session_sign_algo_requested - (session, cred->cert_list[i][0].sign_algo) == 0)) + == cred->cert_list[i][0].cert_type) { idx = i; break; } /* *INDENT-ON* */ } } /* store the certificate pointer for future use, in the handshake. diff --git a/lib/ext/signature.c b/lib/ext/signature.c index ad8f3b8..61e33df 100644 --- a/lib/ext_signature.c +++ b/lib/ext_signature.c @@ -272,20 +272,19 @@ return GNUTLS_E_UNWANTED_ALGORITHM; } } return 0; } /* Returns a requested by the peer signature algorithm that - * matches the given public key algorithm. Index can be increased - * to return the second choice etc. + * matches the given certificate's public key algorithm. */ gnutls_sign_algorithm_t _gnutls_session_get_sign_algo (gnutls_session_t session, gnutls_cert* cert) { unsigned i; int ret; gnutls_protocol_t ver = gnutls_protocol_get_version (session); sig_ext_st *priv; extension_priv_data_t epriv; @@ -311,71 +311,18 @@ _gnutls_session_get_sign_algo (gnutls_session_t session, gnutls_pcert_st* cert) continue; return priv->sign_algorithms[i]; } } return GNUTLS_SIGN_UNKNOWN; } - -/* Check if the given signature algorithm is accepted by - * the peer. Returns 0 on success or a negative value - * on error. - */ -int -_gnutls_session_sign_algo_requested (gnutls_session_t session, - gnutls_sign_algorithm_t sig) -{ - unsigned i; - int ret, hash; - gnutls_protocol_t ver = gnutls_protocol_get_version (session); - sig_ext_st *priv; - extension_priv_data_t epriv; - - if (!_gnutls_version_has_selectable_sighash (ver)) - { - return 0; - } - - ret = - _gnutls_ext_get_session_data (session, - GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, - &epriv); - if (ret < 0) - { - gnutls_assert (); - /* extension not received allow SHA1 and SHA256 */ - hash = _gnutls_sign_get_hash_algorithm (sig); - if (hash == GNUTLS_DIG_SHA1 || hash == GNUTLS_DIG_SHA256) - return 0; - else - return ret; - } - priv = epriv.ptr; - - if (priv->sign_algorithms_size == 0) - /* none set, allow all */ - { - return 0; - } - - for (i = 0; i < priv->sign_algorithms_size; i++) - { - if (priv->sign_algorithms[i] == sig) - { - return 0; /* ok */ - } - } - - return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; -} - /* Check if the given signature algorithm is supported. * This means that it is enabled by the priority functions, * and in case of a server a matching certificate exists. */ int _gnutls_session_sign_algo_enabled (gnutls_session_t session, gnutls_sign_algorithm_t sig) { unsigned i; diff --git a/lib/ext/signature.h b/lib/ext/signature.h index 89b31d7..0c74e3e 100644 --- a/lib/ext_signature.h +++ b/lib/ext_signature.h @@ -26,20 +26,18 @@ /* signature algorithms extension */ #ifndef EXT_SIGNATURE_H #define EXT_SIGNATURE_H #include <gnutls_extensions.h> extern extension_entry_st ext_mod_sig; -int _gnutls_session_sign_algo_requested (gnutls_session_t session, - gnutls_sign_algorithm_t sig); gnutls_sign_algorithm_t _gnutls_session_get_sign_algo (gnutls_session_t session, gnutls_cert* cert); int _gnutls_sign_algorithm_parse_data (gnutls_session_t session, const opaque * data, size_t data_size); int _gnutls_sign_algorithm_write_params (gnutls_session_t session, opaque * data, size_t max_data_size); int _gnutls_session_sign_algo_enabled (gnutls_session_t session, gnutls_sign_algorithm_t sig); int cert_compatible_with_sig(gnutls_cert* cert, gnutls_protocol_t ver,
No longer assume gets (). See [1]. [1] https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00186.html --- a/lib/gl/stdio.in.h.~1~ 2012-03-01 15:53:13.000000000 +0000 +++ b/lib/gl/stdio.in.h 2014-03-19 21:43:27.000000000 +0000 @@ -714,8 +714,10 @@ /* It is very rare that the developer ever has full control of stdin, so any use of gets warrants an unconditional warning. Assume it is always declared, since it is required by C89. */ +#if HAVE_RAW_DECL_GETS _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); #endif +#endif #if @GNULIB_OBSTACK_PRINTF@ || @GNULIB_OBSTACK_PRINTF_POSIX@