Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 267774 (CVE-2009-1415)

Summary: <net-libs/gnutls-2.6.5-r1: Multiple vulnerabilities (CVE-2009-{1415,1416,1417})
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: crypto+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3514
Whiteboard: A3 [glsa]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
CVE-2009-1415.patch
none
CVE-2009-1416.patch
none
CVE-2009-1417.patch
none
fixed CVE-2009-1417.patch patch
none
not totally completed gnutls-2.6.5-r1.ebuild
none
same without the src_test none

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-28 12:21:37 UTC 
** Please note that this issue is confidential and no information should be
disclosed until it is made public, see "Whiteboard" for a date **

CVE-2009-1415: Double free and free of invalid pointer on certain errors

Miroslav Kratochvil reported that he was able to crash libgnutls
when experimenting with (corrupt) DSA keys.  The client crashes when
verifying DSA signatures provided by the remote server when using a
DSA ciphersuite.  The code that crashes is also used for verifying DSA
signatures in X.509 Certificates, and for verifying RSA/DSA signatures
in OpenPGP keys.

CVE-2009-1416: All DSA keys generated using GnuTLS 2.6.x are corrupt and useless

When investigating the DSA problems reported by Miroslav Kratochvil, Simon Josefsson discovered that all DSA keys generated by
GnuTLS 2.6.x are corrupt.  Rather than generating a DSA key, GnuTLS
will generate a RSA key and store it in a DSA structure.

CVE-2009-1417: Certificate expiration not checked by gnutls-cli

Romain Francoise reported that gnutls-cli does not check the
activation and expiration dates of X.509 certificates.  This is
assumed to apply to all versions of gnutls-cli.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-28 12:25:21 UTC 
Upstream has planned a release for tomorrow, not sure if that will happen, so I'm adding patches as Daniel agreed to have an ebuild ready soonish.

As always, no commits to CVS until the issue is public, please.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-28 12:30:49 UTC 
Created attachment 189700 [details, diff]
CVE-2009-1415.patch
Comment 3 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-28 12:31:05 UTC 
Created attachment 189702 [details, diff]
CVE-2009-1416.patch
Comment 4 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-28 12:31:32 UTC 
Created attachment 189704 [details, diff]
CVE-2009-1417.patch
Comment 5 Daniel Black (RETIRED) gentoo-dev 2009-04-28 13:33:53 UTC 
Created attachment 189707 [details, diff]
fixed CVE-2009-1417.patch patch

fix different hunks at different patch levels and backport it to 2.6.5
Comment 6 Daniel Black (RETIRED) gentoo-dev 2009-04-28 15:13:50 UTC 
Created attachment 189720 [details]
not totally completed gnutls-2.6.5-r1.ebuild

was hoping to finish a testsuite. hopefully upstream will release with tests for the bugs they fixed. they aren't too bad. Just starting a revdep-rebuild now. will let you know in +6hrs how they go.
Comment 7 Daniel Black (RETIRED) gentoo-dev 2009-04-29 00:17:20 UTC 
Created attachment 189787 [details]
same without the src_test

arch test ready.
Comment 8 Robert Buchholz (RETIRED) gentoo-dev 2009-04-29 00:34:09 UTC 
Arch Security Liaisons, please test the attached ebuild and report it stable on this bug.
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"

CC'ing current Liaisons:
   alpha : armin76, klausman
   amd64 : keytoaster, tester
    hppa : jer
     ppc : josejx, ranger
   ppc64 : josejx, ranger
   sparc : fmccor
     x86 : armin76, maekke
Comment 9 Jeroen Roovers (RETIRED) gentoo-dev 2009-04-29 11:46:23 UTC 
HPPA is OK.
Comment 10 Brent Baude (RETIRED) gentoo-dev 2009-04-29 13:53:54 UTC 
ppc and ppc64 good to go
Comment 11 Arfrever Frehtes Taifersar Arahesis (RETIRED) gentoo-dev 2009-04-30 11:44:43 UTC 
net-libs/gnutls-2.6.6 has been released.
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3514
Comment 12 Robert Buchholz (RETIRED) gentoo-dev 2009-04-30 12:02:55 UTC 
this is now public, please commit with the gathered keywords. arch liaisons, please keep on testing and stabling :-)
Comment 13 Daniel Black (RETIRED) gentoo-dev 2009-04-30 12:41:10 UTC 
net-libs/gnutls-2.6.5-r1 added to try though I plan on adding the official upstream release 2.6.6 within the next hour the remaining arches want to wait a little.
Comment 14 Daniel Black (RETIRED) gentoo-dev 2009-04-30 12:55:19 UTC 
2.6.6 added - going by the upstream Changelog. 2.6.6 is essentially same as 2.5.5 apart from the CVE fixes and a better version of the openpgp patch. Please make it stable for new archs.
Comment 15 Robert Buchholz (RETIRED) gentoo-dev 2009-04-30 13:02:04 UTC 
Arches, please test and mark stable:
=net-libs/gnutls-2.6.6

Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Already stabled : "hppa ppc ppc64"  [for 2.6.5-r1]
Missing keywords: "alpha amd64 arm ia64 m68k s390 sh sparc x86"
Comment 16 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-01 11:17:20 UTC 
CVE-2009-1415 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1415):
  lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not
  properly handle invalid DSA signatures, which allows remote attackers
  to cause a denial of service (application crash) and possibly have
  unspecified other impact via a malformed DSA key that triggers a (1)
  free of an uninitialized pointer or (2) double free.

CVE-2009-1416 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1416):
  lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates
  RSA keys stored in DSA structures, instead of the intended DSA keys,
  which might allow remote attackers to spoof signatures on
  certificates or have unspecified other impact by leveraging an
  invalid DSA key.

CVE-2009-1417 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1417):
  gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and
  expiration times of X.509 certificates, which allows remote attackers
  to successfully present a certificate that is (1) not yet valid or
  (2) no longer valid, related to lack of time checks in the
  _gnutls_x509_verify_certificate function in lib/x509/verify.c in
  libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.
Comment 17 Jeroen Roovers (RETIRED) gentoo-dev 2009-05-01 12:55:43 UTC 
I have added hppa@g.o because it would be awkward to stabilise the newer version at a later date. I guess ppc@ and ppc64@ would perhaps feel the same way.
Comment 18 Markus Meier gentoo-dev 2009-05-01 14:18:54 UTC 
amd64/x86 stable
Comment 19 Robert Buchholz (RETIRED) gentoo-dev 2009-05-02 11:52:05 UTC 
There is no objection to stabilize 2.6.6, however I tried to keep pressure upon arch teams as low as possible. So ppc and ppc64, feel free to mark stable 2.6.6 as well or un-cc yourselves because 2.6.5-r1 is fine from a security perspective.
Comment 20 Jeroen Roovers (RETIRED) gentoo-dev 2009-05-02 13:51:47 UTC 
Stable for HPPA. :)
Comment 21 Tobias Klausmann (RETIRED) gentoo-dev 2009-05-03 12:40:20 UTC 
Stable on alpha.
Comment 22 Brent Baude (RETIRED) gentoo-dev 2009-05-03 13:00:56 UTC 
ppc64 done
Comment 23 Brent Baude (RETIRED) gentoo-dev 2009-05-03 13:01:02 UTC 
ppc done
Comment 24 Raúl Porcel (RETIRED) gentoo-dev 2009-05-06 15:19:05 UTC 
arm/ia64/s390/sh/sparc stable
Comment 25 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-06 18:48:46 UTC 
GLSA request filed.
Comment 26 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-05-24 13:36:04 UTC 
GLSA 200905-04, thanks everyone.