| Summary: | <net-libs/mbedtls-{2.28.1,3.2.0}: multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | blueness |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://github.com/gentoo/gentoo/pull/28720 | ||
| Whiteboard: | B3 [glsa+] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 887519 | ||
| Bug Blocks: | |||
Please stable when ready. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd5757f5a0345848cb1d73abdae2e81e388c101e commit fd5757f5a0345848cb1d73abdae2e81e388c101e Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2022-12-21 08:07:00 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2022-12-22 20:03:40 +0000 net-libs/mbedtls: drop 2.16.12, 2.28.0-r1 Bug: https://bugs.gentoo.org/857813 Closes: https://bugs.gentoo.org/887519 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> net-libs/mbedtls/Manifest | 2 - net-libs/mbedtls/mbedtls-2.16.12.ebuild | 101 ----------------------------- net-libs/mbedtls/mbedtls-2.28.0-r1.ebuild | 102 ------------------------------ 3 files changed, 205 deletions(-) GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f524f5fa47d9d739280d4530623a93084918da39 commit f524f5fa47d9d739280d4530623a93084918da39 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-01-11 05:19:06 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-01-11 05:22:06 +0000 [ GLSA 202301-08 ] Mbed TLS: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/730752 Bug: https://bugs.gentoo.org/740108 Bug: https://bugs.gentoo.org/764317 Bug: https://bugs.gentoo.org/778254 Bug: https://bugs.gentoo.org/801376 Bug: https://bugs.gentoo.org/829660 Bug: https://bugs.gentoo.org/857813 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202301-08.xml | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) GLSA released, all done! |
2.28.1 changelog has: " * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage module before freeing them. These buffers contain secret key material, and could thus potentially leak the key through freed heap. * Fix a potential heap buffer overread in TLS 1.2 server-side when MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite is selected. This may result in an application crash or potentially an information leak. * Fix a buffer overread in DTLS ClientHello parsing in servers with MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client or a man-in-the-middle could cause a DTLS server to read up to 255 bytes after the end of the SSL input buffer. The buffer overread only happens when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(), and possibly up to 571 bytes with a custom cookie check function. Reported by the Cybeats PSI Team." 3.2.0 changelog has: " * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage module before freeing them. These buffers contain secret key material, and could thus potentially leak the key through freed heap. * Fix potential memory leak inside mbedtls_ssl_cache_set() with an invalid session id length. * Add the platform function mbedtls_setbuf() to allow buffering to be disabled on stdio files, to stop secrets loaded from said files being potentially left in memory after file operations. Reported by Glenn Strauss. * Fix a potential heap buffer overread in TLS 1.2 server-side when MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite is selected. This may result in an application crash or potentially an information leak. * Fix a buffer overread in DTLS ClientHello parsing in servers with MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client or a man-in-the-middle could cause a DTLS server to read up to 255 bytes after the end of the SSL input buffer. The buffer overread only happens when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(), and possibly up to 571 bytes with a custom cookie check function. Reported by the Cybeats PSI Team. * Fix a buffer overread in TLS 1.3 Certificate parsing. An unauthenticated client or server could cause an MbedTLS server or client to overread up to 64 kBytes of data and potentially overread the input buffer by that amount minus the size of the input buffer. As overread data undergoes various checks, the likelihood of reaching the boundary of the input buffer is rather small but increases as its size MBEDTLS_SSL_IN_CONTENT_LEN decreases. * Fix check of certificate key usage in TLS 1.3. The usage of the public key provided by a client or server certificate for authentication was not checked properly when validating the certificate. This could cause a client or server to be able to authenticate itself through a certificate to an Mbed TLS TLS 1.3 server or client while it does not own a proper certificate to do so." Please bump to 2.28.1 and 3.2.0. No release for the 2.16 line yet, is it not vulnerable or is it almost time to drop it?