First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 125217
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Tavis Ormandy (RETIRED) <taviso@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
a.diff patch from Werner Koch of GnuPG project patch Tavis Ormandy (RETIRED) 2006-03-06 04:24 0000 4.60 KB Details | Diff
gpg-test-mbox Demo mbox text/plain Tavis Ormandy (RETIRED) 2006-03-07 13:33 0000 1.85 KB Details
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 125217 depends on: Show dependency tree
Bug 125217 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-03-06 04:24 0000 
gnupg can be tricked into verifying unsigned data by constructing an openpgp
message containing multiple literal data packets. as it is ambiguous as to
which packet contains the signed data, gpg can be tricked into producing a
"good signature" message for modified or unsigned data.

------- Comment #1 From Tavis Ormandy (RETIRED) 2006-03-06 04:24:50 0000 ------- 
Created an attachment (id=81509) [details]
patch from Werner Koch of GnuPG project

------- Comment #2 From Tavis Ormandy (RETIRED) 2006-03-06 05:07:23 0000 ------- 
no announcement yet, but upstream has committed changes to cvs.

I suspect upstream will create a security release.

------- Comment #3 From Thierry Carrez (RETIRED) 2006-03-07 10:25:23 0000 ------- 
Removing herd as they can't access the bug through the alias, adding recent
bumpers.

------- Comment #4 From Tavis Ormandy (RETIRED) 2006-03-07 13:33:42 0000 ------- 
Created an attachment (id=81641) [details]
Demo mbox

Attaching an example mbox file that should not verify, as the mesage has been
modified (may depend on gpg options, this is not the only attack vector, but
it's the simplest).

------- Comment #5 From Tavis Ormandy (RETIRED) 2006-03-07 16:14:02 0000 ------- 
interim release 1.4.2.2 is tentatively scheduled for release tomorrow by
upstream.

------- Comment #6 From Thierry Carrez (RETIRED) 2006-03-08 09:56:36 0000 ------- 
New version at : ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.bz2
Please bump. Vulnerability will be public in a few hours.

------- Comment #7 From Marcelo Goes 2006-03-08 10:26:30 0000 ------- 
Bumped. Warning: I do not think this tarball has hit gnupg's mirrors yet.

------- Comment #8 From Tavis Ormandy (RETIRED) 2006-03-09 11:54:33 0000 ------- 
Okay, public now, adding arches for stabilisation

------- Comment #9 From Tavis Ormandy (RETIRED) 2006-03-09 11:55:34 0000 ------- 
*** Bug 125631 has been marked as a duplicate of this bug. ***

------- Comment #10 From Matti Bickel 2006-03-09 13:10:52 0000 ------- 
Tested on ppc: installs and builds fine.
Handles the demo-mbox fine, shows:
gpg: can't handle this ambiguous signature data

(quick) Regression tests:
* Signatures on -dev verify fine
* Several files crypted and decrypted show no difference to original
== Regression Tests passed ==
Please mark ppc stable.

------- Comment #11 From Patrick McLean 2006-03-09 13:31:18 0000 ------- 
stable on amd64.

------- Comment #12 From Gustavo Zacarias (RETIRED) 2006-03-09 14:07:40 0000 ------- 
sparc stable.

------- Comment #13 From Fernando J. Pereda (RETIRED) 2006-03-09 14:25:08 0000 ------- 
Alpha done. No regressions and does the right thing on the test case.

However FEATURES="test" required FEATURES="-sandbox" to be used. It tried to
write directly to /dev/stderr and sandbox didn't like that (no clue why).

Cheers,
Ferdy

------- Comment #14 From Luca Barbato 2006-03-09 15:26:00 0000 ------- 
ppc stable

------- Comment #15 From Mark Loeser 2006-03-09 16:52:19 0000 ------- 
x86 done

------- Comment #16 From Markus Ullmann 2006-03-10 03:32:20 0000 ------- 
arm done

------- Comment #17 From René Nussbaumer 2006-03-10 10:26:53 0000 ------- 
Stable on hppa

------- Comment #18 From Markus Rothe 2006-03-10 11:26:22 0000 ------- 
stable on ppc64

------- Comment #19 From Tavis Ormandy (RETIRED) 2006-03-10 12:46:15 0000 ------- 
all security supported architectures stable, ready for glsa

------- Comment #20 From Thierry Carrez (RETIRED) 2006-03-10 13:57:17 0000 ------- 
GLSA 200603-08
Thx everyone.
mips ppc-macos and s390 should still mark stable

------- Comment #21 From Fabian Groffen 2006-05-23 09:16:47 0000 ------- 
we were not CC-ed, so, "sorry" about the delay.  ppc-macos stable
First Last Prev Next    No search results available      Search page      Enter new bug