622038 – (CVE-2017-7507) <net-libs/gnutls-3.5.13: Crash upon receiving well-formed status_request extension

Bug 622038 (CVE-2017-7507) - <net-libs/gnutls-3.5.13: Crash upon receiving well-formed status_request extension

Summary: <net-libs/gnutls-3.5.13: Crash upon receiving well-formed status_request exte...

Status:	RESOLVED FIXED

Alias:	CVE-2017-7507

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://www.gnutls.org/security.html#...
Whiteboard:	A3 [glsa cve ]
Keywords:

Depends on:
Blocks:

Reported:	2017-06-17 17:57 UTC by Ian Zimmerman
Modified:	2017-10-15 04:21 UTC (History)
CC List:	3 users (show)

See Also:
Package list:	=net-libs/gnutls-3.5.13 alpha amd64 arm ia64 ppc ppc64 x86
Runtime testing required:	---

Flags:	stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ian Zimmerman 2017-06-17 17:57:16 UTC

According to the RH summary [1]:

It was found that GnuTLS would crash when receiving a client hello message with status_request extension that has a non-empty responder_id_list.

Upstream ref [2]

Upstream patch [3] [4]

-- 

[1]
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7507

[2]
https://gnutls.org/security.html#GNUTLS-SA-2017-4

[3]
https://gitlab.com/gnutls/gnutls/commit/4c4d35264fada08b6536425c051fb8e0b05ee86b

[4]
https://gitlab.com/gnutls/gnutls/commit/3efb6c5fd0e3822ec11879d5bcbea0e8d322cd03

Comment 1 Alon Bar-Lev (RETIRED) gentoo-dev

2017-06-17 18:57:58 UTC

We can stabilize net-libs/gnutls-3.5.13

Comment 2 Sergei Trofimovich (RETIRED) gentoo-dev

2017-06-18 12:10:23 UTC

ia64 stable

Comment 3 Agostino Sarubbo gentoo-dev

2017-06-18 14:03:11 UTC

amd64 stable

Comment 4 Agostino Sarubbo gentoo-dev

2017-06-20 07:02:42 UTC

x86 stable

Comment 5 Tobias Klausmann (RETIRED) gentoo-dev

2017-06-20 15:01:23 UTC

Stable on alpha.

Comment 6 Agostino Sarubbo gentoo-dev

2017-06-21 12:06:17 UTC

ppc stable

Comment 7 Agostino Sarubbo gentoo-dev

2017-06-21 12:19:09 UTC

ppc64 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.

Comment 8 Alon Bar-Lev (RETIRED) gentoo-dev

2017-06-21 15:09:22 UTC

I am very sorry, but arm stabilize lately the older package in bug#612340, so need this one as well.

Comment 9 Christopher Díaz Riveros (RETIRED) gentoo-dev

2017-09-17 19:56:54 UTC

New GLSA Request filed.

@Maintainers, please proceed to cleanup.

Gentoo Security Padawan
ChrisADR

Comment 10 Alon Bar-Lev (RETIRED) gentoo-dev

2017-09-18 22:28:04 UTC

(In reply to Alon Bar-Lev from comment #8)
> I am very sorry, but arm stabilize lately the older package in bug#612340,
> so need this one as well.

I updated the keywords and forgot to add CC, sorry!

Comment 11 Alon Bar-Lev (RETIRED) gentoo-dev

2017-10-07 08:05:34 UTC

arm, please?

Comment 12 Markus Meier gentoo-dev

2017-10-14 06:16:14 UTC

arm stable, all arches done.

Comment 13 Alon Bar-Lev (RETIRED) gentoo-dev

2017-10-14 06:34:47 UTC

Thanks!

ebuild was removed.

Comment 14 Christopher Díaz Riveros (RETIRED) gentoo-dev

2017-10-14 12:53:41 UTC

Thank you all.

Comment 15 GLSAMaker/CVETool Bot gentoo-dev

2017-10-15 04:21:23 UTC

This issue was resolved and addressed in
 GLSA 201710-15 at https://security.gentoo.org/glsa/201710-15
by GLSA coordinator Aaron Bauman (b-man).