Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 523652 (CVE-2014-1568) - <dev-libs/nss-{3.16.5,3.17.1} - <www-client/firefox-bin-{24.8.1,31.1.1,32.0.3} - <mail-client/thunderbird-bin-{24.8.1,31.1.2} - <www-client/seamonkey-bin-2.29.1: RSA signature forgery attack (CVE-2014-1568)
Summary: <dev-libs/nss-{3.16.5,3.17.1} - <www-client/firefox-bin-{24.8.1,31.1.1,32.0.3...
Alias: CVE-2014-1568
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: A3 [glsa glsa]
: 523698 523774 (view as bug list)
Depends on: CVE-2015-0819
  Show dependency tree
Reported: 2014-09-24 21:10 UTC by Hanno Böck
Modified: 2015-04-07 10:18 UTC (History)
10 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2014-09-24 21:10:38 UTC
An attack on the RSA signature verification has been found in the nss library. Details in Mozilla's bugtracker are still private, so I can't judge how serious this is. The description says it's a variant of the Bleichenbacher attack, which probably refers to the attack presented at crypto 2006:

nss 3.17.1 and 3.16.5 fix this. This is probably bundled in google-chrome, firefox-bin and maybe more packages.
Comment 1 Mike Gilbert gentoo-dev 2014-09-24 22:26:59 UTC
I don't think this part of NSS is bundled in Chrome/Chromium on Linux, which would explain why Google only released an update for Windows and Mac.

I do see that we bundle libssl3, but not libnss3.
Comment 2 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2014-09-25 06:00:07 UTC
+*nss-3.17.1 (25 Sep 2014)
+*nss-3.16.5 (25 Sep 2014)
+  25 Sep 2014; Lars Wendler <> +nss-3.16.5.ebuild,
+  +nss-3.17.1.ebuild, +files/nss-3.17.1-gentoo-fixups.patch:
+  Security bump (bug #523652). RSA signature forgery attack (CVE-2014-1568).
Comment 3 Alex Xu (Hello71) 2014-09-25 12:46:14 UTC
*** Bug 523698 has been marked as a duplicate of this bug. ***
Comment 4 Agostino Sarubbo gentoo-dev 2014-09-26 09:58:56 UTC
May we go ahead with the stabilization? which version(s)?
Comment 5 Agostino Sarubbo gentoo-dev 2014-09-26 10:07:25 UTC
We are bundled nss in firefox-bin/thunderbird-bin and seamonkey-bin.
Comment 6 Agostino Sarubbo gentoo-dev 2014-09-26 10:09:08 UTC
*** Bug 523774 has been marked as a duplicate of this bug. ***
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2014-09-26 10:12:48 UTC
oh, that's a Summary fail, then.
Comment 8 Ian Stakenvicius (RETIRED) gentoo-dev 2014-09-26 15:20:57 UTC
All ebuilds in the tree.  Please stabilize the following:


As seamonkey-bin-2.29 was ~arch we may still need to wait for other issues before 2.29.1 can be stabilized.  PolyC can provide guidance on that.
Comment 9 Ian Stakenvicius (RETIRED) gentoo-dev 2014-10-06 17:12:53 UTC
oops, apparently ATs were not CC'd.  Trying again.

Please stabilize the following:

Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"

Target KEYWORDS="amd64 x86"

Target KEYWORDS="amd64 x86"
Comment 10 Jeroen Roovers (RETIRED) gentoo-dev 2014-10-06 17:25:05 UTC
Stable for HPPA.
Comment 11 Jeroen Roovers (RETIRED) gentoo-dev 2014-10-06 17:26:29 UTC
(In reply to Ian Stakenvicius from comment #9)
> oops, apparently ATs were not CC'd.  Trying again.

I'm pretty sure you didn't mean "ATs".
Comment 12 Agostino Sarubbo gentoo-dev 2014-10-06 19:01:07 UTC
amd64 stable
Comment 13 Agostino Sarubbo gentoo-dev 2014-10-06 19:02:19 UTC
x86 stable
Comment 14 Tobias Klausmann (RETIRED) gentoo-dev 2014-10-11 09:02:38 UTC
dev-libs/nss doesn't even compile on alpha, see bug 525042
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2014-10-12 13:42:08 UTC
CVE-2014-1568 (
  Mozilla Network Security Services (NSS) before, 3.16.x before
  3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3,
  Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla
  Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before
  2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google
  Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in
  X.509 certificates, which makes it easier for remote attackers to spoof RSA
  signatures via a crafted certificate, aka a "signature malleability" issue.
Comment 16 Ian Stakenvicius (RETIRED) gentoo-dev 2014-10-14 15:20:54 UTC
ppc , ppc64 , arm , arm64 -- ping!  I'd like to drop vulnerable versions from the tree sooner rather than later.

I've also added nss- to the tree; IFF 3.16.5 can't be stabilized on a given arch please try and stabilize nss- as a "stop-gap" until 3.16.5 can be patched.
Comment 17 Ian Stakenvicius (RETIRED) gentoo-dev 2014-10-14 16:18:14 UTC
x86 amd amd64 teams, please stabilize www-client/seamonkey-bin-2.29.1 also, as it's ready.
Comment 18 Tobias Klausmann (RETIRED) gentoo-dev 2014-10-15 13:18:16 UTC
dev-libs/nss-3.16.5 and dev-libs/nspr-4.10.6-r1 stable on Alpha.
Comment 19 Agostino Sarubbo gentoo-dev 2014-10-16 10:23:06 UTC
amd64 stable
Comment 20 Agostino Sarubbo gentoo-dev 2014-10-16 10:23:59 UTC
x86 stable
Comment 21 Agostino Sarubbo gentoo-dev 2014-10-17 13:14:26 UTC
ppc stable
Comment 22 Agostino Sarubbo gentoo-dev 2014-10-17 13:28:01 UTC
ppc64 stable
Comment 23 Agostino Sarubbo gentoo-dev 2014-10-18 14:06:10 UTC
ia64 stable
Comment 24 Agostino Sarubbo gentoo-dev 2014-10-18 14:10:13 UTC
sparc stable
Comment 25 Markus Meier gentoo-dev 2014-11-04 20:01:40 UTC
arm stable for nss and nspr
Comment 26 Yury German Gentoo Infrastructure gentoo-dev 2014-12-28 18:56:26 UTC
Merging multiple bugs for www-client/firefox{,-bin}, mail-client/thunderbird{,-bin}, www-client/seamonkey{,-bin) under the latest bug 531408 which is undergoing stabilization with each bug either needing cleanup or some stabilization.

dev-libs/nss - Cleanup as part of bug 531628
Comment 27 Yury German Gentoo Infrastructure gentoo-dev 2015-04-06 05:38:54 UTC
Added to an existing GLSA Request.
Comment 28 GLSAMaker/CVETool Bot gentoo-dev 2015-04-07 10:18:54 UTC
This issue was resolved and addressed in
 GLSA 201504-01 at
by GLSA coordinator Kristian Fiskerstrand (K_F).