Re: Wheezy update of libmad?
On Fri, May 11, 2018 at 09:25:17AM +0200, Emilio Pozuelo Monfort wrote: > Hi Kurt, > > On 30/01/18 21:59, Kurt Roeckx wrote: > > On Tue, Jan 30, 2018 at 08:33:53PM +0100, Ola Lundqvist wrote: > >> Dear maintainers, > >> > >> The Debian LTS team would like to fix the security issues which are > >> currently open in the Wheezy version of libmad: > >> https://security-tracker.debian.org/tracker/CVE-2017-8372 > >> https://security-tracker.debian.org/tracker/CVE-2017-8373 > >> https://security-tracker.debian.org/tracker/CVE-2017-8374 > >> > >> Would you like to take care of this yourself? > > > > I will take care of them myself. > > I see that the update happened for jessie/stretch. wheezy has the same > upstream > version as jessie so the patches should apply cleanly there. I suppose you are > doing the update but if you lack the time let me know and I can help. I'm still unable to do build packages for wheezy, so if you can help with it that would be great. It's really the same patches that were applied to all other versions. Kurt
Re: Wheezy update of libmad?
On Tue, Jan 30, 2018 at 08:33:53PM +0100, Ola Lundqvist wrote: > Dear maintainers, > > The Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of libmad: > https://security-tracker.debian.org/tracker/CVE-2017-8372 > https://security-tracker.debian.org/tracker/CVE-2017-8373 > https://security-tracker.debian.org/tracker/CVE-2017-8374 > > Would you like to take care of this yourself? I will take care of them myself. Kurt
Re: Security update of OpenSSL 1.0.1t-1+deb7u3
On Wed, Nov 08, 2017 at 11:22:24PM +0100, Markus Koschany wrote: > Am 08.11.2017 um 23:04 schrieb Kurt Roeckx: > > On Wed, Nov 08, 2017 at 10:07:57PM +0100, Markus Koschany wrote: > >> Hello Kurt, > >> > >> we saw that you reserved a DLA number for OpenSSL last week but the new > >> version 1.0.1t-1+deb7u3 has not been uploaded yet. Is there anything we > >> can do to assist you? > > > > The package has been ready in svn since then. But I have a problem > > going into my wheezy chroot. I've been told I need to booth with > > vsyscall emulation turned on, but I haven't had time to reboot > > yet. > > Shall I checkout the wheezy branch and revision 922 and upload the > package right now? You just have to send the DLA to the > debian-lts-announce mailing list but I can take care of that as well if > you wish. I just fixed something in revision 931. I've put a .dsc at: https://people.debian.org/~kroeckx/openssl/openssl_1.0.1t-1+deb7u3.dsc Feel free to upload that and send the announcement. Kurt
Re: Security update of OpenSSL 1.0.1t-1+deb7u3
On Wed, Nov 08, 2017 at 10:07:57PM +0100, Markus Koschany wrote: > Hello Kurt, > > we saw that you reserved a DLA number for OpenSSL last week but the new > version 1.0.1t-1+deb7u3 has not been uploaded yet. Is there anything we > can do to assist you? The package has been ready in svn since then. But I have a problem going into my wheezy chroot. I've been told I need to booth with vsyscall emulation turned on, but I haven't had time to reboot yet. Kurt
Re: [pkg-mad-maintainers] Wheezy update of libmad?
On Mon, Aug 07, 2017 at 07:39:34AM -0400, Chris Lamb wrote: > Dear maintainer(s), > > The Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of libmad: > https://security-tracker.debian.org/tracker/source-package/libmad > > Would you like to take care of this yourself? This is not fixed in any of the suites, there is no patch available yet. If I have a patch I will upload it to all suites. Kurt
Re: should ca-certificates certdata.txt synchronize across all suites?
On Fri, Jul 21, 2017 at 04:47:23PM -0400, Antoine Beaupré wrote: > On 2017-07-21 22:19:20, Philipp Kern wrote: > > My point was that you state what your delta is and essentially boils > > down to attach the diff of what will actually happen to the .deb. I > > think it's generally fine to add new CAs and remove fully distrusted > > ones, instead of saying "it should just be in sync with unstable". The > > latter contains a lot more nuance if you know that some of the rules are > > only available in code. > > Thank you for taking the time to clarify your position, I understand it > much better now. :) > > Makes perfect sense, I'll try to be clearer in future communications to > avoid such confusion. Mozilla has various extra distrust/partial trust rules that are now coded in either NSS or Firefox itself. But we're not even using the distrust/partial trust information currently in certdata.txt. Other than what is in certdata.txt + code, there are also certificates that are distrusted by using OneCRL. I currently see no reason not to ship certdata.txt in all distributions. In any case, I think we should try to implement all the rules that Mozilla applies in all software that deals with certificate. And at least Mozilla is interested in that, and at least some of the OpenSSL people would also like to see OpenSSL have more checks than that currently happen. Kurt
Re: Wheezy update of ntp?
On Wed, Mar 22, 2017 at 09:02:16PM +0100, Ola Lundqvist wrote: > Hello dear maintainer(s), > > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of ntp: > https://security-tracker.debian.org/tracker/CVE-2017-6460 > https://security-tracker.debian.org/tracker/CVE-2017-6463 > https://security-tracker.debian.org/tracker/CVE-2017-6464 Are you really asking again hours after those CVEs have been made public, and it's not fixed yet in any other branch? > Would you like to take care of this yourself? Yes, like always, I will do this myself. Kurt
Re: openssl wheezy update
On Tue, Jan 31, 2017 at 11:13:55PM +0100, Emilio Pozuelo Monfort wrote: > Hi Kurt, > > I have prepared an update of openssl for wheezy based on 1.0.1t-1+deb8u6. I > have > done some smoke testing on it and it seems fine, but I haven't been able to > verify the three fixes as I can't find exploits for them (there is mention of > one for CVE-2016-8610 in [1] but I can't find the actual file). > > Do you have any suggestion for how to verify / test the update? > > Do you want to upload this or should I take care of it? Feel free to upload this. The usptream version in jessie and wheezy, so the patches should just apply. I only have a test for the 32 bit crashes. It would require to get the fuzzers working in the 1.0.1 version, which should be that hard. The other would be a cache timing attack, and I really have no good way to test that. I suggest you just upload it. Kurt
Re: [pkg-ntp-maintainers] Wheezy update of ntp?
On Mon, Nov 21, 2016 at 11:13:13PM +0100, Ola Lundqvist wrote: > Hello dear maintainer(s), > > The Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of ntp: > https://security-tracker.debian.org/tracker/CVE-2016-7426 > https://security-tracker.debian.org/tracker/CVE-2016-7427 > https://security-tracker.debian.org/tracker/CVE-2016-7428 > https://security-tracker.debian.org/tracker/CVE-2016-7434 > https://security-tracker.debian.org/tracker/CVE-2016-9310 > https://security-tracker.debian.org/tracker/CVE-2016-9311 > https://security-tracker.debian.org/tracker/CVE-2016-9312 You mean those that were published today? > Would you like to take care of this yourself? If I fix them for stable, I'll also fix them for oldstable. It's the same upstream version, the patches are identical. But I just have a new tarball, and diffstat shows: 187 files changed, 8094 insertions(+), 4295 deletions(-) And bitkeeper and the git don't have any of the patches. (Even if they did, it would be non-obvious which commits you need, they are really good like that.) Kurt
Re: Wheezy update of openssl?
On Tue, Nov 01, 2016 at 03:09:06PM +0100, Guido Günther wrote: > Hello dear maintainer(s), > > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of openssl: > https://security-tracker.debian.org/tracker/CVE-2016-8610 I will fix this soon. Kurt
[SECURITY] [DLA 637-1] openssl security update
Package: openssl Version: 1.0.1t-1+deb7u1 CVE ID : CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ CVE-2016-2178 Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code. CVE-2016-2179 / CVE-2016-2181 Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS. CVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303 Shi Lei discovered an out-of-bounds memory read in TS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec() and MDC2_Update(). CVE-2016-2183 DES-based cipher suites are demoted from the HIGH group to MEDIUM as a mitigation for the SWEET32 attack. CVE-2016-6302 Shi Lei discovered that the use of SHA512 in TLS session tickets is susceptible to denial of service. CVE-2016-6304 Shi Lei discovered that excessively large OCSP status request may result in denial of service via memory exhaustion. CVE-2016-6306 Shi Lei discovered that missing message length validation when parsing certificates may potentially result in denial of service. For Debian 7 "Wheezy", these problems have been fixed in version 1.0.1t-1+deb7u1. We recommend that you upgrade your openssl and libssl1.0.0 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS signature.asc Description: PGP signature
Accepted openssl 1.0.1t-1+deb7u1 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 25 Sep 2016 11:15:41 +0200 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: source all amd64 Version: 1.0.1t-1+deb7u1 Distribution: wheezy-security Urgency: medium Maintainer: Debian OpenSSL Team <pkg-openssl-de...@lists.alioth.debian.org> Changed-By: Kurt Roeckx <k...@roeckx.be> Description: libcrypto1.0.0-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl-doc - SSL development documentation documentation libssl1.0.0 - SSL shared libraries libssl1.0.0-dbg - Symbol tables for libssl and libcrypto openssl- Secure Socket Layer (SSL) binary and related cryptographic tools Changes: openssl (1.0.1t-1+deb7u1) wheezy-security; urgency=medium . * New upstream version, based on the version in jessie. - Remove patches applied upstream * Fix CVE-2016-2177 * Fix CVE-2016-2178 * Fix CVE-2016-2179 * Fix CVE-2016-2180 * Fix CVE-2016-2181 * Fix CVE-2016-2182 * Fix CVE-2016-2183 * Fix CVE-2016-6302 * Fix CVE-2016-6303 * Fix CVE-2016-6304 * Fix CVE-2016-6306 Checksums-Sha1: bf913d2d8b4a6a87b6e5d7abeb24b5f399271fdd 2214 openssl_1.0.1t-1+deb7u1.dsc a684ba59d6721a90f354b1953e19611646be7e7d 4556447 openssl_1.0.1t.orig.tar.gz ddd7d980d6e4e9808f32dd7840cd982108998ff9 115607 openssl_1.0.1t-1+deb7u1.debian.tar.gz 69f68894c3dfe5169615ebbbfbf6da4dff3cd55a 1224416 libssl-doc_1.0.1t-1+deb7u1_all.deb daff7c070b1237ab1d2e958b8f7e9b272a4678cb 700112 openssl_1.0.1t-1+deb7u1_amd64.deb 0d849db5fe079d9cc6b1220fa1cf9e0281431f1e 1282744 libssl1.0.0_1.0.1t-1+deb7u1_amd64.deb 54edcab8b6cc946d507db5c7f88d112b735065c6 638734 libcrypto1.0.0-udeb_1.0.1t-1+deb7u1_amd64.udeb e837aa34c1ba461c56ef2c7621c8b4a19eff40e2 1791444 libssl-dev_1.0.1t-1+deb7u1_amd64.deb 222a28134e577c1618c5f6454f16a22f10ae6bfe 3127982 libssl1.0.0-dbg_1.0.1t-1+deb7u1_amd64.deb Checksums-Sha256: b890cf83122acfee7a53286213f4d24aefe68ee475e93ffad7ff499bb7dd8be4 2214 openssl_1.0.1t-1+deb7u1.dsc 4a6ee491a2fdb22e519c76fdc2a628bb3cec12762cd456861d207996c8a07088 4556447 openssl_1.0.1t.orig.tar.gz 61a86bcd63f23f4f01d29b3226164205873363ea1ac214ece995eab021957ca6 115607 openssl_1.0.1t-1+deb7u1.debian.tar.gz 1c542d738e82fd20c3b5050eff2fd41cf987fef58a09722fc836d8bcbac6b7aa 1224416 libssl-doc_1.0.1t-1+deb7u1_all.deb 73368485f6e45f7164a65016af181c3ab8353434655860e5da6ebbe0dffbdd03 700112 openssl_1.0.1t-1+deb7u1_amd64.deb 4e0585660d80c416c440f29da5c9e4a6a8ad82734fc087104529266ddacd0306 1282744 libssl1.0.0_1.0.1t-1+deb7u1_amd64.deb 0ff7c3f7a64f0bf45ba505793a7f5a249090531dbe035ed22367e4089167285f 638734 libcrypto1.0.0-udeb_1.0.1t-1+deb7u1_amd64.udeb 91c656d69f4a1cc0da45f2afd6a703c417fbd51996f93601d45a5f8d2d53cbbb 1791444 libssl-dev_1.0.1t-1+deb7u1_amd64.deb 6f7d07c6ac2b86eb47d2330561848bae8fe25c93e059d1f3b32c3f6482cb4a01 3127982 libssl1.0.0-dbg_1.0.1t-1+deb7u1_amd64.deb Files: 95a7114a2ad62bc1da388d0330c926d9 2214 utils optional openssl_1.0.1t-1+deb7u1.dsc 9837746fcf8a6727d46d22ca35953da1 4556447 utils optional openssl_1.0.1t.orig.tar.gz 3a1bc2292946984d26552c8b463f4136 115607 utils optional openssl_1.0.1t-1+deb7u1.debian.tar.gz f21830c728239c8cdfd309a8f041cacb 1224416 doc optional libssl-doc_1.0.1t-1+deb7u1_all.deb 8db9da69bce2ccb9e45c5b6de73f37d3 700112 utils optional openssl_1.0.1t-1+deb7u1_amd64.deb ce3d7a479fa8f7d8afe01d7696fd91f9 1282744 libs important libssl1.0.0_1.0.1t-1+deb7u1_amd64.deb 681bcf87ade77c1832909ce3a1ea48f8 638734 debian-installer optional libcrypto1.0.0-udeb_1.0.1t-1+deb7u1_amd64.udeb 8207a61f90bbb10ff96d7b26b03f7d01 1791444 libdevel optional libssl-dev_1.0.1t-1+deb7u1_amd64.deb e77f8dd8102078649ce1654dc96573f7 3127982 debug extra libssl1.0.0-dbg_1.0.1t-1+deb7u1_amd64.deb Package-Type: udeb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJX56JYAAoJEOPE3c0eTBJEXZ8P/i4WJ4bBqZdE5yJjW5QI49+u P0yGwaUscY0GVkGAHYv7QCcInsFLQtrK2utplRNVFxMm3nIChQi7pcrA+kPW8mAh ROVMqpQfVCm41zoNezFX+wCbYQYL9xw1x/wS3LZNo4uTkwUrT1wsaOqKc+LYWL/4 OCh4Wa5D4mtFp70N+0l1KXpCzCFQnvSPhPl60bgvVKwF2gLjyDxcdXHDopIDMtnA tXvJ1qWwy5dSl8rk9tviaBk4MjYPQPUrdQQPPVKwYKba134lgxyCSIVGBf4ojrye SR0GPAY6/WFsYKZze8DPm54NXfAOTomcZ+BB+hc73X7ueMdcwaGB/d9nqwWnK8l8 rzcDppHiuga3LbUO77cqxrSgk6MUw1XW0ply9UvsVtNVJXM0MECcaXJylKxO66mw q3QFw/V0J1zwPuspdAMGp9tlrd4PA6BAXabXxh9c6G+ZiUB5HSXjU7pU+eCGOKtj Y0OcSeaqXso91D2CdwJyWuUEPaXzSw1Yh8oAzYO0VrRqC5piXyEE0mJ9783BK9Cc krmgVhSuI8WqxAj3lpIv2Ub0YnCcDE192OGAvJUs8ZS6ajGGvyOJOQ9UGfv7XCh7 hhOxBbtRSzXiWaz0QEZjsewT/gDU0pdjG+RpqU9maciMRdt+50KEsU88FUOCi9PI e6CEahg+OBcthaRdsm4T =09ke -END PGP SIGNATURE-
Re: OpenSSL for wheezy
On Fri, Sep 23, 2016 at 09:43:03PM +0200, Moritz Mühlenhoff wrote: > On Fri, Sep 23, 2016 at 09:38:10PM +0200, Kurt Roeckx wrote: > > So I would like to just upload the 1.0.1u version to > > wheezy-security. If nobody complains that is what I will do. > > Then the version number in jessie would be lower than in wheezy, > breaking updates. It would be the version from jessie with a different number ... Kurt
OpenSSL for wheezy
Hi, The version in wheezy-security is currently 1.0.1e-2+deb7u21. Recently I've changed the jessie version from 1.0.1k to 1.0.1t without any problem. Supporting the 1.0.1e now requires a great deal of extra work because the patches just don't apply. If it's not because of the reformatting of the code, it's because various other bugs in the same code got fixed over the years. So I would like to just upload the 1.0.1u version to wheezy-security. If nobody complains that is what I will do. Kurt
Re: Security update of ntp
On Mon, Aug 08, 2016 at 01:12:28PM +0200, Ola Lundqvist wrote: > Hi Kurt > > As a member of the LTS team I have started to look into a ntp security > update of CVE-2016-4953 mentioned here: > https://security-tracker.debian.org/tracker/source-package/ntp > > I see that you have prepared security updates for Debian wheezy in the past > so I would like to check with you if you want to do it this time too, or if > you'd like me to do that for you. > > Or alternatively that you know it is a non-issue already. > > I can see the following comment about jessie in the security tracker: > [jessie] - ntp (Fix for CVE-2016-1547 or CVE-2015-7979 > wasn't backported) > > But it looks like ntp-4.2.6p5-cve-2015-7979.patch is in the wheezy version > so I guess it is affected, or? > > I have not looked into the details yet as I want to check with you first > whether you know about this already (I guess you do). First, the situation for wheezy and jessie should be identical. They have the same upstream source and should have the same patches for all security issues. The fix we use for CVE-2015-7979 is unrelated to the upstream fix, and so we're not affected by what the upstream patch broke. Kurt
Re: wheezy update of ntp? (was: squeeze update of ntp?)
On Wed, Jun 01, 2016 at 07:23:22AM +0200, Santiago Ruano Rincón wrote: > > I have picked your patches (I hope all of them) from the svn to build a > test package, and have also taken a look to remaining issues. I have > only could "backport" the fix for CVE-2016-1551, the refclock > impersonation. Svn still doesn't contain all the ones I have. Still didn't have time. Kurt
Re: [pkg-ntp-maintainers] squeeze update of ntp?
On Wed, May 18, 2016 at 01:24:37PM -0400, Antoine Beaupré wrote: > On 2016-02-13 05:49:24, Kurt Roeckx wrote: > > On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote: > >> Hello dear maintainer(s), > >> > >> The Debian LTS team would like to fix the security issues which are > >> currently open in the Squeeze version of ntp: > >> https://security-tracker.debian.org/tracker/source-package/ntp > > > > I was under the impression that squeeze LTS support ended? > > > >> Would you like to take care of this yourself? > >> > >> Note that all of the squeeze-relevant issues are still open in the > >> "newer" Debian releases (wheezy through sid). > > > > I'm waiting for upstream to actually fix things. I estimate it's > > going to take 2 months. > > Hi! > > That two months delay seems to have expired now. Do you need help > backporting patches to wheezy? I need help getting them into jessie in the first place. It should normally be trivial to also get them in wheezy in that case. > I count around 9 issues still pending in the security tracker for ntp, > some of them being new since this was last discussed. Those are the > issues currently pending: There are 22 open, some of which are marked as non-important. Of the new ones some should probably also be marked as such. I've spend several hours during the weekend going over commits in bitkeeper. But as ussual, it's all a big mess. I have 10 issues fixed in svn. I also have 7 files with the patches in as they apply to 4.2.8 version, but I didn't try to apply them to 4.2.6 version yet, so I have no idea what the state of those patches is. Then there also seem to be at least 2 other bug fixes that appear to be security issues but that didn't get a CVE. Kurt
[SECURITY] [DLA 456-1] openssl security update
Package: openssl Version: 1.0.1e-2+deb7u21 CVE ID : CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit. CVE-2016-2105 Guido Vranken discovered that an overflow can occur in the function EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can supply a large amount of data. This could lead to a heap corruption. CVE-2016-2106 Guido Vranken discovered that an overflow can occur in the function EVP_EncryptUpdate() if an attacker can supply a large amount of data. This could lead to a heap corruption. CVE-2016-2107 Juraj Somorovsky discovered a padding oracle in the AES CBC cipher implementation based on the AES-NI instruction set. This could allow an attacker to decrypt TLS traffic encrypted with one of the cipher suites based on AES CBC. CVE-2016-2108 David Benjamin from Google discovered that two separate bugs in the ASN.1 encoder, related to handling of negative zero integer values and large universal tags, could lead to an out-of-bounds write. CVE-2016-2109 Brian Carpenter discovered that when ASN.1 data is read from a BIO using functions such as d2i_CMS_bio(), a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory. CVE-2016-2176 Guido Vranken discovered that ASN.1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer. Additional information about these issues can be found in the OpenSSL security advisory at https://www.openssl.org/news/secadv/20160503.txt signature.asc Description: PGP signature
Re: tracking security issues without CVEs
On Sun, Mar 06, 2016 at 03:33:16PM +1100, Brian May wrote: > Hello, > > Just wondering if there is some other way we can track security issues > for when CVEs are not available. > > Thinking of imagemagick here, it has a lot of security issues, and > requests for CVEs are not getting any responses. > > For example, if there are no CVEs are we able to use OVEs instead? What abaout DWF? https://distributedweaknessfiling.org/ Kurt
[SECURITY] [DLA 421-1] openssl security update
Package: openssl Version: 0.9.8o-4squeeze23 CVE ID : CVE-2015-3197 CVE-2015-3197: A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2. Additionally, when using a DHE cipher suite a new DH key will always be generated for each connection. This will be the last security update for the squeeze version of the package. The 0.9.8 version is no longer supported and the squeeze LTS support will end soon. If you are using openssl you should upgrade to wheezy or preferably jessie. The version in those versions contain many security improvements. Kurt Roeckx signature.asc Description: PGP signature
Accepted openssl 0.9.8o-4squeeze23 (source amd64) into squeeze-lts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 20 Feb 2016 12:31:42 +0100 Source: openssl Binary: openssl libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg Architecture: source amd64 Version: 0.9.8o-4squeeze23 Distribution: squeeze-lts Urgency: medium Maintainer: Debian OpenSSL Team <pkg-openssl-de...@lists.alioth.debian.org> Changed-By: Kurt Roeckx <k...@roeckx.be> Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto openssl- Secure Socket Layer (SSL) binary and related cryptographic tools Changes: openssl (0.9.8o-4squeeze23) squeeze-lts; urgency=medium . * Fix CVE-2015-3197 * Always generate new key for DHE. Checksums-Sha1: b5338a9b0b20b7827b92e15c247057d5d9a3d8ee 1989 openssl_0.9.8o-4squeeze23.dsc f171a7195098630faa8225e271a00743ab796258 143218 openssl_0.9.8o-4squeeze23.debian.tar.gz 645a5d54939eb0ab8d4845714247e506a1b377d7 1062132 openssl_0.9.8o-4squeeze23_amd64.deb dd6a9306b898d682b0151ae92dc5bb0c05942d9f 1006322 libssl0.9.8_0.9.8o-4squeeze23_amd64.deb 852dc938663fe10d1de7ff80f67f8d8f2d445fbe 645396 libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb f1991eb71a5c1397ba436155288e84353c459575 2309044 libssl-dev_0.9.8o-4squeeze23_amd64.deb dd2a3b11d526400f6d5eaafc262a67ad72602485 1624314 libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb Checksums-Sha256: ae152fc44696d1143a10ffc30efbe729c14ed069698fff71666482dd172480bc 1989 openssl_0.9.8o-4squeeze23.dsc a02023d121f088073d070ead4086a62f722bb4dffb15a36977dc014499034738 143218 openssl_0.9.8o-4squeeze23.debian.tar.gz e76cdefb96b9a7727cfeaf2ceb580875efb766c5d0b62e1be69d4a52abda022d 1062132 openssl_0.9.8o-4squeeze23_amd64.deb 7859da235541ee906fc08a2c65c3fee9493ab1186c4c2e260bbd023ec7b9fd7b 1006322 libssl0.9.8_0.9.8o-4squeeze23_amd64.deb 8ccbe107f6e670e957660b0642fb926b00aa7958e4e5609f6e842c2972ab7465 645396 libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb 1bf7e00cbabd12d51df11c65bc39dd02063eba859854fc0f6959292b28378b27 2309044 libssl-dev_0.9.8o-4squeeze23_amd64.deb 8be059f6d06d6d1507d33dc66599b15b1f68db5a881ebb01bdc381de5b6275c8 1624314 libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb Files: 34aea509b286ae1c60f5dab3983d1498 1989 utils optional openssl_0.9.8o-4squeeze23.dsc 9799bc2c8ee7a6e6b2a17783c495353d 143218 utils optional openssl_0.9.8o-4squeeze23.debian.tar.gz aa30e5dbeaae9987f26ac797a9b81462 1062132 utils optional openssl_0.9.8o-4squeeze23_amd64.deb bc45c2ce9473307439a1be2d8c5d799a 1006322 libs important libssl0.9.8_0.9.8o-4squeeze23_amd64.deb 917a8d990f540610fe0d382dfaf877a9 645396 debian-installer optional libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb af60a90c0ab333be1b74042554e3addc 2309044 libdevel optional libssl-dev_0.9.8o-4squeeze23_amd64.deb fa4052df0b638a61c81ba7f3cfbbaf6f 1624314 debug extra libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb Package-Type: udeb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJWyFkPAAoJEOPE3c0eTBJEKasP/1dAo+X7NZRlBE2tonHYi5y7 OsJJ5KnNa+RLttBDu1Qr8JISCojxeO1Rc6Ss7mUk3lpx4U9ibbNIogLuwBppve8N kUcQK4ZSqbTs/H0LyQC9tLamEpM3n4Sb6jqxgJu0OC5S/mBUVCfiDN9G0yNwa16A czSP0qz0+HR5CR+ZeHyyfyEMnjVypu4fAK82m97oi/SUlqH2XlOTvYuenve4ePLI 4frKW/SaJQ4KALpyhP3DMuulEbctYxejzwfH29PO1KcEA2W1bUrJWR8voVm1h7tm awjDexR6hXX75pdJvVQK40xyqnfIT64UMR4vmFzhFnkoX/FoHjUROO5ZyM5xZosw dMWBfwsdUYP10DBkWEnEvPWZr0MPQA7JUROZUyPd1SMq/BCSvH72KHdDOC6iS/pW TJeogRU2Jq/QMYKieTClAeGSlLARdRz2kfof2NozQyLWoSO0gEpnXai9KPD/vGDI 3zGialo8/xAeZ03yS6+5OBQf3lgUDFuKvSBdx88rTp2opzd4eeuHdKYyofU3pxOK R5MbcogFCV+KiOAb8uGxl24BGacen1ZD+vK8sLQ7R+GcFIa8NBL0GiED6wRnA98v PNV22nvudEGN8qZb5ksR8k1Gik9MVqS5w0m7yQFZ+QzL4eu4InyvMf7YNrqPdDKY /RuDwDqWkdkGag7Q7Tdf =mJAp -END PGP SIGNATURE-
Re: [pkg-ntp-maintainers] squeeze update of ntp?
On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote: > Hello dear maintainer(s), > > The Debian LTS team would like to fix the security issues which are > currently open in the Squeeze version of ntp: > https://security-tracker.debian.org/tracker/source-package/ntp I was under the impression that squeeze LTS support ended? > Would you like to take care of this yourself? > > Note that all of the squeeze-relevant issues are still open in the > "newer" Debian releases (wheezy through sid). I'm waiting for upstream to actually fix things. I estimate it's going to take 2 months. They're all not that important. Kurt
Re: [pkg-ntp-maintainers] squeeze update of ntp?
On Sat, Feb 13, 2016 at 03:55:31PM +, Damyan Ivanov wrote: > -=| Kurt Roeckx, 13.02.2016 11:49:24 +0100 |=- > > On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote: > > > Hello dear maintainer(s), > > > > > > The Debian LTS team would like to fix the security issues which are > > > currently open in the Squeeze version of ntp: > > > https://security-tracker.debian.org/tracker/source-package/ntp > > > > I was under the impression that squeeze LTS support ended? > > Ends on 29 February. See > https://lists.debian.org/debian-announce/2016/msg2.html > > > > Note that all of the squeeze-relevant issues are still open in the > > > "newer" Debian releases (wheezy through sid). > > > > I'm waiting for upstream to actually fix things. I estimate it's > > going to take 2 months. > > When this happens, do you plan to do a wheezy-lts upload too? (wheeszy > will gain LTS support in March). Yes. > BTW CVE-2016-0727 seems to me to be Debian-specific, since the cron > job is part of debian/. In case you missed it, there is a patch for it > at > http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Nobody seems to have informed me about this ... At first look this also doesn't seem that important. Kurt
[SECURITY] [DLA 358-1] openssl security update
Package: openssl Version: 0.9.8o-4squeeze22 CVE ID : CVE-2015-3195 When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. Kurt signature.asc Description: PGP signature
Re: ntp security update
On Wed, Oct 28, 2015 at 09:35:59AM +0900, Ben Hutchings wrote: > On Tue, 2015-10-27 at 21:57 +0100, Kurt Roeckx wrote: > > On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote: > > > I've looked through the upstream repository for the patches that fix he > > > recently announced issues. Quite a few of them turned out not to apply > > > to squeeze, or the newer stable releases, and I've updated the security > > > tracker accordingly. > > > > > > I backported the remaining fixes as best I can, and uploaded the source > > > package to: > > > https://people.debian.org/~benh/packages/squeeze-lts/ > > > > So are you going to upload something or should I? > > Could you do it, please? Sure, I'll do it this evening. Kurt
Accepted ntp 1:4.2.6.p2+dfsg-1+deb6u4 (source all amd64) into squeeze-lts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 28 Oct 2015 18:47:54 +0100 Source: ntp Binary: ntp ntpdate ntp-doc Architecture: source all amd64 Version: 1:4.2.6.p2+dfsg-1+deb6u4 Distribution: squeeze-lts Urgency: medium Maintainer: Debian NTP Team <pkg-ntp-maintain...@lists.alioth.debian.org> Changed-By: Kurt Roeckx <k...@roeckx.be> Description: ntp- Network Time Protocol daemon and utility programs ntp-doc- Network Time Protocol documentation ntpdate- client for setting system time from NTP servers Changes: ntp (1:4.2.6.p2+dfsg-1+deb6u4) squeeze-lts; urgency=medium . * Fix CVE-2015-7850 * Fix CVE-2015-7704 * Fix CVE-2015-7701 * Fix CVE-2015-7852 * Fix CVE-2015-7851 * Fix CVE-2015-7855 * Fix CVE-2015-7871 * Rename CVE-2014-9297.patch to CVE-2014-9750.patch. * Rename CVE-2014-9298.patch to CVE-2014-9751.patch * Rename bug-2797.patch to CVE-2015-3405.patch * FIX CVE-2015-5146 * FIX CVE-2015-5194 * FIX CVE-2015-5195 * FIX CVE-2015-7703 * FIX CVE-2015-5219 * FIX CVE-2015-5300 * FIX CVE-2015-7691, CVE-2015-7962, CVE-2015-7702 * Add build-depends on bison since one of the patches update the .y file. Checksums-Sha1: 25a972fbb438b92a229313ee3ea3026f4344be6b 2118 ntp_4.2.6.p2+dfsg-1+deb6u4.dsc f6f1f54da250c8950886ad441e476a0a67425503 448164 ntp_4.2.6.p2+dfsg-1+deb6u4.debian.tar.gz 4a4e381ae483c18c07ba56e5c4682f34401e8c38 1142000 ntp-doc_4.2.6.p2+dfsg-1+deb6u4_all.deb f6c12b54c055c1ab7ba4d0f077738c727fdc5d69 501484 ntp_4.2.6.p2+dfsg-1+deb6u4_amd64.deb 2b5bf6330711067ff5a3148190b83b034408909c 80860 ntpdate_4.2.6.p2+dfsg-1+deb6u4_amd64.deb Checksums-Sha256: 5117f1332e0ebca138d27175d05c01fa408b0e53f099574d78e70b589bfdf04f 2118 ntp_4.2.6.p2+dfsg-1+deb6u4.dsc 3ebaaf87c01d98e25e785ad56c948e907e94f3496b0bdfb4ee8c201f8be0a2b2 448164 ntp_4.2.6.p2+dfsg-1+deb6u4.debian.tar.gz 20b45a2c786e17e067b2226c0bc914c128949a833f6d6ae21bdb22d5dc9249bf 1142000 ntp-doc_4.2.6.p2+dfsg-1+deb6u4_all.deb 845b439c679593297389e6a09f3ef2cf9c6b3715c5b67085a3ef9c80c4d4522a 501484 ntp_4.2.6.p2+dfsg-1+deb6u4_amd64.deb 99fb7fc47919582ef97e5a5459247e7b403f4f4edb18385608d00e91940c91db 80860 ntpdate_4.2.6.p2+dfsg-1+deb6u4_amd64.deb Files: beb2dee26f0d6aec242a17894dd19f50 2118 net optional ntp_4.2.6.p2+dfsg-1+deb6u4.dsc 1843103a46011ee4483606a517ae223b 448164 net optional ntp_4.2.6.p2+dfsg-1+deb6u4.debian.tar.gz ff7ab3acbb3fa9c2e4b19839d35ebce1 1142000 doc optional ntp-doc_4.2.6.p2+dfsg-1+deb6u4_all.deb 57ec28b896e8409772c39e49dde1ce09 501484 net optional ntp_4.2.6.p2+dfsg-1+deb6u4_amd64.deb b16712e49fe6d85181cf38d5911d9c6a 80860 net optional ntpdate_4.2.6.p2+dfsg-1+deb6u4_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJWMSFMAAoJEOPE3c0eTBJE05EP/21t0a0esLOSnBtRfo4juZWI HtMLUseapBt10XXd/kT9273ZofYPIWMjHCARMb20wmFZct3UIrWmxDZ1oOI7P99N PqNzgXyfrE2Gif3CmS7lrU20K3rhXaX8t6cfOwCvrhfPQe+Qjm6MEXv6OhA7nNLj bwuhWE8efE56uyUTMigXHt6jBAwnnRR6BB7Jb7MqGdP//Tess67bUj4p4a0bitpn FwH4EK5VzcWXZrAHxJ6Oh3j57Vo/CUn/9m8ObKdMfbYsr3Y6YTayFG2gEjI0gDBX /j5BuivC5VG4FeYx+2VxqMUsJBSxKApVMtvE2BjI52ZkAnKTHdfbp9yJcy2k+TTP +BnC2mH3ueTuNTOIdqmSdncFh5Y8E1FAFYIHAxH5kDSwlxUFhBCcbqpr+jl2+LWg yOdfUyTzI51qnlgqCol+phIfMXE3CsRSVyV+rh99q5gHvlo6CvFMtcGIOczC3wrJ dF3Oa8ZfF/1oWZck/Wwn9A3/8hSBEzg2QuSAk/ZzOJGwlhR4Ik+Zck24oEKdynPe gseq33N7jx7ZWVEFJTrhD4zK1nAgANEQreopdxoVNp0I7228HVJsFJyuIsAGV8Bv i6+Lp1l9bpG1KFML1sB1O3OmX9w3KAL67mYIj84nFI29u78b97UIMRfM26oFji/k iDfLiX2un802rPc1DTgK =sO5P -END PGP SIGNATURE-
[SECURITY] [DLA 335-1] ntp security update
Package: ntp Version: 1:4.2.6.p2+dfsg-1+deb6u4 CVE ID : CVE-2015-5146 CVE-2015-5194 CVE-2015-5195 CVE-2015-5219 CVE-2015-5300 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7855 CVE-2015-7871 Several security issues where found in ntp: CVE-2015-5146 A flaw was found in the way ntpd processed certain remote configuration packets. An attacker could use a specially crafted package to cause ntpd to crash if: * ntpd enabled remote configuration * The attacker had the knowledge of the configuration password * The attacker had access to a computer entrusted to perform remote configuration Note that remote configuration is disabled by default in NTP. CVE-2015-5194 It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands. CVE-2015-5195 It was found that ntpd exits with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) is referenced by the statistics or filegen configuration command CVE-2015-5219 It was discovered that sntp program would hang in an infinite loop when a crafted NTP packet was received, related to the conversion of the precision value in the packet to double. CVE-2015-5300 It was found that ntpd did not correctly implement the -g option: Normally, ntpd exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that, ntpd will exit with a message to the system log. This option can be used with the -q and -x options. ntpd could actually step the clock multiple times by more than the panic threshold if its clock discipline doesn't have enough time to reach the sync state and stay there for at least one update. If a man-in-the-middle attacker can control the NTP traffic since ntpd was started (or maybe up to 15-30 minutes after that), they can prevent the client from reaching the sync state and force it to step its clock by any amount any number of times, which can be used by attackers to expire certificates, etc. This is contrary to what the documentation says. Normally, the assumption is that an MITM attacker can step the clock more than the panic threshold only once when ntpd starts and to make a larger adjustment the attacker has to divide it into multiple smaller steps, each taking 15 minutes, which is slow. CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. Receipt of these packets can cause ntpd to crash. CVE-2015-7701 A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd is configured to use autokey authentication, an attacker could send packets to ntpd that would, after several days of ongoing attack, cause it to run out of memory. CVE-2015-7703 Miroslav Lichvár of Red Hat found that the :config command can be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process (immediately) or the current estimated drift of the system clock (in hourly intervals). For example: ntpq -c ':config pidfile /tmp/ntp.pid' ntpq -c ':config driftfile /tmp/ntp.drift' In Debian ntpd is configured to drop root privileges, which limits the impact of this issue. CVE-2015-7704 When ntpd as an NTP client receives a Kiss-of-Death (KoD) packet from the server to reduce its polling rate, it doesn't check if the originate timestamp in the reply matches the transmit timestamp from its request. An off-path attacker can send a crafted KoD packet to the client, which will increase the client's polling interval to a large value and effectively disable synchronization with the server. CVE-2015-7850 An exploitable denial of service vulnerability exists in the remote configuration functionality of the Network Time Protocol. A specially crafted configuration file could cause an endless loop resulting in a denial of service. An attacker could provide a the malicious configuration file to trigger this vulnerability. CVE-2015-7851 A potential path traversal vulnerability exists in the config file saving of ntpd on VMS. A specially crafted path could cause a path
Re: ntp security update
On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote: > I've looked through the upstream repository for the patches that fix he > recently announced issues. Quite a few of them turned out not to apply > to squeeze, or the newer stable releases, and I've updated the security > tracker accordingly. > > I backported the remaining fixes as best I can, and uploaded the source > package to: > https://people.debian.org/~benh/packages/squeeze-lts/ So are you going to upload something or should I? Kurt
Re: ntp security update
On Sun, Oct 25, 2015 at 11:19:03AM +0100, Kurt Roeckx wrote: > On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote: > > I've looked through the upstream repository for the patches that fix he > > recently announced issues. Quite a few of them turned out not to apply > > to squeeze, or the newer stable releases, and I've updated the security > > tracker accordingly. > > > > I backported the remaining fixes as best I can, and uploaded the source > > package to: > > https://people.debian.org/~benh/packages/squeeze-lts/ > > > > Would you be willing to review this package? > > > > I noticed that you entirely reverted the upstream patch that was > > supposed to fix CVE-2015-7704 and -7705, and then applied a different > > fix for -7704. I think this means -7705 isn't fixed in sid, though the > > security tracker currently says it is. Who's right? > > I can't seem to ge getting much information out of anything from > upstream. Lots of things don't seem to be affecting the 4.2.6 > version. > > From what I currently understand the following don't apply to the > 4.2.6 versions: > CVE-2015-5196 So it seems they renamed CVE-2015-5196 to CVE-2015-7703. Your patch probably makes sense and I should get that fixed in jessie and wheezy too. I'm just wondering why you didn't move the T_Pidfile like upstream did, that part seems to apply. (I have to go now, will look at it later again.) Kurt
Re: ntp security update
On Mon, Oct 26, 2015 at 06:55:06AM +0900, Ben Hutchings wrote: > On Sun, 2015-10-25 at 22:45 +0100, Kurt Roeckx wrote: > > On Mon, Oct 26, 2015 at 06:13:07AM +0900, Ben Hutchings wrote: > [...] > > > > While I have addiotional patches for: > > > > CVE-2014-9750.patch (it was missing 1 patch while it was fixed it > > > > seems) > > > > > > Which is split from CVE-2014-9297. > > > > From what I understand CVE-2014-9297 was changed to CVE-2014-9750 > > and CVE-2014-9298 to CVE-2014-9751 because someone mixed them up. > > There is nothing split. > > > > In any case, there is a patch missing. > > OK, which one is that? I looked through the upstream commits for bug > 2671 and they all seemed to have been included in CVE-2014-9297.patch. *look confused* At some point 348fc9fa390c7894f589104fbca4d635868b7a45 was missing. But redhat has a diff that looks like: --- ntp_crypto.c +++ ntp_crypto.c @@ -1575,6 +1575,7 @@ EVP_MD_CTX ctx; /* signature context */ tstamp_t tstamp;/* NTP timestamp */ u_int32 temp32; + u_char *puch; /* * Extract the public key from the request. @@ -1596,9 +1597,9 @@ vallen = EVP_PKEY_size(pkey); vp->vallen = htonl(vallen); vp->ptr = emalloc(vallen); - ptr = vp->ptr; + puch = vp->ptr; temp32 = htonl(*cookie); - if (RSA_public_encrypt(4, (u_char *), ptr, + if (RSA_public_encrypt(4, (u_char *), puch, pkey->pkey.rsa, RSA_PKCS1_OAEP_PADDING) <= 0) { msyslog(LOG_ERR, "crypto_encrypt: %s", ERR_error_string(ERR_get_error(), NULL)); (Didn't look at what that does yet, looks like part of a change of a much older commit.) Kurt
Re: ntp security update
On Mon, Oct 26, 2015 at 06:13:07AM +0900, Ben Hutchings wrote: > On Sun, 2015-10-25 at 11:19 +0100, Kurt Roeckx wrote: > > On Sun, Oct 25, 2015 at 01:30:18PM +0900, Ben Hutchings wrote: > > > I've looked through the upstream repository for the patches that fix he > > > recently announced issues. Quite a few of them turned out not to apply > > > to squeeze, or the newer stable releases, and I've updated the security > > > tracker accordingly. > > > > > > I backported the remaining fixes as best I can, and uploaded the source > > > package to: > > > https://people.debian.org/~benh/packages/squeeze-lts/ > > > > > > Would you be willing to review this package? > > > > > > I noticed that you entirely reverted the upstream patch that was > > > supposed to fix CVE-2015-7704 and -7705, and then applied a different > > > fix for -7704. I think this means -7705 isn't fixed in sid, though the > > > security tracker currently says it is. Who's right? > > > > I can't seem to ge getting much information out of anything from > > upstream. Lots of things don't seem to be affecting the 4.2.6 > > version. > > > > From what I currently understand the following don't apply to the > > 4.2.6 versions: > > CVE-2015-5196 > [...] > > So it seems they renamed CVE-2015-5196 to CVE-2015-7703. Your > > patch probably makes sense and I should get that fixed in jessie > > and wheezy too. > > > > I'm just wondering why you didn't move the T_Pidfile like upstream > > did, that part seems to apply. > > Not in squeeze; there aren't any separate parsing rules for local and > remote. > > > Your bug-2899.patch patch looks a little different. You have: > > @@ -2207,8 +2221,8 @@ crypto_bob( > > vp->sig = emalloc(sign_siglen); > > EVP_SignInit(, sign_digest); > > EVP_SignUpdate(, (u_char *)>tstamp, 12); > > - EVP_SignUpdate(, vp->ptr, vallen); > > - if (EVP_SignFinal(, vp->sig, , sign_pkey)) > > + EVP_SignUpdate(, vp->ptr, len); > > + if (EVP_SignFinal(, vp->sig, , sign_pkey)) > > vp->siglen = htonl(sign_siglen); > > return (XEVNT_OK); > > } > > > > The patch from upstream and the one from redhat has: > > @@ -2214,9 +2228,9 @@ crypto_bob( > > vp->sig = emalloc(sign_siglen); > > EVP_SignInit(, sign_digest); > > EVP_SignUpdate(, (u_char *)>tstamp, 12); > > - EVP_SignUpdate(, vp->ptr, vallen); > > - if (EVP_SignFinal(, vp->sig, , sign_pkey)) > > - vp->siglen = htonl(sign_siglen); > > + EVP_SignUpdate(, vp->ptr, len); > > + if (EVP_SignFinal(, vp->sig, , sign_pkey)) > > + vp->siglen = htonl(len); > > return (XEVNT_OK); > > } > > > > > > As in, the htonl() call changes sign_siglen to len. > > No, it changes vallen to len. But in 4.2.6 vallen is ignored and the > previously calculated sign_siglen is assumed to be correct. I didn't > want to change that. So from the EVP_SignFinal manpage: | The number of bytes of data written (i.e. the length of the | signature) will be written to the integer at s, at most | EVP_PKEY_size(pkey) bytes will be written. That is, the signature can be shorter than the key, it depends on the signature scheme. And sign_siglen in both 4.2.6 and 4.2.8 is: sign_siglen = EVP_PKEY_size(sign_pkey); So maybe the variable name is a little misleading, it's the size of the key not the signature. Kurt
[SECURITY] [DLA 247-1] openssl security update
Package: openssl Version: 0.9.8o-4squeeze21 CVE ID : CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2014-8176 Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that an invalid memory free could be triggered when buffering DTLS data. This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code. This issue only affected the oldstable distribution (wheezy). CVE-2015-1789 Robert Swiecki and Hanno B??ck discovered that the X509_cmp_time function could read a few bytes out of bounds. This could allow remote attackers to cause a denial of service (crash) via crafted certificates and CRLs. CVE-2015-1790 Michal Zalewski discovered that the PKCS#7 parsing code did not properly handle missing content which could lead to a NULL pointer dereference. This could allow remote attackers to cause a denial of service (crash) via crafted ASN.1-encoded PKCS#7 blobs. CVE-2015-1791 Emilia K??sper discovered that a race condition could occur due to incorrect handling of NewSessionTicket in a multi-threaded client, leading to a double free. This could allow remote attackers to cause a denial of service (crash). CVE-2015-1792 Johannes Bauer discovered that the CMS code could enter an infinite loop when verifying a signedData message, if presented with an unknown hash function OID. This could allow remote attackers to cause a denial of service. Additionally OpenSSL will now reject handshakes using DH parameters shorter than 768 bits as a countermeasure against the Logjam attack (CVE-2015-4000). signature.asc Description: Digital signature
Re: squeeze update of ntp?
On Fri, Apr 10, 2015 at 11:05:47PM +0200, Raphael Hertzog wrote: Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of ntp: https://security-tracker.debian.org/tracker/CVE-2015-1798 https://security-tracker.debian.org/tracker/CVE-2015-1799 https://security-tracker.debian.org/tracker/TEMP-000-C29A8D Would you like to take care of this yourself? We are still understaffed so any help is always highly appreciated. You really don't have patience do you? Kurt -- To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150410211355.ga2...@roeckx.be
Re: squeeze update of ntp?
On Fri, Apr 10, 2015 at 11:33:22PM +0200, Raphael Hertzog wrote: Hi, On Fri, 10 Apr 2015, Kurt Roeckx wrote: On Fri, Apr 10, 2015 at 11:05:47PM +0200, Raphael Hertzog wrote: Would you like to take care of this yourself? We are still understaffed so any help is always highly appreciated. You really don't have patience do you? I do, but contacting maintainers is just part of the workflow of CVE triage we defined for Debian LTS. Sorry if this mail bothered you. Is there a way to do it that would have been better received on your side? The upload to unstable (and wheezy) only happened a few hours ago because I didn't have time before. Kurt -- To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150410215649.ga12...@roeckx.be
Re: squeeze update of openssl?
On Mon, Mar 09, 2015 at 04:29:43PM +0100, Raphael Hertzog wrote: Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of openssl: https://security-tracker.debian.org/tracker/CVE-2015-0209 https://security-tracker.debian.org/tracker/CVE-2015-0288 Please ignore them for now. They are not yet fixed in any branch, but will be taking care of. Kurt -- To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150309171443.ga6...@roeckx.be