Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 503506 (CVE-2014-0016) - <net-misc/stunnel-5.02: Improper initialization of PRNG after fork() (CVE-2014-0016)
Summary: <net-misc/stunnel-5.02: Improper initialization of PRNG after fork() (CVE-201...
Status: RESOLVED FIXED
Alias: CVE-2014-0016
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B4 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-05 11:45 UTC by Agostino Sarubbo
Modified: 2014-08-29 19:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-03-05 11:45:07 UTC
From ${URL} :

A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary 
applications, performed (re)initialization of PRNG after fork.  When accepting a new connection, the 
server forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset 
its state after the fork, but seeds the PRNG with the output of time(NULL). The most important consequence 
is that servers using EC (ECDSA) or DSA certificates may under certain conditions leak their private key.


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Yury German Gentoo Infrastructure gentoo-dev Security 2014-03-14 13:41:51 UTC
As pe the discussion on the URL RedHat is not vulnerable to this vulnerability (this is where the original bug report came from).

Maintainers can you take a look and see if we are vulnerable.

From URL:
As mentioned in the previous comments, this flaw does not affect the version of stunnel shipped with Red Hat Enterprise Linux 5 and 6, since these versions use POSIX threads (pthreads) and no not use fork().
Comment 2 Anthony Basile gentoo-dev 2014-06-10 11:13:17 UTC
Arch teams, please stabilize stunnel-5.01.

KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 ~s390 sparc x86"
Comment 3 Jeroen Roovers gentoo-dev 2014-06-10 12:05:56 UTC
Arch teams, please test and mark stable:
=net-misc/stunnel-5.02
Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Comment 4 Jeroen Roovers gentoo-dev 2014-06-10 13:17:09 UTC
Stable for HPPA.

net-misc/stunnel - obsolete files/stunnel.rc6 files/stunnel-4.54-xforwarded-for.patch files/stunnel-4.54-listen-queue.patch
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2014-06-10 15:25:58 UTC
CVE-2014-0016 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0016):
  stunnel before 5.00, when using fork threading, does not properly update the
  state of the OpenSSL pseudo-random number generator (PRNG), which causes
  subsequent children with the same process ID to use the same entropy pool
  and allows remote attackers to obtain private keys for EC (ECDSA) or DSA
  certificates.
Comment 6 Anthony Basile gentoo-dev 2014-06-11 14:37:29 UTC
(In reply to Jeroen Roovers from comment #3)
> Arch teams, please test and mark stable:
> =net-misc/stunnel-5.02
> Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86

Okay with 5.02, I took care of arm ppc and ppc64.
Comment 7 Agostino Sarubbo gentoo-dev 2014-06-13 21:45:11 UTC
amd64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2014-06-13 21:45:33 UTC
x86 stable
Comment 9 Tobias Klausmann gentoo-dev 2014-06-17 10:41:25 UTC
Stable on alpha.
Comment 10 Agostino Sarubbo gentoo-dev 2014-07-05 12:40:59 UTC
ia64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2014-07-05 12:58:02 UTC
sparc stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 12 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2014-07-05 13:02:24 UTC
GLSA vote: no.
Comment 13 Sean Amoss gentoo-dev Security 2014-07-05 13:34:04 UTC
GLSA vote: yes.
Comment 14 Yury German Gentoo Infrastructure gentoo-dev Security 2014-07-06 22:43:50 UTC
Maintainer(s), please drop the vulnerable version.

GLSA Vote: Yes
Created a New GLSA request.
Comment 15 Yury German Gentoo Infrastructure gentoo-dev Security 2014-08-25 20:05:09 UTC
Arches and Maintainer(s), Thank you for your work.
Comment 16 GLSAMaker/CVETool Bot gentoo-dev 2014-08-29 19:13:25 UTC
This issue was resolved and addressed in
 GLSA 201408-14 at http://security.gentoo.org/glsa/glsa-201408-14.xml
by GLSA coordinator Kristian Fiskerstrand (K_F).