Your message dated Sun, 30 Nov 2014 23:17:06 +0000
with message-id <[email protected]>
and subject line Bug#770972: fixed in libksba 1.2.0-2+deb7u1
has caused the Debian Bug report #770972,
regarding libksba: CVE-2014-9087: buffer overflow in ksba_oid_to_str
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
770972: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770972
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libksba
Version: 1.3.1-1
Severity: grave
Tags: security upstream patch fixed-upstream
Hi all,
Today a new upstream release for Libksba was announced, addressing in
particular the following:
> Impact of the security bug
> ==========================
>
> By using special crafted S/MIME messages or ECC based OpenPGP data, it
> is possible to create a buffer overflow. The bug is not easy to exploit
> because there only 80 possible values which can be used to overwrite
> memory. However, a denial of service is possible and someone may come
> up with other clever attacks. Thus this should be fix.
>
> Affected versions: All Libksba versions < 1.3.2
>
> Background: Yesterday Hanno Böck found an invalid memory access in the
> 2.1 branch of GnuPG by conveying a malformed OID as part of an ECC key.
> It turned out that this bug has also been in libksba ever since and
> affects at least gpgsm and dirmngr. The code to convert an OID to its
> string representation has an obvious error of not considering an invalid
> encoding for arc-2. A first byte of 0x80 can be used to make a value of
> less then 80 and we then subtract 80 from it as required by the OID
> encoding rules. Due to the use of an unsigned integer this results in a
> pretty long value which won't fit anymore into the allocated buffer.
> The actual fix for lib Libksba is commit f715b9e.
Announce: http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html
Upstream fix:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f715b9e156dfa99ae829fc694e5a0abd23ef97d7
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libksba
Source-Version: 1.2.0-2+deb7u1
We believe that the bug you reported is fixed in the latest version of
libksba, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated libksba package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 26 Nov 2014 09:09:22 +0100
Source: libksba
Binary: libksba-dev libksba8
Architecture: source amd64
Version: 1.2.0-2+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian GnuTLS Maintainers <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
libksba-dev - X.509 and CMS support library - development files
libksba8 - X.509 and CMS support library
Closes: 770972
Changes:
libksba (1.2.0-2+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add 0001-Fix-buffer-overflow-in-ksba_oid_to_str.patch patch.
CVE-2014-9087: Fix buffer overflow in ksba_oid_to_str. (Closes: #770972)
Checksums-Sha1:
f52ccf52ff7391b21082415df77ba4e1971b596d 2159 libksba_1.2.0-2+deb7u1.dsc
0c4e593464b9dec6f53c728c375d54a095658230 588323 libksba_1.2.0.orig.tar.bz2
f8d9dca81dd96c2f52f781c10d2bfbd70b7fd030 7179
libksba_1.2.0-2+deb7u1.debian.tar.gz
60bb1c8bb402b8c0a56a63dd5b6647f71fb96c52 163948
libksba-dev_1.2.0-2+deb7u1_amd64.deb
96cd019f9699650eec3a2d355c94b45d821df1fc 109010
libksba8_1.2.0-2+deb7u1_amd64.deb
Checksums-Sha256:
a14f0e7b0fe62b1a89b4e64b57705ce21239b1612cebaed41abc0c1291d7e4f0 2159
libksba_1.2.0-2+deb7u1.dsc
09afce65b03d027cbec10d21464f4f651cdfd269e38b404f83e48d3e2a3c934b 588323
libksba_1.2.0.orig.tar.bz2
f0d18f12555c0908821c0fd5dc39c7599b16cc5af5a44088d9c008edb8113e6f 7179
libksba_1.2.0-2+deb7u1.debian.tar.gz
fb36e8111cb9a62249f8cd8a8d09010f136af05337c685d8e163eefa6bf3a41d 163948
libksba-dev_1.2.0-2+deb7u1_amd64.deb
b67af83cafd253be0ed7ae644704d9ef780bc697a7b4ae8faab62919b08adabb 109010
libksba8_1.2.0-2+deb7u1_amd64.deb
Files:
eab707f1523649cc632b53db9c451427 2159 libs optional libksba_1.2.0-2+deb7u1.dsc
e797f370b69b4dc776499d6a071ae137 588323 libs optional
libksba_1.2.0.orig.tar.bz2
9eafd6eeca197d308fc7ce9146ecbbfe 7179 libs optional
libksba_1.2.0-2+deb7u1.debian.tar.gz
bde1e9dbf963fa5a92d361cb8510b660 163948 libdevel optional
libksba-dev_1.2.0-2+deb7u1_amd64.deb
8dc219aefa1c03334693949675471f6b 109010 libs optional
libksba8_1.2.0-2+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUdZIaAAoJEAVMuPMTQ89EzvgP/18+ypJkvVUASbfuzzCxqYIc
dI97dqh/EvO1zsA6BxNpeXp8T60mYzorzbWVc+854oFSO2bjSZJZBSmpxseHgz05
JiMu2kOxE9hz7F7aAojFjPzyxfOEFfMlI22Lh3pkJPSBEWAKSu5CHl3oj1B4wF/p
3Fv1VabKYpb3e3IBbByu7boCVrKfwAG8cgokgW0XwooaRlnRKnm5K4RVB2NmD0k/
2L2D/OhVk09t29S1CvUPH502u7kUJxJrCj0jjwUzeYXOiLiusnOp2A0BwPfVjHxR
V6pvUG5/26uo1EDFFRMzeAzA2IAN3mQCd+GRKurfOXNW6X4n1Yl7vawBkYfnGN5l
TQ0uEzxsC/4vADqowa+ai1+rQU+f7sbagvfpJtr/DOZzJoJoHGPpnNuvVqaL3xe+
WQc4gLW2TBSCYStoPq9RT8e86CKtbOcM1NtKF+NK0lPqj+4EzLQHrxXck8V7D2+O
JtMudAPRKN5hlAZtBf6w4LqLpgEDCC8wSv2HpqB9skFSFZjmJBgsylwnT9/LFg7x
pTIp3MA7fnAsoybIwl60uK4gnTOuRoO9sg4aDIhbj5gINxi4kQt5atQw2cDF7gKF
eXvfzkx4oZbU9yN7qZKt2Qpyd63eTWEj8m883LmABcrLnFt3QLDIE+Wq+iKr0D0j
1jbm8cdKMcS8qweUEc9+
=I5C+
-----END PGP SIGNATURE-----
--- End Message ---
