Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 488630 (CVE-2013-1445)

Summary: <dev-python/pycrypto-2.6.1 : PRNG not correctly reseeded in some situations (CVE-2013-1445)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: python
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1020814
Whiteboard: B3 [noglsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2013-10-19 18:29:34 UTC
From ${URL} :

In PyCrypto before v2.6.1, the Crypto.Random PRNG exhibits a race condition that may cause it to 
generate the same 'random' output in multiple processes that are forked from each other. Depending 
on the application, this could reveal sensitive information or cryptographic keys to remote 
attackers.

An application may be affected if, within 100 milliseconds, it performs the following steps (which 
may be summarized as "read-fork-read-read"):

1. Read from the Crypto.Random PRNG, causing an internal reseed;
2. Fork the process and invoke Crypto.Random.atfork() in the child;
3. Read from the Crypto.Random PRNG again, in at least two different processes (parent and child, 
or multiple children).

Only applications that invoke Crypto.Random.atfork() and perform the above steps are affected by 
this issue.  Other applications are unaffected.

git repo: https://github.com/dlitz/pycrypto/
v2.6.1 tag id: ebb470d3f0982702e3e9b7fb9ebdaeed95903aaf
v2.6.1 commit id: 7fd528d03b5eae58eef6fd219af5d9ac9c83fa50

References:
http://seclists.org/oss-sec/2013/q4/122


@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Dirkjan Ochtman (RETIRED) gentoo-dev 2013-10-20 08:55:11 UTC
+  20 Oct 2013; Dirkjan Ochtman <djc@gentoo.org> +pycrypto-2.6.1.ebuild:
+  Version bump pycrypto for bug 488630.

This should be fine for stabilization.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2013-10-28 16:17:46 UTC
CVE-2013-1445 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1445):
  The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly
  reseed the pseudo-random number generator (PRNG) before allowing a child
  process to access it, which makes it easier for context-dependent attackers
  to obtain sensitive information by leveraging a race condition in which a
  child process is created and accesses the PRNG within the same rate-limit
  period as another process.
Comment 3 Sergey Popov (RETIRED) gentoo-dev 2013-10-28 16:19:02 UTC
(In reply to Dirkjan Ochtman from comment #1)
> +  20 Oct 2013; Dirkjan Ochtman <djc@gentoo.org> +pycrypto-2.6.1.ebuild:
> +  Version bump pycrypto for bug 488630.
> 
> This should be fine for stabilization.

Good. Arches, please test and mark stable =dev-python/pycrypto-2.6.1

Target keywords: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2013-10-29 17:07:45 UTC
Stable for HPPA.
Comment 5 Agostino Sarubbo gentoo-dev 2013-10-31 15:55:34 UTC
amd64 / x86 stable
Comment 6 Agostino Sarubbo gentoo-dev 2013-11-01 18:11:26 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2013-11-01 20:57:55 UTC
alpha stable
Comment 8 Agostino Sarubbo gentoo-dev 2013-11-02 07:33:20 UTC
ppc64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2013-11-02 08:03:34 UTC
arm stable
Comment 10 Agostino Sarubbo gentoo-dev 2013-11-03 11:24:49 UTC
sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2013-11-12 20:13:48 UTC
ia64 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 12 Dirkjan Ochtman (RETIRED) gentoo-dev 2013-11-12 21:21:01 UTC
Cleanup done.
Comment 13 Yury German Gentoo Infrastructure gentoo-dev 2013-11-13 06:51:36 UTC
Cleanup completed

Awaiting GLSA Vote
Comment 14 Sergey Popov (RETIRED) gentoo-dev 2013-11-13 09:06:09 UTC
Thanks, everyone

GLSA vote: no
Comment 15 Chris Reffett (RETIRED) gentoo-dev Security 2013-12-03 19:25:32 UTC
GLSA vote: no. Closing noglsa.