Re: Wheezy update of libmad?

[Kurt Roeckx]

On Fri, May 11, 2018 at 09:25:17AM +0200, Emilio Pozuelo Monfort wrote:
> Hi Kurt,
> 
> On 30/01/18 21:59, Kurt Roeckx wrote:
> > On Tue, Jan 30, 2018 at 08:33:53PM +0100, Ola Lundqvist wrote:
> >> Dear maintainers,
> >>
> >> The Debian LTS team would like to fix the security issues which are
> >> currently open in the Wheezy version of libmad:
> >> https://security-tracker.debian.org/tracker/CVE-2017-8372
> >> https://security-tracker.debian.org/tracker/CVE-2017-8373
> >> https://security-tracker.debian.org/tracker/CVE-2017-8374
> >>
> >> Would you like to take care of this yourself?
> > 
> > I will take care of them myself.
> 
> I see that the update happened for jessie/stretch. wheezy has the same 
> upstream
> version as jessie so the patches should apply cleanly there. I suppose you are
> doing the update but if you lack the time let me know and I can help.

I'm still unable to do build packages for wheezy, so if you can
help with it that would be great. It's really the same patches that
were applied to all other versions.


Kurt

Re: Wheezy update of libmad?

[Kurt Roeckx]

On Tue, Jan 30, 2018 at 08:33:53PM +0100, Ola Lundqvist wrote:
> Dear maintainers,
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of libmad:
> https://security-tracker.debian.org/tracker/CVE-2017-8372
> https://security-tracker.debian.org/tracker/CVE-2017-8373
> https://security-tracker.debian.org/tracker/CVE-2017-8374
> 
> Would you like to take care of this yourself?

I will take care of them myself.


Kurt

Re: Security update of OpenSSL 1.0.1t-1+deb7u3

[Kurt Roeckx]

On Wed, Nov 08, 2017 at 11:22:24PM +0100, Markus Koschany wrote:
> Am 08.11.2017 um 23:04 schrieb Kurt Roeckx:
> > On Wed, Nov 08, 2017 at 10:07:57PM +0100, Markus Koschany wrote:
> >> Hello Kurt,
> >>
> >> we saw that you reserved a DLA number for OpenSSL last week but the new
> >> version 1.0.1t-1+deb7u3 has not been uploaded yet. Is there anything we
> >> can do to assist you?
> > 
> > The package has been ready in svn since then. But I have a problem
> > going into my wheezy chroot. I've been told I need to booth with
> > vsyscall emulation turned on, but I haven't had time to reboot
> > yet.
> 
> Shall I checkout the wheezy branch and revision 922 and upload the
> package right now? You just have to send the DLA to the
> debian-lts-announce mailing list but I can take care of that as well if
> you wish.

I just fixed something in revision 931. I've put a .dsc at:
https://people.debian.org/~kroeckx/openssl/openssl_1.0.1t-1+deb7u3.dsc

Feel free to upload that and send the announcement.


Kurt

Re: Security update of OpenSSL 1.0.1t-1+deb7u3

[Kurt Roeckx]

On Wed, Nov 08, 2017 at 10:07:57PM +0100, Markus Koschany wrote:
> Hello Kurt,
> 
> we saw that you reserved a DLA number for OpenSSL last week but the new
> version 1.0.1t-1+deb7u3 has not been uploaded yet. Is there anything we
> can do to assist you?

The package has been ready in svn since then. But I have a problem
going into my wheezy chroot. I've been told I need to booth with
vsyscall emulation turned on, but I haven't had time to reboot
yet.


Kurt

Re: [pkg-mad-maintainers] Wheezy update of libmad?

[Kurt Roeckx]

On Mon, Aug 07, 2017 at 07:39:34AM -0400, Chris Lamb wrote:
> Dear maintainer(s),
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of libmad:
> https://security-tracker.debian.org/tracker/source-package/libmad
> 
> Would you like to take care of this yourself?

This is not fixed in any of the suites, there is no patch
available yet. If I have a patch I will upload it to all suites.


Kurt

Re: should ca-certificates certdata.txt synchronize across all suites?

[Kurt Roeckx]

On Fri, Jul 21, 2017 at 04:47:23PM -0400, Antoine Beaupré wrote:
> On 2017-07-21 22:19:20, Philipp Kern wrote:
> > My point was that you state what your delta is and essentially boils 
> > down to attach the diff of what will actually happen to the .deb. I 
> > think it's generally fine to add new CAs and remove fully distrusted 
> > ones, instead of saying "it should just be in sync with unstable". The 
> > latter contains a lot more nuance if you know that some of the rules are 
> > only available in code.
> 
> Thank you for taking the time to clarify your position, I understand it
> much better now. :)
> 
> Makes perfect sense, I'll try to be clearer in future communications to
> avoid such confusion.

Mozilla has various extra distrust/partial trust rules that are now
coded in either NSS or Firefox itself. But we're not even using the
distrust/partial trust information currently in certdata.txt.

Other than what is in certdata.txt + code, there are also
certificates that are distrusted by using OneCRL.

I currently see no reason not to ship certdata.txt in all
distributions.

In any case, I think we should try to implement all the rules that
Mozilla applies in all software that deals with certificate. And
at least Mozilla is interested in that, and at least some of the
OpenSSL people would also like to see OpenSSL have more checks
than that currently happen.


Kurt

Re: Wheezy update of ntp?

[Kurt Roeckx]

On Wed, Mar 22, 2017 at 09:02:16PM +0100, Ola Lundqvist wrote:
> Hello dear maintainer(s),
> 
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of ntp:
> https://security-tracker.debian.org/tracker/CVE-2017-6460
> https://security-tracker.debian.org/tracker/CVE-2017-6463
> https://security-tracker.debian.org/tracker/CVE-2017-6464

Are you really asking again hours after those CVEs have been made
public, and it's not fixed yet in any other branch?

> Would you like to take care of this yourself?

Yes, like always, I will do this myself.


Kurt

Re: openssl wheezy update

[Kurt Roeckx]

On Tue, Jan 31, 2017 at 11:13:55PM +0100, Emilio Pozuelo Monfort wrote:
> Hi Kurt,
> 
> I have prepared an update of openssl for wheezy based on 1.0.1t-1+deb8u6. I 
> have
> done some smoke testing on it and it seems fine, but I haven't been able to
> verify the three fixes as I can't find exploits for them (there is mention of
> one for CVE-2016-8610 in [1] but I can't find the actual file).
> 
> Do you have any suggestion for how to verify / test the update?
> 
> Do you want to upload this or should I take care of it?

Feel free to upload this.

The usptream version in jessie and wheezy, so the patches should
just apply.

I only have a test for the 32 bit crashes. It would require to get
the fuzzers working in the 1.0.1 version, which should be that
hard.

The other would be a cache timing attack, and I really have no
good way to test that.

I suggest you just upload it.


Kurt

Re: [pkg-ntp-maintainers] Wheezy update of ntp?

[Kurt Roeckx]

On Mon, Nov 21, 2016 at 11:13:13PM +0100, Ola Lundqvist wrote:
> Hello dear maintainer(s),
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of ntp:
> https://security-tracker.debian.org/tracker/CVE-2016-7426
> https://security-tracker.debian.org/tracker/CVE-2016-7427
> https://security-tracker.debian.org/tracker/CVE-2016-7428
> https://security-tracker.debian.org/tracker/CVE-2016-7434
> https://security-tracker.debian.org/tracker/CVE-2016-9310
> https://security-tracker.debian.org/tracker/CVE-2016-9311
> https://security-tracker.debian.org/tracker/CVE-2016-9312

You mean those that were published today?

> Would you like to take care of this yourself?

If I fix them for stable, I'll also fix them for oldstable. It's
the same upstream version, the patches are identical.

But I just have a new tarball, and diffstat shows:
 187 files changed, 8094 insertions(+), 4295 deletions(-)

And bitkeeper and the git don't have any of the patches.
(Even if they did, it would be non-obvious which commits you need,
they are really good like that.)


Kurt

Re: Wheezy update of openssl?

[Kurt Roeckx]

On Tue, Nov 01, 2016 at 03:09:06PM +0100, Guido Günther wrote:
> Hello dear maintainer(s),
> 
> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of openssl:
> https://security-tracker.debian.org/tracker/CVE-2016-8610

I will fix this soon.


Kurt

[SECURITY] [DLA 637-1] openssl security update

[Kurt Roeckx]

Package: openssl
Version: 1.0.1t-1+deb7u1
CVE ID : CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 
 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6303
 CVE-2016-6304 CVE-2016-6306

Several vulnerabilities were discovered in OpenSSL:

CVE-2016-2177

Guido Vranken discovered that OpenSSL uses undefined pointer
arithmetic. Additional information can be found at
https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/

CVE-2016-2178

Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.

CVE-2016-2179 / CVE-2016-2181

Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.

CVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303

Shi Lei discovered an out-of-bounds memory read in
TS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec()
and MDC2_Update().

CVE-2016-2183

DES-based cipher suites are demoted from the HIGH group to MEDIUM
as a mitigation for the SWEET32 attack.

CVE-2016-6302

Shi Lei discovered that the use of SHA512 in TLS session tickets
is susceptible to denial of service.

CVE-2016-6304

Shi Lei discovered that excessively large OCSP status request may
result in denial of service via memory exhaustion.

CVE-2016-6306

Shi Lei discovered that missing message length validation when parsing
certificates may potentially result in denial of service.

For Debian 7 "Wheezy", these problems have been fixed in version
1.0.1t-1+deb7u1.

We recommend that you upgrade your openssl and libssl1.0.0 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


signature.asc
Description: PGP signature

Accepted openssl 1.0.1t-1+deb7u1 (source all amd64) into oldstable

[Kurt Roeckx]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 25 Sep 2016 11:15:41 +0200
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl-dev libssl-doc 
libssl1.0.0-dbg
Architecture: source all amd64
Version: 1.0.1t-1+deb7u1
Distribution: wheezy-security
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-de...@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <k...@roeckx.be>
Description: 
 libcrypto1.0.0-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl-doc - SSL development documentation documentation
 libssl1.0.0 - SSL shared libraries
 libssl1.0.0-dbg - Symbol tables for libssl and libcrypto
 openssl- Secure Socket Layer (SSL) binary and related cryptographic tools
Changes: 
 openssl (1.0.1t-1+deb7u1) wheezy-security; urgency=medium
 .
   * New upstream version, based on the version in jessie.
 - Remove patches applied upstream
   * Fix CVE-2016-2177
   * Fix CVE-2016-2178
   * Fix CVE-2016-2179
   * Fix CVE-2016-2180
   * Fix CVE-2016-2181
   * Fix CVE-2016-2182
   * Fix CVE-2016-2183
   * Fix CVE-2016-6302
   * Fix CVE-2016-6303
   * Fix CVE-2016-6304
   * Fix CVE-2016-6306
Checksums-Sha1: 
 bf913d2d8b4a6a87b6e5d7abeb24b5f399271fdd 2214 openssl_1.0.1t-1+deb7u1.dsc
 a684ba59d6721a90f354b1953e19611646be7e7d 4556447 openssl_1.0.1t.orig.tar.gz
 ddd7d980d6e4e9808f32dd7840cd982108998ff9 115607 
openssl_1.0.1t-1+deb7u1.debian.tar.gz
 69f68894c3dfe5169615ebbbfbf6da4dff3cd55a 1224416 
libssl-doc_1.0.1t-1+deb7u1_all.deb
 daff7c070b1237ab1d2e958b8f7e9b272a4678cb 700112 
openssl_1.0.1t-1+deb7u1_amd64.deb
 0d849db5fe079d9cc6b1220fa1cf9e0281431f1e 1282744 
libssl1.0.0_1.0.1t-1+deb7u1_amd64.deb
 54edcab8b6cc946d507db5c7f88d112b735065c6 638734 
libcrypto1.0.0-udeb_1.0.1t-1+deb7u1_amd64.udeb
 e837aa34c1ba461c56ef2c7621c8b4a19eff40e2 1791444 
libssl-dev_1.0.1t-1+deb7u1_amd64.deb
 222a28134e577c1618c5f6454f16a22f10ae6bfe 3127982 
libssl1.0.0-dbg_1.0.1t-1+deb7u1_amd64.deb
Checksums-Sha256: 
 b890cf83122acfee7a53286213f4d24aefe68ee475e93ffad7ff499bb7dd8be4 2214 
openssl_1.0.1t-1+deb7u1.dsc
 4a6ee491a2fdb22e519c76fdc2a628bb3cec12762cd456861d207996c8a07088 4556447 
openssl_1.0.1t.orig.tar.gz
 61a86bcd63f23f4f01d29b3226164205873363ea1ac214ece995eab021957ca6 115607 
openssl_1.0.1t-1+deb7u1.debian.tar.gz
 1c542d738e82fd20c3b5050eff2fd41cf987fef58a09722fc836d8bcbac6b7aa 1224416 
libssl-doc_1.0.1t-1+deb7u1_all.deb
 73368485f6e45f7164a65016af181c3ab8353434655860e5da6ebbe0dffbdd03 700112 
openssl_1.0.1t-1+deb7u1_amd64.deb
 4e0585660d80c416c440f29da5c9e4a6a8ad82734fc087104529266ddacd0306 1282744 
libssl1.0.0_1.0.1t-1+deb7u1_amd64.deb
 0ff7c3f7a64f0bf45ba505793a7f5a249090531dbe035ed22367e4089167285f 638734 
libcrypto1.0.0-udeb_1.0.1t-1+deb7u1_amd64.udeb
 91c656d69f4a1cc0da45f2afd6a703c417fbd51996f93601d45a5f8d2d53cbbb 1791444 
libssl-dev_1.0.1t-1+deb7u1_amd64.deb
 6f7d07c6ac2b86eb47d2330561848bae8fe25c93e059d1f3b32c3f6482cb4a01 3127982 
libssl1.0.0-dbg_1.0.1t-1+deb7u1_amd64.deb
Files: 
 95a7114a2ad62bc1da388d0330c926d9 2214 utils optional 
openssl_1.0.1t-1+deb7u1.dsc
 9837746fcf8a6727d46d22ca35953da1 4556447 utils optional 
openssl_1.0.1t.orig.tar.gz
 3a1bc2292946984d26552c8b463f4136 115607 utils optional 
openssl_1.0.1t-1+deb7u1.debian.tar.gz
 f21830c728239c8cdfd309a8f041cacb 1224416 doc optional 
libssl-doc_1.0.1t-1+deb7u1_all.deb
 8db9da69bce2ccb9e45c5b6de73f37d3 700112 utils optional 
openssl_1.0.1t-1+deb7u1_amd64.deb
 ce3d7a479fa8f7d8afe01d7696fd91f9 1282744 libs important 
libssl1.0.0_1.0.1t-1+deb7u1_amd64.deb
 681bcf87ade77c1832909ce3a1ea48f8 638734 debian-installer optional 
libcrypto1.0.0-udeb_1.0.1t-1+deb7u1_amd64.udeb
 8207a61f90bbb10ff96d7b26b03f7d01 1791444 libdevel optional 
libssl-dev_1.0.1t-1+deb7u1_amd64.deb
 e77f8dd8102078649ce1654dc96573f7 3127982 debug extra 
libssl1.0.0-dbg_1.0.1t-1+deb7u1_amd64.deb
Package-Type: udeb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJX56JYAAoJEOPE3c0eTBJEXZ8P/i4WJ4bBqZdE5yJjW5QI49+u
P0yGwaUscY0GVkGAHYv7QCcInsFLQtrK2utplRNVFxMm3nIChQi7pcrA+kPW8mAh
ROVMqpQfVCm41zoNezFX+wCbYQYL9xw1x/wS3LZNo4uTkwUrT1wsaOqKc+LYWL/4
OCh4Wa5D4mtFp70N+0l1KXpCzCFQnvSPhPl60bgvVKwF2gLjyDxcdXHDopIDMtnA
tXvJ1qWwy5dSl8rk9tviaBk4MjYPQPUrdQQPPVKwYKba134lgxyCSIVGBf4ojrye
SR0GPAY6/WFsYKZze8DPm54NXfAOTomcZ+BB+hc73X7ueMdcwaGB/d9nqwWnK8l8
rzcDppHiuga3LbUO77cqxrSgk6MUw1XW0ply9UvsVtNVJXM0MECcaXJylKxO66mw
q3QFw/V0J1zwPuspdAMGp9tlrd4PA6BAXabXxh9c6G+ZiUB5HSXjU7pU+eCGOKtj
Y0OcSeaqXso91D2CdwJyWuUEPaXzSw1Yh8oAzYO0VrRqC5piXyEE0mJ9783BK9Cc
krmgVhSuI8WqxAj3lpIv2Ub0YnCcDE192OGAvJUs8ZS6ajGGvyOJOQ9UGfv7XCh7
hhOxBbtRSzXiWaz0QEZjsewT/gDU0pdjG+RpqU9maciMRdt+50KEsU88FUOCi9PI
e6CEahg+OBcthaRdsm4T
=09ke
-END PGP SIGNATURE-

Re: OpenSSL for wheezy

[Kurt Roeckx]

On Fri, Sep 23, 2016 at 09:43:03PM +0200, Moritz Mühlenhoff wrote:
> On Fri, Sep 23, 2016 at 09:38:10PM +0200, Kurt Roeckx wrote:
> > So I would like to just upload the 1.0.1u version to
> > wheezy-security.  If nobody complains that is what I will do.
> 
> Then the version number in jessie would be lower than in wheezy,
> breaking updates.

It would be the version from jessie with a different number ...


Kurt

OpenSSL for wheezy

[Kurt Roeckx]

Hi,

The version in wheezy-security is currently 1.0.1e-2+deb7u21.
Recently I've changed the jessie version from 1.0.1k to 1.0.1t
without any problem.

Supporting the 1.0.1e now requires a great deal of extra work
because the patches just don't apply.  If it's not because of the
reformatting of the code, it's because various other bugs in the
same code got fixed over the years.

So I would like to just upload the 1.0.1u version to
wheezy-security.  If nobody complains that is what I will do.


Kurt

Re: Security update of ntp

[Kurt Roeckx]

On Mon, Aug 08, 2016 at 01:12:28PM +0200, Ola Lundqvist wrote:
> Hi Kurt
> 
> As a member of the LTS team I have started to look into a ntp security
> update of CVE-2016-4953 mentioned here:
> https://security-tracker.debian.org/tracker/source-package/ntp
> 
> I see that you have prepared security updates for Debian wheezy in the past
> so I would like to check with you if you want to do it this time too, or if
> you'd like me to do that for you.
> 
> Or alternatively that you know it is a non-issue already.
> 
> I can see the following comment about jessie in the security tracker:
> [jessie] - ntp  (Fix for CVE-2016-1547 or CVE-2015-7979
> wasn't backported)
> 
> But it looks like ntp-4.2.6p5-cve-2015-7979.patch is in the wheezy version
> so I guess it is affected, or?
> 
> I have not looked into the details yet as I want to check with you first
> whether you know about this already (I guess you do).

First, the situation for wheezy and jessie should be identical.
They have the same upstream source and should have the same
patches for all security issues.

The fix we use for CVE-2015-7979 is unrelated to the upstream fix,
and so we're not affected by what the upstream patch broke.


Kurt

Re: wheezy update of ntp? (was: squeeze update of ntp?)

[Kurt Roeckx]

On Wed, Jun 01, 2016 at 07:23:22AM +0200, Santiago Ruano Rincón wrote:
> 
> I have picked your patches (I hope all of them) from the svn to build a
> test package, and have also taken a look to remaining issues.  I have
> only could "backport" the fix for CVE-2016-1551, the refclock
> impersonation.

Svn still doesn't contain all the ones I have. Still didn't have
time.


Kurt

Re: [pkg-ntp-maintainers] squeeze update of ntp?

[Kurt Roeckx]

On Wed, May 18, 2016 at 01:24:37PM -0400, Antoine Beaupré wrote:
> On 2016-02-13 05:49:24, Kurt Roeckx wrote:
> > On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote:
> >> Hello dear maintainer(s),
> >> 
> >> The Debian LTS team would like to fix the security issues which are
> >> currently open in the Squeeze version of ntp:
> >> https://security-tracker.debian.org/tracker/source-package/ntp
> >
> > I was under the impression that squeeze LTS support ended?
> >
> >> Would you like to take care of this yourself?
> >> 
> >> Note that all of the squeeze-relevant issues are still open in the 
> >> "newer" Debian releases (wheezy through sid).
> >
> > I'm waiting for upstream to actually fix things.  I estimate it's
> > going to take 2 months.
> 
> Hi!
> 
> That two months delay seems to have expired now. Do you need help
> backporting patches to wheezy?

I need help getting them into jessie in the first place.  It
should normally be trivial to also get them in wheezy in that
case.

> I count around 9 issues still pending in the security tracker for ntp,
> some of them being new since this was last discussed. Those are the
> issues currently pending:

There are 22 open, some of which are marked as non-important.  Of
the new ones some should probably also be marked as such.

I've spend several hours during the weekend going over commits in
bitkeeper.  But as ussual, it's all a big mess.  I have 10 issues
fixed in svn.  I also have 7 files with the patches in as they
apply to 4.2.8 version, but I didn't try to apply them to 4.2.6
version yet, so I have no idea what the state of those patches
is.  Then there also seem to be at least 2 other bug fixes that
appear to be security issues but that didn't get a CVE.


Kurt

[SECURITY] [DLA 456-1] openssl security update

[Kurt Roeckx]

Package: openssl
Version: 1.0.1e-2+deb7u21
CVE ID : CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 
 CVE-2016-2109 CVE-2016-2176

Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer
toolkit.

CVE-2016-2105

Guido Vranken discovered that an overflow can occur in the function
EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can
supply a large amount of data. This could lead to a heap corruption.

CVE-2016-2106

Guido Vranken discovered that an overflow can occur in the function
EVP_EncryptUpdate() if an attacker can supply a large amount of data.
This could lead to a heap corruption.

CVE-2016-2107

Juraj Somorovsky discovered a padding oracle in the AES CBC cipher
implementation based on the AES-NI instruction set. This could allow
an attacker to decrypt TLS traffic encrypted with one of the cipher
suites based on AES CBC.

CVE-2016-2108

David Benjamin from Google discovered that two separate bugs in the
ASN.1 encoder, related to handling of negative zero integer values
and large universal tags, could lead to an out-of-bounds write.

CVE-2016-2109

Brian Carpenter discovered that when ASN.1 data is read from a BIO
using functions such as d2i_CMS_bio(), a short invalid encoding can
casuse allocation of large amounts of memory potentially consuming
excessive resources or exhausting memory.

CVE-2016-2176

Guido Vranken discovered that ASN.1 Strings that are over 1024 bytes
can cause an overread in applications using the X509_NAME_oneline()
function on EBCDIC systems. This could result in arbitrary stack data
being returned in the buffer.

Additional information about these issues can be found in the OpenSSL
security advisory at https://www.openssl.org/news/secadv/20160503.txt



signature.asc
Description: PGP signature

Re: tracking security issues without CVEs

[Kurt Roeckx]

On Sun, Mar 06, 2016 at 03:33:16PM +1100, Brian May wrote:
> Hello,
> 
> Just wondering if there is some other way we can track security issues
> for when CVEs are not available.
> 
> Thinking of imagemagick here, it has a lot of security issues, and
> requests for CVEs are not getting any responses.
> 
> For example, if there are no CVEs are we able to use OVEs instead?

What abaout DWF?

https://distributedweaknessfiling.org/


Kurt

[SECURITY] [DLA 421-1] openssl security update

[Kurt Roeckx]

Package: openssl
Version: 0.9.8o-4squeeze23
CVE ID : CVE-2015-3197

CVE-2015-3197:
A malicious client can negotiate SSLv2 ciphers that have been disabled on the
server and complete SSLv2 handshakes even if all SSLv2 ciphers have been
disabled, provided that the SSLv2 protocol was not also disabled via
SSL_OP_NO_SSLv2.

Additionally, when using a DHE cipher suite a new DH key will always be
generated for each connection.


This will be the last security update for the squeeze version of the package.
The 0.9.8 version is no longer supported and the squeeze LTS support will end
soon.  If you are using openssl you should upgrade to wheezy or preferably
jessie.  The version in those versions contain many security improvements.


Kurt Roeckx



signature.asc
Description: PGP signature

Accepted openssl 0.9.8o-4squeeze23 (source amd64) into squeeze-lts

[Kurt Roeckx]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 20 Feb 2016 12:31:42 +0100
Source: openssl
Binary: openssl libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source amd64
Version: 0.9.8o-4squeeze23
Distribution: squeeze-lts
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-de...@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <k...@roeckx.be>
Description: 
 libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
 openssl- Secure Socket Layer (SSL) binary and related cryptographic tools
Changes: 
 openssl (0.9.8o-4squeeze23) squeeze-lts; urgency=medium
 .
   * Fix CVE-2015-3197
   * Always generate new key for DHE.
Checksums-Sha1: 
 b5338a9b0b20b7827b92e15c247057d5d9a3d8ee 1989 openssl_0.9.8o-4squeeze23.dsc
 f171a7195098630faa8225e271a00743ab796258 143218 
openssl_0.9.8o-4squeeze23.debian.tar.gz
 645a5d54939eb0ab8d4845714247e506a1b377d7 1062132 
openssl_0.9.8o-4squeeze23_amd64.deb
 dd6a9306b898d682b0151ae92dc5bb0c05942d9f 1006322 
libssl0.9.8_0.9.8o-4squeeze23_amd64.deb
 852dc938663fe10d1de7ff80f67f8d8f2d445fbe 645396 
libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb
 f1991eb71a5c1397ba436155288e84353c459575 2309044 
libssl-dev_0.9.8o-4squeeze23_amd64.deb
 dd2a3b11d526400f6d5eaafc262a67ad72602485 1624314 
libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb
Checksums-Sha256: 
 ae152fc44696d1143a10ffc30efbe729c14ed069698fff71666482dd172480bc 1989 
openssl_0.9.8o-4squeeze23.dsc
 a02023d121f088073d070ead4086a62f722bb4dffb15a36977dc014499034738 143218 
openssl_0.9.8o-4squeeze23.debian.tar.gz
 e76cdefb96b9a7727cfeaf2ceb580875efb766c5d0b62e1be69d4a52abda022d 1062132 
openssl_0.9.8o-4squeeze23_amd64.deb
 7859da235541ee906fc08a2c65c3fee9493ab1186c4c2e260bbd023ec7b9fd7b 1006322 
libssl0.9.8_0.9.8o-4squeeze23_amd64.deb
 8ccbe107f6e670e957660b0642fb926b00aa7958e4e5609f6e842c2972ab7465 645396 
libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb
 1bf7e00cbabd12d51df11c65bc39dd02063eba859854fc0f6959292b28378b27 2309044 
libssl-dev_0.9.8o-4squeeze23_amd64.deb
 8be059f6d06d6d1507d33dc66599b15b1f68db5a881ebb01bdc381de5b6275c8 1624314 
libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb
Files: 
 34aea509b286ae1c60f5dab3983d1498 1989 utils optional 
openssl_0.9.8o-4squeeze23.dsc
 9799bc2c8ee7a6e6b2a17783c495353d 143218 utils optional 
openssl_0.9.8o-4squeeze23.debian.tar.gz
 aa30e5dbeaae9987f26ac797a9b81462 1062132 utils optional 
openssl_0.9.8o-4squeeze23_amd64.deb
 bc45c2ce9473307439a1be2d8c5d799a 1006322 libs important 
libssl0.9.8_0.9.8o-4squeeze23_amd64.deb
 917a8d990f540610fe0d382dfaf877a9 645396 debian-installer optional 
libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb
 af60a90c0ab333be1b74042554e3addc 2309044 libdevel optional 
libssl-dev_0.9.8o-4squeeze23_amd64.deb
 fa4052df0b638a61c81ba7f3cfbbaf6f 1624314 debug extra 
libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb
Package-Type: udeb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJWyFkPAAoJEOPE3c0eTBJEKasP/1dAo+X7NZRlBE2tonHYi5y7
OsJJ5KnNa+RLttBDu1Qr8JISCojxeO1Rc6Ss7mUk3lpx4U9ibbNIogLuwBppve8N
kUcQK4ZSqbTs/H0LyQC9tLamEpM3n4Sb6jqxgJu0OC5S/mBUVCfiDN9G0yNwa16A
czSP0qz0+HR5CR+ZeHyyfyEMnjVypu4fAK82m97oi/SUlqH2XlOTvYuenve4ePLI
4frKW/SaJQ4KALpyhP3DMuulEbctYxejzwfH29PO1KcEA2W1bUrJWR8voVm1h7tm
awjDexR6hXX75pdJvVQK40xyqnfIT64UMR4vmFzhFnkoX/FoHjUROO5ZyM5xZosw
dMWBfwsdUYP10DBkWEnEvPWZr0MPQA7JUROZUyPd1SMq/BCSvH72KHdDOC6iS/pW
TJeogRU2Jq/QMYKieTClAeGSlLARdRz2kfof2NozQyLWoSO0gEpnXai9KPD/vGDI
3zGialo8/xAeZ03yS6+5OBQf3lgUDFuKvSBdx88rTp2opzd4eeuHdKYyofU3pxOK
R5MbcogFCV+KiOAb8uGxl24BGacen1ZD+vK8sLQ7R+GcFIa8NBL0GiED6wRnA98v
PNV22nvudEGN8qZb5ksR8k1Gik9MVqS5w0m7yQFZ+QzL4eu4InyvMf7YNrqPdDKY
/RuDwDqWkdkGag7Q7Tdf
=mJAp
-END PGP SIGNATURE-

Re: [pkg-ntp-maintainers] squeeze update of ntp?

[Kurt Roeckx]

On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote:
> Hello dear maintainer(s),
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of ntp:
> https://security-tracker.debian.org/tracker/source-package/ntp

I was under the impression that squeeze LTS support ended?

> Would you like to take care of this yourself?
> 
> Note that all of the squeeze-relevant issues are still open in the 
> "newer" Debian releases (wheezy through sid).

I'm waiting for upstream to actually fix things.  I estimate it's
going to take 2 months.

They're all not that important.


Kurt

Re: [pkg-ntp-maintainers] squeeze update of ntp?

[Kurt Roeckx]

On Sat, Feb 13, 2016 at 03:55:31PM +, Damyan Ivanov wrote:
> -=| Kurt Roeckx, 13.02.2016 11:49:24 +0100 |=-
> > On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote:
> > > Hello dear maintainer(s),
> > > 
> > > The Debian LTS team would like to fix the security issues which are
> > > currently open in the Squeeze version of ntp:
> > > https://security-tracker.debian.org/tracker/source-package/ntp
> > 
> > I was under the impression that squeeze LTS support ended?
> 
> Ends on 29 February. See 
> https://lists.debian.org/debian-announce/2016/msg2.html
> 
> > > Note that all of the squeeze-relevant issues are still open in the 
> > > "newer" Debian releases (wheezy through sid).
> > 
> > I'm waiting for upstream to actually fix things.  I estimate it's
> > going to take 2 months.
> 
> When this happens, do you plan to do a wheezy-lts upload too? (wheeszy 
> will gain LTS support in March).

Yes.

> BTW CVE-2016-0727 seems to me to be Debian-specific, since the cron 
> job is part of debian/. In case you missed it, there is a patch for it 
> at 
> http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/

Nobody seems to have informed me about this ...  At first look
this also doesn't seem that important.


Kurt

[SECURITY] [DLA 358-1] openssl security update

[Kurt Roeckx]

Package: openssl
Version: 0.9.8o-4squeeze22
CVE ID : CVE-2015-3195

When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak
memory. This structure is used by the PKCS#7 and CMS routines so any
application which reads PKCS#7 or CMS data from untrusted sources is affected.
SSL/TLS is not affected.



Kurt



signature.asc
Description: PGP signature

Re: ntp security update

[Kurt Roeckx]

On Wed, Oct 28, 2015 at 09:35:59AM +0900, Ben Hutchings wrote:
> On Tue, 2015-10-27 at 21:57 +0100, Kurt Roeckx wrote:
> > On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote:
> > > I've looked through the upstream repository for the patches that fix he
> > > recently announced issues.  Quite a few of them turned out not to apply
> > > to squeeze, or the newer stable releases, and I've updated the security
> > > tracker accordingly.
> > > 
> > > I backported the remaining fixes as best I can, and uploaded the source
> > > package to:
> > > https://people.debian.org/~benh/packages/squeeze-lts/
> > 
> > So are you going to upload something or should I?
> 
> Could you do it, please?

Sure, I'll do it this evening.


Kurt

Accepted ntp 1:4.2.6.p2+dfsg-1+deb6u4 (source all amd64) into squeeze-lts

[Kurt Roeckx]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 28 Oct 2015 18:47:54 +0100
Source: ntp
Binary: ntp ntpdate ntp-doc
Architecture: source all amd64
Version: 1:4.2.6.p2+dfsg-1+deb6u4
Distribution: squeeze-lts
Urgency: medium
Maintainer: Debian NTP Team <pkg-ntp-maintain...@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <k...@roeckx.be>
Description: 
 ntp- Network Time Protocol daemon and utility programs
 ntp-doc- Network Time Protocol documentation
 ntpdate- client for setting system time from NTP servers
Changes: 
 ntp (1:4.2.6.p2+dfsg-1+deb6u4) squeeze-lts; urgency=medium
 .
   * Fix CVE-2015-7850
   * Fix CVE-2015-7704
   * Fix CVE-2015-7701
   * Fix CVE-2015-7852
   * Fix CVE-2015-7851
   * Fix CVE-2015-7855
   * Fix CVE-2015-7871
   * Rename CVE-2014-9297.patch to CVE-2014-9750.patch.
   * Rename CVE-2014-9298.patch to CVE-2014-9751.patch
   * Rename bug-2797.patch to CVE-2015-3405.patch
   * FIX CVE-2015-5146
   * FIX CVE-2015-5194
   * FIX CVE-2015-5195
   * FIX CVE-2015-7703
   * FIX CVE-2015-5219
   * FIX CVE-2015-5300
   * FIX CVE-2015-7691, CVE-2015-7962, CVE-2015-7702
   * Add build-depends on bison since one of the patches update the .y file.
Checksums-Sha1: 
 25a972fbb438b92a229313ee3ea3026f4344be6b 2118 ntp_4.2.6.p2+dfsg-1+deb6u4.dsc
 f6f1f54da250c8950886ad441e476a0a67425503 448164 
ntp_4.2.6.p2+dfsg-1+deb6u4.debian.tar.gz
 4a4e381ae483c18c07ba56e5c4682f34401e8c38 1142000 
ntp-doc_4.2.6.p2+dfsg-1+deb6u4_all.deb
 f6c12b54c055c1ab7ba4d0f077738c727fdc5d69 501484 
ntp_4.2.6.p2+dfsg-1+deb6u4_amd64.deb
 2b5bf6330711067ff5a3148190b83b034408909c 80860 
ntpdate_4.2.6.p2+dfsg-1+deb6u4_amd64.deb
Checksums-Sha256: 
 5117f1332e0ebca138d27175d05c01fa408b0e53f099574d78e70b589bfdf04f 2118 
ntp_4.2.6.p2+dfsg-1+deb6u4.dsc
 3ebaaf87c01d98e25e785ad56c948e907e94f3496b0bdfb4ee8c201f8be0a2b2 448164 
ntp_4.2.6.p2+dfsg-1+deb6u4.debian.tar.gz
 20b45a2c786e17e067b2226c0bc914c128949a833f6d6ae21bdb22d5dc9249bf 1142000 
ntp-doc_4.2.6.p2+dfsg-1+deb6u4_all.deb
 845b439c679593297389e6a09f3ef2cf9c6b3715c5b67085a3ef9c80c4d4522a 501484 
ntp_4.2.6.p2+dfsg-1+deb6u4_amd64.deb
 99fb7fc47919582ef97e5a5459247e7b403f4f4edb18385608d00e91940c91db 80860 
ntpdate_4.2.6.p2+dfsg-1+deb6u4_amd64.deb
Files: 
 beb2dee26f0d6aec242a17894dd19f50 2118 net optional 
ntp_4.2.6.p2+dfsg-1+deb6u4.dsc
 1843103a46011ee4483606a517ae223b 448164 net optional 
ntp_4.2.6.p2+dfsg-1+deb6u4.debian.tar.gz
 ff7ab3acbb3fa9c2e4b19839d35ebce1 1142000 doc optional 
ntp-doc_4.2.6.p2+dfsg-1+deb6u4_all.deb
 57ec28b896e8409772c39e49dde1ce09 501484 net optional 
ntp_4.2.6.p2+dfsg-1+deb6u4_amd64.deb
 b16712e49fe6d85181cf38d5911d9c6a 80860 net optional 
ntpdate_4.2.6.p2+dfsg-1+deb6u4_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJWMSFMAAoJEOPE3c0eTBJE05EP/21t0a0esLOSnBtRfo4juZWI
HtMLUseapBt10XXd/kT9273ZofYPIWMjHCARMb20wmFZct3UIrWmxDZ1oOI7P99N
PqNzgXyfrE2Gif3CmS7lrU20K3rhXaX8t6cfOwCvrhfPQe+Qjm6MEXv6OhA7nNLj
bwuhWE8efE56uyUTMigXHt6jBAwnnRR6BB7Jb7MqGdP//Tess67bUj4p4a0bitpn
FwH4EK5VzcWXZrAHxJ6Oh3j57Vo/CUn/9m8ObKdMfbYsr3Y6YTayFG2gEjI0gDBX
/j5BuivC5VG4FeYx+2VxqMUsJBSxKApVMtvE2BjI52ZkAnKTHdfbp9yJcy2k+TTP
+BnC2mH3ueTuNTOIdqmSdncFh5Y8E1FAFYIHAxH5kDSwlxUFhBCcbqpr+jl2+LWg
yOdfUyTzI51qnlgqCol+phIfMXE3CsRSVyV+rh99q5gHvlo6CvFMtcGIOczC3wrJ
dF3Oa8ZfF/1oWZck/Wwn9A3/8hSBEzg2QuSAk/ZzOJGwlhR4Ik+Zck24oEKdynPe
gseq33N7jx7ZWVEFJTrhD4zK1nAgANEQreopdxoVNp0I7228HVJsFJyuIsAGV8Bv
i6+Lp1l9bpG1KFML1sB1O3OmX9w3KAL67mYIj84nFI29u78b97UIMRfM26oFji/k
iDfLiX2un802rPc1DTgK
=sO5P
-END PGP SIGNATURE-

[SECURITY] [DLA 335-1] ntp security update

[Kurt Roeckx]

Package: ntp
Version: 1:4.2.6.p2+dfsg-1+deb6u4
CVE ID : CVE-2015-5146 CVE-2015-5194 CVE-2015-5195 CVE-2015-5219 
 CVE-2015-5300 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701
 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7850
 CVE-2015-7851 CVE-2015-7852 CVE-2015-7855 CVE-2015-7871

Several security issues where found in ntp:

CVE-2015-5146

   A flaw was found in the way ntpd processed certain remote
   configuration packets. An attacker could use a specially crafted
   package to cause ntpd to crash if:

   * ntpd enabled remote configuration
   * The attacker had the knowledge of the configuration password
   * The attacker had access to a computer entrusted to perform remote
 configuration

   Note that remote configuration is disabled by default in NTP. 

CVE-2015-5194

It was found that ntpd could crash due to an uninitialized variable
when processing malformed logconfig configuration commands.

CVE-2015-5195

It was found that ntpd exits with a segmentation fault when a
statistics type that was not enabled during compilation (e.g.
timingstats) is referenced by the statistics or filegen
configuration command

CVE-2015-5219

It was discovered that sntp program would hang in an infinite loop when
a crafted NTP packet was received, related to the conversion of the
precision value in the packet to double.

CVE-2015-5300

It was found that ntpd did not correctly implement the -g option:

Normally, ntpd exits with a message to the system log if the offset
exceeds the panic threshold, which is 1000 s by default. This
option allows the time to be set to any value without restriction;
however, this can happen only once. If the threshold is exceeded
after that, ntpd will exit with a message to the system log. This
option can be used with the -q and -x options.

ntpd could actually step the clock multiple times by more than the
panic threshold if its clock discipline doesn't have enough time to
reach the sync state and stay there for at least one update. If a
man-in-the-middle attacker can control the NTP traffic since ntpd
was started (or maybe up to 15-30 minutes after that), they can
prevent the client from reaching the sync state and force it to step
its clock by any amount any number of times, which can be used by
attackers to expire certificates, etc.

This is contrary to what the documentation says. Normally, the
assumption is that an MITM attacker can step the clock more than the
panic threshold only once when ntpd starts and to make a larger
adjustment the attacker has to divide it into multiple smaller
steps, each taking 15 minutes, which is slow.

CVE-2015-7691, CVE-2015-7692, CVE-2015-7702

It was found that the fix for CVE-2014-9750 was incomplete: three
issues were found in the value length checks in ntp_crypto.c, where
a packet with particular autokey operations that contained malicious
data was not always being completely validated. Receipt of these
packets can cause ntpd to crash.

CVE-2015-7701

A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd is
configured to use autokey authentication, an attacker could send
packets to ntpd that would, after several days of ongoing attack,
cause it to run out of memory.

CVE-2015-7703

Miroslav Lichvár of Red Hat found that the :config command can be
used to set the pidfile and driftfile paths without any
restrictions. A remote attacker could use this flaw to overwrite a
file on the file system with a file containing the pid of the ntpd
process (immediately) or the current estimated drift of the system
clock (in hourly intervals). For example:

ntpq -c ':config pidfile /tmp/ntp.pid'
ntpq -c ':config driftfile /tmp/ntp.drift'

In Debian ntpd is configured to drop root privileges, which limits
the impact of this issue.

CVE-2015-7704

When ntpd as an NTP client receives a Kiss-of-Death (KoD) packet
from the server to reduce its polling rate, it doesn't check if the
originate timestamp in the reply matches the transmit timestamp from
its request. An off-path attacker can send a crafted KoD packet to
the client, which will increase the client's polling interval to a
large value and effectively disable synchronization with the server.

CVE-2015-7850

An exploitable denial of service vulnerability exists in the remote
configuration functionality of the Network Time Protocol. A
specially crafted configuration file could cause an endless loop
resulting in a denial of service.  An attacker could provide a the
malicious configuration file to trigger this vulnerability.

CVE-2015-7851

A potential path traversal vulnerability exists in the config file
saving of ntpd on VMS. A specially crafted path could cause a path

Re: ntp security update

[Kurt Roeckx]

On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote:
> I've looked through the upstream repository for the patches that fix he
> recently announced issues.  Quite a few of them turned out not to apply
> to squeeze, or the newer stable releases, and I've updated the security
> tracker accordingly.
> 
> I backported the remaining fixes as best I can, and uploaded the source
> package to:
> https://people.debian.org/~benh/packages/squeeze-lts/

So are you going to upload something or should I?


Kurt

Re: ntp security update

[Kurt Roeckx]

On Sun, Oct 25, 2015 at 11:19:03AM +0100, Kurt Roeckx wrote:
> On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote:
> > I've looked through the upstream repository for the patches that fix he
> > recently announced issues.  Quite a few of them turned out not to apply
> > to squeeze, or the newer stable releases, and I've updated the security
> > tracker accordingly.
> > 
> > I backported the remaining fixes as best I can, and uploaded the source
> > package to:
> > https://people.debian.org/~benh/packages/squeeze-lts/
> > 
> > Would you be willing to review this package?
> > 
> > I noticed that you entirely reverted the upstream patch that was
> > supposed to fix CVE-2015-7704 and -7705, and then applied a different
> > fix for -7704.  I think this means -7705 isn't fixed in sid, though the
> > security tracker currently says it is.  Who's right?
> 
> I can't seem to ge getting much information out of anything from
> upstream.  Lots of things don't seem to be affecting the 4.2.6
> version.
> 
> From what I currently understand the following don't apply to the
> 4.2.6 versions:
> CVE-2015-5196

So it seems they renamed CVE-2015-5196 to CVE-2015-7703.  Your
patch probably makes sense and I should get that fixed in jessie
and wheezy too.

I'm just wondering why you didn't move the T_Pidfile like upstream
did, that part seems to apply.

(I have to go now, will look at it later again.)



Kurt

Re: ntp security update

[Kurt Roeckx]

On Mon, Oct 26, 2015 at 06:55:06AM +0900, Ben Hutchings wrote:
> On Sun, 2015-10-25 at 22:45 +0100, Kurt Roeckx wrote:
> > On Mon, Oct 26, 2015 at 06:13:07AM +0900, Ben Hutchings wrote:
> [...]
> > > > While I have addiotional patches for:
> > > > CVE-2014-9750.patch (it was missing 1 patch while it was fixed it
> > > > seems)
> > > 
> > > Which is split from CVE-2014-9297.
> > 
> > From what I understand CVE-2014-9297 was changed to CVE-2014-9750
> > and CVE-2014-9298 to CVE-2014-9751 because someone mixed them up.
> > There is nothing split.
> > 
> > In any case, there is a patch missing.
> 
> OK, which one is that?  I looked through the upstream commits for bug
> 2671 and they all seemed to have been included in CVE-2014-9297.patch.

*look confused*

At some point 348fc9fa390c7894f589104fbca4d635868b7a45 was
missing.

But redhat has a diff that looks like:
--- ntp_crypto.c 
+++ ntp_crypto.c  
@@ -1575,6 +1575,7 @@
EVP_MD_CTX ctx; /* signature context */
tstamp_t tstamp;/* NTP timestamp */
u_int32 temp32;
+   u_char *puch;

/*
 * Extract the public key from the request.
@@ -1596,9 +1597,9 @@
vallen = EVP_PKEY_size(pkey);
vp->vallen = htonl(vallen);
vp->ptr = emalloc(vallen);
-   ptr = vp->ptr;
+   puch = vp->ptr;
temp32 = htonl(*cookie);
-   if (RSA_public_encrypt(4, (u_char *), ptr,
+   if (RSA_public_encrypt(4, (u_char *), puch,
pkey->pkey.rsa, RSA_PKCS1_OAEP_PADDING) <= 0) {
msyslog(LOG_ERR, "crypto_encrypt: %s",
ERR_error_string(ERR_get_error(), NULL));


(Didn't look at what that does yet, looks like part of a change of
a much older commit.)


Kurt

Re: ntp security update

[Kurt Roeckx]

On Mon, Oct 26, 2015 at 06:13:07AM +0900, Ben Hutchings wrote:
> On Sun, 2015-10-25 at 11:19 +0100, Kurt Roeckx wrote:
> > On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote:
> > > I've looked through the upstream repository for the patches that fix he
> > > recently announced issues.  Quite a few of them turned out not to apply
> > > to squeeze, or the newer stable releases, and I've updated the security
> > > tracker accordingly.
> > > 
> > > I backported the remaining fixes as best I can, and uploaded the source
> > > package to:
> > > https://people.debian.org/~benh/packages/squeeze-lts/
> > > 
> > > Would you be willing to review this package?
> > > 
> > > I noticed that you entirely reverted the upstream patch that was
> > > supposed to fix CVE-2015-7704 and -7705, and then applied a different
> > > fix for -7704.  I think this means -7705 isn't fixed in sid, though the
> > > security tracker currently says it is.  Who's right?
> > 
> > I can't seem to ge getting much information out of anything from
> > upstream.  Lots of things don't seem to be affecting the 4.2.6
> > version.
> >
> > From what I currently understand the following don't apply to the
> > 4.2.6 versions:
> > CVE-2015-5196
> [...]
> > So it seems they renamed CVE-2015-5196 to CVE-2015-7703.  Your
> > patch probably makes sense and I should get that fixed in jessie
> > and wheezy too.
> > 
> > I'm just wondering why you didn't move the T_Pidfile like upstream
> > did, that part seems to apply.
> 
> Not in squeeze; there aren't any separate parsing rules for local and
> remote.
> 
> > Your bug-2899.patch patch looks a little different.  You have:
> > @@ -2207,8 +2221,8 @@ crypto_bob(
> >    vp->sig = emalloc(sign_siglen);
> >    EVP_SignInit(, sign_digest);
> >    EVP_SignUpdate(, (u_char *)>tstamp, 12);
> > -  EVP_SignUpdate(, vp->ptr, vallen);
> > -  if (EVP_SignFinal(, vp->sig, , sign_pkey))
> > +  EVP_SignUpdate(, vp->ptr, len);
> > +  if (EVP_SignFinal(, vp->sig, , sign_pkey))
> >    vp->siglen = htonl(sign_siglen);
> >    return (XEVNT_OK);
> >  }
> > 
> > The patch from upstream and the one from redhat has:
> > @@ -2214,9 +2228,9 @@ crypto_bob(
> > vp->sig = emalloc(sign_siglen);
> > EVP_SignInit(, sign_digest);
> > EVP_SignUpdate(, (u_char *)>tstamp, 12);
> > -   EVP_SignUpdate(, vp->ptr, vallen);
> > -   if (EVP_SignFinal(, vp->sig, , sign_pkey))
> > -   vp->siglen = htonl(sign_siglen);
> > +   EVP_SignUpdate(, vp->ptr, len);
> > +   if (EVP_SignFinal(, vp->sig, , sign_pkey))
> > +   vp->siglen = htonl(len);
> > return (XEVNT_OK);
> >  }
> > 
> > 
> > As in, the htonl() call changes sign_siglen to len.
> 
> No, it changes vallen to len.  But in 4.2.6 vallen is ignored and the
> previously calculated sign_siglen is assumed to be correct.  I didn't
> want to change that.

So from the EVP_SignFinal manpage:
| The number of bytes of data written (i.e. the length of the
| signature) will be written to the integer at s, at most
| EVP_PKEY_size(pkey) bytes will be written.

That is, the signature can be shorter than the key, it depends on
the signature scheme.

And sign_siglen in both 4.2.6 and 4.2.8 is:
sign_siglen = EVP_PKEY_size(sign_pkey);

So maybe the variable name is a little misleading, it's the size
of the key not the signature.


Kurt

[SECURITY] [DLA 247-1] openssl security update

[Kurt Roeckx]

Package: openssl
Version: 0.9.8o-4squeeze21
CVE ID : CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 
 CVE-2015-1792 CVE-2015-4000

Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets
Layer toolkit.

CVE-2014-8176

Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered
that an invalid memory free could be triggered when buffering DTLS
data. This could allow remote attackers to cause a denial of service
(crash) or potentially execute arbitrary code. This issue only
affected the oldstable distribution (wheezy).

CVE-2015-1789

Robert Swiecki and Hanno B??ck discovered that the X509_cmp_time
function could read a few bytes out of bounds. This could allow remote
attackers to cause a denial of service (crash) via crafted
certificates and CRLs.

CVE-2015-1790

Michal Zalewski discovered that the PKCS#7 parsing code did not
properly handle missing content which could lead to a NULL pointer
dereference. This could allow remote attackers to cause a denial of
service (crash) via crafted ASN.1-encoded PKCS#7 blobs.

CVE-2015-1791

Emilia K??sper discovered that a race condition could occur due to
incorrect handling of NewSessionTicket in a multi-threaded client,
leading to a double free. This could allow remote attackers to cause
a denial of service (crash).

CVE-2015-1792

Johannes Bauer discovered that the CMS code could enter an infinite
loop when verifying a signedData message, if presented with an
unknown hash function OID. This could allow remote attackers to cause
a denial of service.

Additionally OpenSSL will now reject handshakes using DH parameters
shorter than 768 bits as a countermeasure against the Logjam attack
(CVE-2015-4000).





signature.asc
Description: Digital signature

Re: squeeze update of ntp?

[Kurt Roeckx]

On Fri, Apr 10, 2015 at 11:05:47PM +0200, Raphael Hertzog wrote:
 Hello dear maintainer(s),
 
 the Debian LTS team would like to fix the security issues which are
 currently open in the Squeeze version of ntp:
 https://security-tracker.debian.org/tracker/CVE-2015-1798
 https://security-tracker.debian.org/tracker/CVE-2015-1799
 https://security-tracker.debian.org/tracker/TEMP-000-C29A8D
 
 Would you like to take care of this yourself? We are still understaffed so
 any help is always highly appreciated.

You really don't have patience do you?


Kurt


-- 
To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150410211355.ga2...@roeckx.be

Re: squeeze update of ntp?

[Kurt Roeckx]

On Fri, Apr 10, 2015 at 11:33:22PM +0200, Raphael Hertzog wrote:
 Hi,
 
 On Fri, 10 Apr 2015, Kurt Roeckx wrote:
  On Fri, Apr 10, 2015 at 11:05:47PM +0200, Raphael Hertzog wrote:
   Would you like to take care of this yourself? We are still understaffed so
   any help is always highly appreciated.
  
  You really don't have patience do you?
 
 I do, but contacting maintainers is just part of the workflow of CVE
 triage we defined for Debian LTS. Sorry if this mail bothered you. Is
 there a way to do it that would have been better received on your side?

The upload to unstable (and wheezy) only happened a few hours ago
because I didn't have time before.


Kurt


-- 
To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150410215649.ga12...@roeckx.be

Re: squeeze update of openssl?

[Kurt Roeckx]

On Mon, Mar 09, 2015 at 04:29:43PM +0100, Raphael Hertzog wrote:
 Hello dear maintainer(s),
 
 the Debian LTS team would like to fix the security issues which are
 currently open in the Squeeze version of openssl:
 https://security-tracker.debian.org/tracker/CVE-2015-0209
 https://security-tracker.debian.org/tracker/CVE-2015-0288

Please ignore them for now.  They are not yet fixed in any branch,
but will be taking care of.


Kurt


-- 
To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150309171443.ga6...@roeckx.be