Hello community,
here is the log from the commit of package gnutls for openSUSE:Factory checked
in at 2020-06-11 10:01:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gnutls (Old)
and /work/SRC/openSUSE:Factory/.gnutls.new.3606 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls"
Thu Jun 11 10:01:25 2020 rev:124 rq:812790 version:3.6.14
Changes:
--------
--- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2020-04-15
19:52:11.397536638 +0200
+++ /work/SRC/openSUSE:Factory/.gnutls.new.3606/gnutls.changes 2020-06-11
10:01:52.746615823 +0200
@@ -1,0 +2,41 @@
+Mon Jun 8 15:41:46 UTC 2020 - Vítězslav Čížek <vci...@suse.com>
+
+- Fix a memory leak that could lead to a DoS attack against Samba
+ servers (bsc#1172663)
+ * add 0001-crypto-api-always-allocate-memory-when-serializing-i.patch
+- Temporarily disable broken guile reauth test (bsc#1171565)
+ * add gnutls-temporarily_disable_broken_guile_reauth_test
+
+-------------------------------------------------------------------
+Thu Jun 4 09:39:58 UTC 2020 - Vítězslav Čížek <vci...@suse.com>
+
+- Update to 3.6.14
+ * libgnutls: Fixed insecure session ticket key construction, since 3.6.4.
+ The TLS server would not bind the session ticket encryption key with a
+ value supplied by the application until the initial key rotation, allowing
+ attacker to bypass authentication in TLS 1.3 and recover previous
+ conversations in TLS 1.2 (#1011). (bsc#1172506, CVE-2020-13777)
+ [GNUTLS-SA-2020-06-03, CVSS: high]
+ * libgnutls: Fixed handling of certificate chain with cross-signed
+ intermediate CA certificates (#1008). (bsc#1172461)
+ * libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997).
+ * libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName
+ (2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority
+ Key Identifier (AKI) properly (#989, #991).
+ * certtool: PKCS #7 attributes are now printed with symbolic names (!1246).
+ * libgnutls: Use accelerated AES-XTS implementation if possible (!1244).
+ Also both accelerated and non-accelerated implementations check key block
+ according to FIPS-140-2 IG A.9 (!1233).
+ * libgnutls: Added support for AES-SIV ciphers (#463).
+ * libgnutls: Added support for 192-bit AES-GCM cipher (!1267).
+ * libgnutls: No longer use internal symbols exported from Nettle (!1235)
+ * API and ABI modifications:
+ GNUTLS_CIPHER_AES_128_SIV: Added
+ GNUTLS_CIPHER_AES_256_SIV: Added
+ GNUTLS_CIPHER_AES_192_GCM: Added
+ gnutls_pkcs7_print_signature_info: Added
+- Add key D605848ED7E69871: public key "Daiki Ueno <u...@unixuser.org>" to
+ the keyring
+- Drop gnutls-fips_correct_nettle_soversion.patch (upstream)
+
+-------------------------------------------------------------------
Old:
----
gnutls-3.6.13.tar.xz
gnutls-3.6.13.tar.xz.sig
gnutls-fips_correct_nettle_soversion.patch
New:
----
0001-crypto-api-always-allocate-memory-when-serializing-i.patch
gnutls-3.6.14.tar.xz
gnutls-3.6.14.tar.xz.sig
gnutls-temporarily_disable_broken_guile_reauth_test
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gnutls.spec ++++++
--- /var/tmp/diff_new_pack.MNW2Fc/_old 2020-06-11 10:01:54.550621633 +0200
+++ /var/tmp/diff_new_pack.MNW2Fc/_new 2020-06-11 10:01:54.550621633 +0200
@@ -28,7 +28,7 @@
%bcond_with tpm
%bcond_without guile
Name: gnutls
-Version: 3.6.13
+Version: 3.6.14
Release: 0
Summary: The GNU Transport Layer Security Library
License: LGPL-2.1-or-later AND GPL-3.0-or-later
@@ -39,8 +39,9 @@
Source2: %{name}.keyring
Source3: baselibs.conf
Patch1: gnutls-3.5.11-skip-trust-store-tests.patch
-Patch2: gnutls-fips_correct_nettle_soversion.patch
Patch4: gnutls-3.6.6-set_guile_site_dir.patch
+Patch5: 0001-crypto-api-always-allocate-memory-when-serializing-i.patch
+Patch6: gnutls-temporarily_disable_broken_guile_reauth_test
BuildRequires: autogen
BuildRequires: automake
BuildRequires: datefudge
++++++ 0001-crypto-api-always-allocate-memory-when-serializing-i.patch ++++++
>From 6fbff7fc8aabeee2254405f254220bbe8c05c67d Mon Sep 17 00:00:00 2001
From: Daiki Ueno <u...@gnu.org>
Date: Fri, 5 Jun 2020 16:26:33 +0200
Subject: [PATCH] crypto-api: always allocate memory when serializing iovec_t
The AEAD iov interface falls back to serializing the input buffers if
the low-level cipher doesn't support scatter/gather encryption.
However, there was a bug in the functions used for the serialization,
which causes memory leaks under a certain condition (i.e. the number
of input buffers is 1).
This patch makes the logic of the functions simpler, by removing a
micro-optimization that tries to minimize the number of calls to
malloc/free.
The original problem was reported by Marius Steffen in:
https://bugzilla.samba.org/show_bug.cgi?id=14399
and the cause was investigated by Alexander Haase in:
https://gitlab.com/gnutls/gnutls/-/merge_requests/1277
Signed-off-by: Daiki Ueno <u...@gnu.org>
---
lib/crypto-api.c | 36 +++++++++++-------------------------
tests/aead-cipher-vec.c | 33 ++++++++++++++++++---------------
2 files changed, 29 insertions(+), 40 deletions(-)
diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 45be64ed1f..8524f5ed4f 100644
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -891,32 +891,23 @@ gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
struct iov_store_st {
void *data;
size_t size;
- unsigned allocated;
};
static void iov_store_free(struct iov_store_st *s)
{
- if (s->allocated) {
- gnutls_free(s->data);
- s->allocated = 0;
- }
+ gnutls_free(s->data);
}
static int iov_store_grow(struct iov_store_st *s, size_t length)
{
- if (s->allocated || s->data == NULL) {
- s->size += length;
- s->data = gnutls_realloc(s->data, s->size);
- if (s->data == NULL)
- return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
- s->allocated = 1;
- } else {
- void *data = s->data;
- size_t size = s->size + length;
- s->data = gnutls_malloc(size);
- memcpy(s->data, data, s->size);
- s->size += length;
- }
+ void *data;
+
+ s->size += length;
+ data = gnutls_realloc(s->data, s->size);
+ if (data == NULL)
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+ s->data = data;
return 0;
}
@@ -926,11 +917,6 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t
*iov, int iovcnt)
memset(dst, 0, sizeof(*dst));
if (iovcnt == 0) {
return 0;
- } else if (iovcnt == 1) {
- dst->data = iov[0].iov_base;
- dst->size = iov[0].iov_len;
- /* implies: dst->allocated = 0; */
- return 0;
} else {
int i;
uint8_t *p;
@@ -944,11 +930,11 @@ copy_from_iov(struct iov_store_st *dst, const giovec_t
*iov, int iovcnt)
p = dst->data;
for (i=0;i<iovcnt;i++) {
- memcpy(p, iov[i].iov_base, iov[i].iov_len);
+ if (iov[i].iov_len > 0)
+ memcpy(p, iov[i].iov_base, iov[i].iov_len);
p += iov[i].iov_len;
}
- dst->allocated = 1;
return 0;
}
}
diff --git a/tests/aead-cipher-vec.c b/tests/aead-cipher-vec.c
index fba9010d9e..6a30a35f7b 100644
--- a/tests/aead-cipher-vec.c
+++ b/tests/aead-cipher-vec.c
@@ -49,6 +49,7 @@ static void start(const char *name, int algo)
giovec_t auth_iov[2];
uint8_t tag[64];
size_t tag_size = 0;
+ size_t i;
key.data = key16;
key.size = gnutls_cipher_get_key_size(algo);
@@ -82,21 +83,23 @@ static void start(const char *name, int algo)
if (ret < 0)
fail("gnutls_cipher_init: %s\n", gnutls_strerror(ret));
- ret = gnutls_aead_cipher_encryptv2(ch,
- iv.data, iv.size,
- auth_iov, 2,
- iov, 3,
- tag, &tag_size);
- if (ret < 0)
- fail("could not encrypt data: %s\n", gnutls_strerror(ret));
-
- ret = gnutls_aead_cipher_decryptv2(ch,
- iv.data, iv.size,
- auth_iov, 2,
- iov, 3,
- tag, tag_size);
- if (ret < 0)
- fail("could not decrypt data: %s\n", gnutls_strerror(ret));
+ for (i = 0; i < 2; i++) {
+ ret = gnutls_aead_cipher_encryptv2(ch,
+ iv.data, iv.size,
+ auth_iov, 2,
+ iov, i + 1,
+ tag, &tag_size);
+ if (ret < 0)
+ fail("could not encrypt data: %s\n",
gnutls_strerror(ret));
+
+ ret = gnutls_aead_cipher_decryptv2(ch,
+ iv.data, iv.size,
+ auth_iov, 2,
+ iov, i + 1,
+ tag, tag_size);
+ if (ret < 0)
+ fail("could not decrypt data: %s\n",
gnutls_strerror(ret));
+ }
gnutls_aead_cipher_deinit(ch);
}
--
2.25.0
++++++ gnutls-3.6.13.tar.xz -> gnutls-3.6.14.tar.xz ++++++
++++ 131127 lines of diff (skipped)
++++++ gnutls-temporarily_disable_broken_guile_reauth_test ++++++
Index: gnutls-3.6.14/guile/Makefile.in
===================================================================
--- gnutls-3.6.14.orig/guile/Makefile.in 2020-06-03 15:05:54.000000000
+0200
+++ gnutls-3.6.14/guile/Makefile.in 2020-06-09 09:03:17.267773380 +0200
@@ -1850,7 +1850,7 @@ CLEANFILES = modules/gnutls.scm $(am__ap
TESTS = tests/anonymous-auth.scm tests/session-record-port.scm \
tests/pkcs-import-export.scm tests/errors.scm \
tests/x509-certificates.scm tests/x509-auth.scm \
- tests/reauth.scm tests/priorities.scm $(am__append_2)
+ tests/priorities.scm $(am__append_2)
TESTS_ENVIRONMENT = \
GUILE_AUTO_COMPILE=0 \
GUILE_WARN_DEPRECATED=detailed
++++++ gnutls.keyring ++++++
++++ 1044 lines (skipped)
++++ between gnutls.keyring
++++ and /work/SRC/openSUSE:Factory/.gnutls.new.3606/gnutls.keyring
