Bug#890288: marked as done (mbedtls: CVE-2018-0487 - Risk of remote code execution when verifying RSASSA-PSS signatures)
Your message dated Fri, 30 Mar 2018 19:53:05 + with message-id and subject line Bug#890288: fixed in polarssl 1.3.9-2.1+deb8u3 has caused the Debian Bug report #890288, regarding mbedtls: CVE-2018-0487 - Risk of remote code execution when verifying RSASSA-PSS signatures to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 890288: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890288 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: mbedtls Version: 2.1.2-1 Severity: grave Tags: security https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01 Vulnerability When RSASSA-PSS signature verification is enabled, sending a maliciously constructed certificate chain can be used to cause a buffer overflow on the peer's stack, potentially leading to crash or remote code execution. This can be triggered remotely from either side in both TLS and DTLS. RSASSA-PSS is the part of PKCS #1 v2.1 standard and can be enabled by the compile time option MBEDTLS_PKCS1_V21 in config.h. If MBEDTLS_PKCS1_V21 is disabled when compiling the library, then the vulnerability is not present. RSASSA-PSS signatures are enabled in the default configuration. Impact Depending on the platform, an attack exploiting this vulnerability could lead to an application crash or remote code execution. Resolution Affected users should upgrade to Mbed TLS 1.3.22, Mbed TLS 2.1.10 or Mbed TLS 2.7.0. Workaround Users should wherever possible upgrade to the newer version of Mbed TLS. Where this is not practical, users should consider if disabling the option MBEDTLS_PKCS1_V21 in the Mbed TLS configuration is practical for their application. Disabling RSASSA-PSS signatures in the verification profile at runtime is not a sufficient countermeasure. signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: polarssl Source-Version: 1.3.9-2.1+deb8u3 We believe that the bug you reported is fixed in the latest version of polarssl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 890...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James Cowgill (supplier of updated polarssl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 20 Mar 2018 17:59:03 + Source: polarssl Binary: libpolarssl-dev libpolarssl-runtime libpolarssl7 Architecture: source Version: 1.3.9-2.1+deb8u3 Distribution: jessie-security Urgency: medium Maintainer: Roland Stigge Changed-By: James Cowgill Description: libpolarssl-dev - lightweight crypto and SSL/TLS library libpolarssl-runtime - lightweight crypto and SSL/TLS library libpolarssl7 - lightweight crypto and SSL/TLS library Closes: 890287 890288 Changes: polarssl (1.3.9-2.1+deb8u3) jessie-security; urgency=medium . * Fix CVE-2017-18187: Unsafe bounds check in ssl_parse_client_psk_identity(). * Fix CVE-2018-0487: Buffer overflow when verifying RSASSA-PSS signatures. (Closes: #890288) * Fix CVE-2018-0488: Buffer overflow when truncated HMAC is enabled. (Closes: #890287) Checksums-Sha1: 4b843426c0417fcb0d00ff10a7839f1b99fdf0df 1930 polarssl_1.3.9-2.1+deb8u3.dsc 0fa2ecded8576f3768f5cc606a21984df083cfce 15496 polarssl_1.3.9-2.1+deb8u3.debian.tar.xz fa6d549d0f7701186957152291e08538c4c2f229 5747 polarssl_1.3.9-2.1+deb8u3_source.buildinfo Checksums-Sha256: 66174a84b18cccf01ee26ff3da3aaa8483beac0aade710dfcdf240992f5ba434 1930 polarssl_1.3.9-2.1+deb8u3.dsc 79c66f0394796dcbf023261d52917e2d7a0b7835a90f2f422b106f21ea2e98ff 15496 polarssl_1.3.9-2.1+deb8u3.debian.tar.xz a59c2dfee5466818c194883f03e5645d5f63630fff824fe369594cc584274362 5747 polarssl_1.3.9-2.1+deb8u3_source.buildinfo Files: f09da7fe1eb97c815ab4a32afb97451a 1930 libs optional polarssl_1.3.9-2.1+deb8u3.dsc d574a3dd1ec0a191bf9b7616c2357e8e 15496 libs optional polarssl_1.3.9-2.1+deb8u3.debian.tar.xz d38d0079688b6f0b62c26914e4c129ce 5747 libs optional polarssl_1.3.9-2.1+deb8u3_source.buildinfo -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEE+Ixt5DaZ6POztUwQx/FnbeotAe8FAlqyKHcUHGpjb3dnaWxs QGRlYmlhbi5vcmcACgkQx/FnbeotAe8RRQ/8DKBLtY2v7jzmoTyxKS
Bug#890288: marked as done (mbedtls: CVE-2018-0487 - Risk of remote code execution when verifying RSASSA-PSS signatures)
Your message dated Sat, 17 Mar 2018 21:42:29 + with message-id and subject line Bug#890288: fixed in mbedtls 2.4.2-1+deb9u2 has caused the Debian Bug report #890288, regarding mbedtls: CVE-2018-0487 - Risk of remote code execution when verifying RSASSA-PSS signatures to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 890288: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890288 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: mbedtls Version: 2.1.2-1 Severity: grave Tags: security https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01 Vulnerability When RSASSA-PSS signature verification is enabled, sending a maliciously constructed certificate chain can be used to cause a buffer overflow on the peer's stack, potentially leading to crash or remote code execution. This can be triggered remotely from either side in both TLS and DTLS. RSASSA-PSS is the part of PKCS #1 v2.1 standard and can be enabled by the compile time option MBEDTLS_PKCS1_V21 in config.h. If MBEDTLS_PKCS1_V21 is disabled when compiling the library, then the vulnerability is not present. RSASSA-PSS signatures are enabled in the default configuration. Impact Depending on the platform, an attack exploiting this vulnerability could lead to an application crash or remote code execution. Resolution Affected users should upgrade to Mbed TLS 1.3.22, Mbed TLS 2.1.10 or Mbed TLS 2.7.0. Workaround Users should wherever possible upgrade to the newer version of Mbed TLS. Where this is not practical, users should consider if disabling the option MBEDTLS_PKCS1_V21 in the Mbed TLS configuration is practical for their application. Disabling RSASSA-PSS signatures in the verification profile at runtime is not a sufficient countermeasure. signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: mbedtls Source-Version: 2.4.2-1+deb9u2 We believe that the bug you reported is fixed in the latest version of mbedtls, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 890...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James Cowgill (supplier of updated mbedtls package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 05 Mar 2018 18:24:47 + Source: mbedtls Binary: libmbedtls-dev libmbedcrypto0 libmbedtls10 libmbedx509-0 libmbedtls-doc Architecture: source Version: 2.4.2-1+deb9u2 Distribution: stretch-security Urgency: high Maintainer: James Cowgill Changed-By: James Cowgill Description: libmbedcrypto0 - lightweight crypto and SSL/TLS library - crypto library libmbedtls-dev - lightweight crypto and SSL/TLS library - development files libmbedtls-doc - lightweight crypto and SSL/TLS library - documentation libmbedtls10 - lightweight crypto and SSL/TLS library - tls library libmbedx509-0 - lightweight crypto and SSL/TLS library - x509 certificate library Closes: 890287 890288 Changes: mbedtls (2.4.2-1+deb9u2) stretch-security; urgency=high . * Fix CVE-2017-18187: Unsafe bounds check in ssl_parse_client_psk_identity(). * Fix CVE-2018-0487: Buffer overflow when verifying RSASSA-PSS signatures. (Closes: #890288) * Fix CVE-2018-0488: Buffer overflow when truncated HMAC is enabled. (Closes: #890287) Checksums-Sha1: 63035736a04d0b6cbae6d6b150c0d41a1ad23004 2248 mbedtls_2.4.2-1+deb9u2.dsc 2ae3ae3fd203e642cce6f2953ae7edf452885af4 18908 mbedtls_2.4.2-1+deb9u2.debian.tar.xz c0cd4d3a535190d028cbfa6b1ffdeb24262282cc 6713 mbedtls_2.4.2-1+deb9u2_source.buildinfo Checksums-Sha256: da25c581f6287a26542490736310f8df993893683545600ae9df95be4e412914 2248 mbedtls_2.4.2-1+deb9u2.dsc a7e72e80bdeb44f90555348ad40d5e31ed5f01d66d1583bd9a0ebb11ef7ad7fc 18908 mbedtls_2.4.2-1+deb9u2.debian.tar.xz 92179f5483779bb3b96c30f9f9c674964460bb2cdc444f8933f082842b3da02d 6713 mbedtls_2.4.2-1+deb9u2_source.buildinfo Files: d2e54e46950a48b3f8327288daa16ad3 2248 libs optional mbedtls_2.4.2-1+deb9u2.dsc 72515ee69ddd36c21e530ca77e5ed047 18908 libs optional mbedtls_2.4.2-1+deb9u2.debian.tar.xz 61b0614143b22a11ed8f4da9af858fff 6713 libs optional mbedtls_2.
Bug#890288: marked as done (mbedtls: CVE-2018-0487 - Risk of remote code execution when verifying RSASSA-PSS signatures)
Your message dated Wed, 14 Feb 2018 13:00:12 + with message-id and subject line Bug#890288: fixed in mbedtls 2.7.0-1 has caused the Debian Bug report #890288, regarding mbedtls: CVE-2018-0487 - Risk of remote code execution when verifying RSASSA-PSS signatures to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 890288: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890288 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: mbedtls Version: 2.1.2-1 Severity: grave Tags: security https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01 Vulnerability When RSASSA-PSS signature verification is enabled, sending a maliciously constructed certificate chain can be used to cause a buffer overflow on the peer's stack, potentially leading to crash or remote code execution. This can be triggered remotely from either side in both TLS and DTLS. RSASSA-PSS is the part of PKCS #1 v2.1 standard and can be enabled by the compile time option MBEDTLS_PKCS1_V21 in config.h. If MBEDTLS_PKCS1_V21 is disabled when compiling the library, then the vulnerability is not present. RSASSA-PSS signatures are enabled in the default configuration. Impact Depending on the platform, an attack exploiting this vulnerability could lead to an application crash or remote code execution. Resolution Affected users should upgrade to Mbed TLS 1.3.22, Mbed TLS 2.1.10 or Mbed TLS 2.7.0. Workaround Users should wherever possible upgrade to the newer version of Mbed TLS. Where this is not practical, users should consider if disabling the option MBEDTLS_PKCS1_V21 in the Mbed TLS configuration is practical for their application. Disabling RSASSA-PSS signatures in the verification profile at runtime is not a sufficient countermeasure. signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: mbedtls Source-Version: 2.7.0-1 We believe that the bug you reported is fixed in the latest version of mbedtls, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 890...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James Cowgill (supplier of updated mbedtls package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 14 Feb 2018 09:25:58 + Source: mbedtls Binary: libmbedtls-dev libmbedcrypto1 libmbedtls10 libmbedx509-0 libmbedtls-doc Architecture: source amd64 all Version: 2.7.0-1 Distribution: experimental Urgency: medium Maintainer: James Cowgill Changed-By: James Cowgill Description: libmbedcrypto1 - lightweight crypto and SSL/TLS library - crypto library libmbedtls-dev - lightweight crypto and SSL/TLS library - development files libmbedtls-doc - lightweight crypto and SSL/TLS library - documentation libmbedtls10 - lightweight crypto and SSL/TLS library - tls library libmbedx509-0 - lightweight crypto and SSL/TLS library - x509 certificate library Closes: 890287 890288 Changes: mbedtls (2.7.0-1) experimental; urgency=medium . * New upstream release. - Fixes CVE-2018-0488. (Closes: #890287) - Fixes CVE-2018-0487. (Closes: #890288) * Rename libmbedcrypto0 to libmbedcrypto1 due to SONAME bump. . * debian/compat: - Use debhelper compat 11. * debian/control: - Switch to salsa.debian.org Vcs URLs. - Bump standards version to 4.1.3. - Drop useless Testsuite field in debian/control. * debian/copyright: - Update copyright dates. * debian/libmbedtls-doc.*: - Fix various paths to work with the new documentation location used by debhelper 11. * debian/patches: - Refresh config patch. * debian/*.symbols: - Add symbols updates for libmbedtls10. - Rewrite symbols libmbedcrypto1 symbols file. Checksums-Sha1: a8d1f6702d69006801e97d778983033ec95c3a7d 2163 mbedtls_2.7.0-1.dsc 01ffebf679c8696cc941c41224fa73d8944d2c85 2108442 mbedtls_2.7.0.orig.tar.gz 057da4c0aefaeee4495fe54712976a6afe7788de 11332 mbedtls_2.7.0-1.debian.tar.xz ca6eebb2f885ad21a9b2510f98a6cc9688db673e 323092 libmbedcrypto1-dbgsym_2.7.0-1_amd64.deb f892d3210b1b9a80181a48af0f4241d739ee9d26 183096 libmbedcrypto1_2.7.0-1