Hello community, here is the log from the commit of package gnutls for openSUSE:Leap:15.2 checked in at 2020-04-14 14:20:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/gnutls (Old) and /work/SRC/openSUSE:Leap:15.2/.gnutls.new.3248 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls" Tue Apr 14 14:20:32 2020 rev:45 rq:793090 version:3.6.7 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/gnutls/gnutls.changes 2020-01-15 15:05:39.389911239 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.gnutls.new.3248/gnutls.changes 2020-04-14 14:20:52.413269672 +0200 @@ -1,0 +2,33 @@ +Thu Apr 2 08:38:40 UTC 2020 - Vítězslav Čížek <[email protected]> + +- Fix zero random value in DTLS client hello (bsc#1168345) + * add gnutls-CVE-2020-XXXXX.patch + +------------------------------------------------------------------- +Mon Mar 30 12:43:33 UTC 2020 - Vítězslav Čížek <[email protected]> + +- Split off FIPS checksums into a separate libgnutls30-hmac + subpackage (bsc#1152692) + * update baselibs.conf + +------------------------------------------------------------------- +Mon Mar 23 22:36:59 UTC 2020 - Jason Sikes <[email protected]> + +- bsc#1166881 - FIPS: gnutls: cfb8 decryption issue + * No longer truncate output IV if input is shorter than block size. + * Added gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch + +------------------------------------------------------------------- +Mon Mar 23 14:30:07 UTC 2020 - Jason Sikes <[email protected]> + +- bsc#1155327 jira#SLE-9518 - FIPS: add DH key test + * Added Diffie Hellman public key verification test. + * gnutls-3.6.7-fips_DH_ECDH_key_tests.patch + +------------------------------------------------------------------- +Tue Sep 24 13:16:02 UTC 2019 - Vítězslav Čížek <[email protected]> + +- Install checksums for binary integrity verification which are + required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) + +------------------------------------------------------------------- New: ---- gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch gnutls-3.6.7-fips_DH_ECDH_key_tests.patch gnutls-CVE-2020-XXXXX.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.qg6etr/_old 2020-04-14 14:20:52.849269998 +0200 +++ /var/tmp/diff_new_pack.qg6etr/_new 2020-04-14 14:20:52.853270000 +0200 @@ -33,7 +33,7 @@ Summary: The GNU Transport Layer Security Library License: LGPL-2.1-or-later AND GPL-3.0-or-later Group: Productivity/Networking/Security -URL: http://www.gnutls.org/ +URL: https://www.gnutls.org/ Source0: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/%{name}-%{version}.tar.xz Source1: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/%{name}-%{version}.tar.xz.sig Source2: %{name}.keyring @@ -42,10 +42,14 @@ Patch2: gnutls-3.6.0-disable-flaky-dtls_resume-test.patch Patch3: disable-psk-file-test.patch Patch4: gnutls-3.6.7-SUSE_SLE15_guile_site_directory.patch +Patch5: gnutls-3.6.7-fips_DH_ECDH_key_tests.patch +Patch6: gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch +Patch7: gnutls-CVE-2020-XXXXX.patch BuildRequires: autogen BuildRequires: automake BuildRequires: datefudge BuildRequires: fdupes +BuildRequires: fipscheck BuildRequires: gcc-c++ # The test suite calls /usr/bin/ss from iproute2. It's our own duty to ensure we have it present BuildRequires: iproute2 @@ -91,12 +95,23 @@ Summary: The GNU Transport Layer Security Library License: LGPL-2.1-or-later Group: System/Libraries +# install libopenssl and libopenssl-hmac close together (bsc#1090765) +Suggests: libgnutls%{gnutls_sover}-hmac = %{version}-%{release} %description -n libgnutls%{gnutls_sover} The GnuTLS library provides a secure layer over a reliable transport layer. Currently the GnuTLS library implements the proposed standards of the IETFs TLS working group. +%package -n libgnutls%{gnutls_sover}-hmac +Summary: Checksums of the GNU Transport Layer Security Library +License: LGPL-2.1-or-later +Group: System/Libraries +Requires: libgnutls%{gnutls_sover} = %{version}-%{release} + +%description -n libgnutls%{gnutls_sover}-hmac +FIPS SHA256 checksums of the libgnutls library. + %if %{with dane} %package -n libgnutls-dane%{gnutls_dane_sover} Summary: DANE support for the GNU Transport Layer Security Library @@ -168,6 +183,9 @@ %patch1 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 # dtls-resume test fails on PPC %ifarch ppc64 ppc64le ppc %patch2 -p1 @@ -198,6 +216,21 @@ %{nil} make %{?_smp_mflags} +# the hmac hashes: +# +# this is a hack that re-defines the __os_install_post macro +# for a simple reason: the macro strips the binaries and thereby +# invalidates a HMAC that may have been created earlier. +# solution: create the hashes _after_ the macro runs. +# +# this shows up earlier because otherwise the %expand of +# the macro is too late. +# remark: This is the same as running +# openssl dgst -sha256 -hmac 'orboDeJITITejsirpADONivirpUkvarP' +%{expand:%%global __os_install_post {%__os_install_post +%{_bindir}/fipshmac %{buildroot}%{_libdir}/libgnutls.so.%{gnutls_sover} +}} + %install %make_install rm -rf %{buildroot}%{_datadir}/locale/en@{,bold}quot @@ -266,6 +299,9 @@ %files -n libgnutls%{gnutls_sover} %{_libdir}/libgnutls.so.%{gnutls_sover}* +%files -n libgnutls%{gnutls_sover}-hmac +%{_libdir}/.libgnutls.so.%{gnutls_sover}*.hmac + %if %{with dane} %files -n libgnutls-dane%{gnutls_dane_sover} %{_libdir}/libgnutls-dane.so.%{gnutls_dane_sover}* ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.qg6etr/_old 2020-04-14 14:20:52.885270024 +0200 +++ /var/tmp/diff_new_pack.qg6etr/_new 2020-04-14 14:20:52.885270024 +0200 @@ -1,5 +1,8 @@ libgnutls30 + suggests "libgnutls30-hmac-<targettype> = <version>-%release" obsoletes "gnutls-<targettype>" +libgnutls30-hmac + requires "libgnutls30-<targettype> = <version>-%release" libgnutls-devel requires -libgnutls-<targettype> requires "libgnutls30-<targettype> = <version>" ++++++ gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch ++++++ Index: gnutls-3.6.7/lib/nettle/backport/cfb8.c =================================================================== --- gnutls-3.6.7.orig/lib/nettle/backport/cfb8.c +++ gnutls-3.6.7/lib/nettle/backport/cfb8.c @@ -106,10 +106,12 @@ cfb8_decrypt(const void *ctx, nettle_cip src += i; dst += i; - memcpy(buffer, buffer + block_size, block_size); - memcpy(buffer + block_size, src, - length < block_size ? length : block_size); - + if (i == block_size) + { + memcpy(buffer, buffer + block_size, block_size); + memcpy(buffer + block_size, src, + length < block_size ? length : block_size); + } } memcpy(iv, buffer + i, block_size); ++++++ gnutls-3.6.7-fips_DH_ECDH_key_tests.patch ++++++ Index: gnutls-3.6.7/lib/nettle/pk.c =================================================================== --- gnutls-3.6.7.orig/lib/nettle/pk.c +++ gnutls-3.6.7/lib/nettle/pk.c @@ -240,15 +240,16 @@ static int _wrap_nettle_pk_derive(gnutls switch (algo) { case GNUTLS_PK_DH: { - bigint_t f, x, prime; - bigint_t k = NULL, ff = NULL; + bigint_t f, x, q, prime; + bigint_t k = NULL, ff = NULL, r = NULL; unsigned int bits; f = pub->params[DH_Y]; x = priv->params[DH_X]; + q = priv->params[DH_Q]; prime = priv->params[DH_P]; - ret = _gnutls_mpi_init_multi(&k, &ff, NULL); + ret = _gnutls_mpi_init_multi(&k, &ff, &r, NULL); if (ret < 0) return gnutls_assert_val(ret); @@ -268,6 +269,21 @@ static int _wrap_nettle_pk_derive(gnutls goto dh_cleanup; } + /* if we have Q check that y ^ q mod p == 1 */ + if (q != NULL) { + ret = _gnutls_mpi_powm(r, f, q, prime); + if (ret < 0) { + gnutls_assert(); + goto dh_cleanup; + } + ret = _gnutls_mpi_cmp_ui(r, 1); + if (ret != 0) { + gnutls_assert(); + ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + goto dh_cleanup; + } + } + /* prevent denial of service */ bits = _gnutls_mpi_get_nbits(prime); if (bits == 0 || bits > MAX_DH_BITS) { @@ -298,6 +314,7 @@ static int _wrap_nettle_pk_derive(gnutls ret = 0; dh_cleanup: + _gnutls_mpi_release(&r); _gnutls_mpi_release(&ff); zrelease_temp_mpi_key(&k); if (ret < 0) ++++++ gnutls-CVE-2020-XXXXX.patch ++++++ >From c01011c2d8533dbbbe754e49e256c109cb848d0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BChler?= <[email protected]> Date: Fri, 27 Mar 2020 17:17:57 +0100 Subject: [PATCH] dtls client hello: fix zeroed random (fixes #960) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This broke with bcf4de03 "handshake: treat reply to HRR as a reply to hello verify request", which failed to "De Morgan" properly. Signed-off-by: Stefan Bühler <[email protected]> --- lib/handshake.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: gnutls-3.6.7/lib/handshake.c =================================================================== --- gnutls-3.6.7.orig/lib/handshake.c 2020-04-02 10:41:59.591316756 +0200 +++ gnutls-3.6.7/lib/handshake.c 2020-04-02 10:43:41.263818988 +0200 @@ -2221,7 +2221,7 @@ static int send_client_hello(gnutls_sess /* Generate random data */ if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) && - !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests == 0)) { + !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests != 0)) { ret = _gnutls_gen_client_random(session); if (ret < 0) { gnutls_assert();
