Your message dated Tue, 25 Nov 2014 19:19:37 +0000 with message-id <e1xtled-00080t...@franck.debian.org> and subject line Bug#770972: fixed in libksba 1.3.2-1 has caused the Debian Bug report #770972, regarding libksba: buffer overflow in ksba_oid_to_str to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 770972: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770972 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libksba Version: 1.3.1-1 Severity: grave Tags: security upstream patch fixed-upstream Hi all, Today a new upstream release for Libksba was announced, addressing in particular the following: > Impact of the security bug > ========================== > > By using special crafted S/MIME messages or ECC based OpenPGP data, it > is possible to create a buffer overflow. The bug is not easy to exploit > because there only 80 possible values which can be used to overwrite > memory. However, a denial of service is possible and someone may come > up with other clever attacks. Thus this should be fix. > > Affected versions: All Libksba versions < 1.3.2 > > Background: Yesterday Hanno Böck found an invalid memory access in the > 2.1 branch of GnuPG by conveying a malformed OID as part of an ECC key. > It turned out that this bug has also been in libksba ever since and > affects at least gpgsm and dirmngr. The code to convert an OID to its > string representation has an obvious error of not considering an invalid > encoding for arc-2. A first byte of 0x80 can be used to make a value of > less then 80 and we then subtract 80 from it as required by the OID > encoding rules. Due to the use of an unsigned integer this results in a > pretty long value which won't fit anymore into the allocated buffer. > The actual fix for lib Libksba is commit f715b9e. Announce: http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html Upstream fix: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f715b9e156dfa99ae829fc694e5a0abd23ef97d7 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: libksba Source-Version: 1.3.2-1 We believe that the bug you reported is fixed in the latest version of libksba, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 770...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Metzler <ametz...@debian.org> (supplier of updated libksba package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 25 Nov 2014 20:05:54 +0100 Source: libksba Binary: libksba-dev libksba8 Architecture: source i386 Version: 1.3.2-1 Distribution: unstable Urgency: high Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-ma...@lists.alioth.debian.org> Changed-By: Andreas Metzler <ametz...@debian.org> Description: libksba-dev - X.509 and CMS support library - development files libksba8 - X.509 and CMS support library Closes: 770972 Changes: libksba (1.3.2-1) unstable; urgency=high . * New upstream security release, fixing a buffer overflow in ksba_oid_to_str in Libksba. Closes: #770972 Checksums-Sha1: d5165f6d4f8ca8a5d88b655b007c3557f3fa903b 2127 libksba_1.3.2-1.dsc 37d0893a587354af2b6e49f6ae701ca84f52da67 600952 libksba_1.3.2.orig.tar.bz2 bba5d33ba9dfb59840b67505cc0177fa131e07b8 11324 libksba_1.3.2-1.debian.tar.xz 914d767238659833f977bbcac284c7a019845c90 133742 libksba-dev_1.3.2-1_i386.deb 18d4f801c3e709b272a9b4996b8c0bcbc6e69a13 101922 libksba8_1.3.2-1_i386.deb Checksums-Sha256: 811e285985f02c50d021796114bbf9bd7eeef1526da4a9d29f1d5217bfa22d9b 2127 libksba_1.3.2-1.dsc eb95537955dfc2845690a4cc3836074fa6d0a2c2ca2cbf1759364d3bd9868406 600952 libksba_1.3.2.orig.tar.bz2 dc774944eb5dd0fab3799846cfcea50284360dcc6056c547c96005ff7ecae88b 11324 libksba_1.3.2-1.debian.tar.xz 43125f48f365ee0021d6a3c12a956fdfa0d0456353de29cbaf46546934839dff 133742 libksba-dev_1.3.2-1_i386.deb 5fa7d0ed41b2e914426eebb7ead1c08752a07d2c7f7a7653db2704768ed60bc6 101922 libksba8_1.3.2-1_i386.deb Files: cd604ad5bc8aeb4e974a342e184c25f3 2127 libs optional libksba_1.3.2-1.dsc c3c9a66e22d87fe3ae59865250b8a09c 600952 libs optional libksba_1.3.2.orig.tar.bz2 e0dc4e60eb83a4c46dc64d3f4b8da1e6 11324 libs optional libksba_1.3.2-1.debian.tar.xz acc84cde199b50535638964c902bfa14 133742 libdevel optional libksba-dev_1.3.2-1_i386.deb 52b070a9617e6df71b332dfa2402a9c4 101922 libs optional libksba8_1.3.2-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUdNRNAAoJEKVPAYVDghSEZfYQAJ+g0RTGEKM7sqmbAFTl6J/L Rgv8ZeRE+RISy5LG8M573tbJfsfKsKN1SnwUJOVy5FNc4WyzN3IZOvwwTVW/4/6T 5GhunyZmszbNTf1XjoGSyJclpcQpdpgDFZwgWIzqkgQRMgAOgG1O/s3ODTL/Hqa7 0VihatZU4wdiib9eJJ/fGwRn642x66KpgGCqnAZlfS0kHBuYHEsvzWvWUjdyMCGh 7DKQ5bdNRWRs8YOR24+CEiwLtkN9jRfKaCmQDDspJUKdnAMzITCVNbicv3tiyFz7 lFlIKYYIm31O2I/ZWuq7lflxv0cY0iF2bWjAorcwPkhA6hfg4xEUlTFCZhSaKWjO ccIKjhXnemrLeKMiprmkPbMdUuXf+epUo0LZZABkag2qND1OJWvU8XWKTv5iw120 Ygrt/K7w5I14N3sOcgHzryWhzzvNPJhe/D4n/xr1Z38Pfw8rAHU/ubx4n+b5Z2Yc THnroWlJRffFHPChHHt0FsMS7Y/aj3gs75IyZfbdBlkxF483wv657XQUkfi/PCZc NRrxQC1+mXpzntM++7KmUV0Ly82porarJmRT+K7qG9UD8ST1/rzc7v8D8sAjD2+a N6dRGz0SoWJrJulNQPrG2SmKbGLb6EvzeyxyeJ0CUXttnG2N5Wmj5zfhobxaV6ji 4Ti4e9mzAmxhs7nQWH4v =tqnN -----END PGP SIGNATURE-----
--- End Message ---
