[Bug 2062018] [NEW] [FFe] gnutls28: merge 3.8.5-2 and backport RSAES-PKCS1-v1_5 fix
Adrien Nader
2062018 at bugs.launchpad.net
Wed Apr 17 14:12:34 UTC 2024
Public bug reported:
Please allow the merge and upload of
https://code.launchpad.net/~adrien-n/ubuntu/+source/gnutls28/+git/gnutls28/+merge/464535
.
I made the commit message there quite complete so I'm basically copying
that here. In a few words, this is meant to include as many fixes as
possible (potentially including security ones) since they probably would
linger on afterwards. There is also a change regarding PKCS#1 v1.5 which
has been deprecated but seemingly kept the same status in gnutls; this
adds the recommended replacement and makes it possible to disable the
deprecated format in configuration. This is the kind of things we want
for LTS releases.
Moreover, there are no changes that we want to avoid. There are changes
we don't care (much) about (tests, static builds, ...), but no changes
we want to avoid.
Below is a copy of the commit message of the MR.
This is a late update to gnutls in order to include the most recent
security fixes, even if they are low-severity. It merges 3.8.5-2 from
Debian and includes a better fix for the issue that prompted the upload
of -2 (wrong default configuration if no config file is present).
There are fixes except one potential performance improvement. Some of
the fixes are about catching up with current standards.
I went through all commits, there are many varied changes. I'm skipping
updates to tests or changes that are not relevant to Ubuntu.
Basic fixes:
- ktls detection (possibly a regression in noble)
- memleak in gnutls-serv
- segfault in _gnutls13_recv_end_of_early_data
- potential segfault in _gnutls13_recv_finished
- missing argument when using the _gnutls_debug_log macro
- wrong test in lib/mpi.c
Misc changes that are still somewhat notable:
- nettle: plumb RIPEMD160, because GCR (commit says "GnuTLS", I think it's a typo) still uses it to display a fingerprint for openpgp keys
- x509: support PBES1-DES-SHA1, in order to parse legacy PKCS#8 files in GCR (the gnome library)
The one performance improvement (that I didn't benchmark): "Make
compression libraries dynamically loadable" (it's from January, not
April).
Finally, a fix to adapt gnutls to current standards: support RSA-OAEP
and make it possible to disable RSAES-PKCS1-v1_5. I think it is
important this gets into Noble due to the long support period. Moreover,
it can come in handy in the future to be able to disable algorithms when
flaws are discovered.
https://www.rfc-editor.org/rfc/rfc8017#section-7 :
> RSAES-OAEP is REQUIRED to be supported for new applications; RSAES-
PKCS1-v1_5 is included only for compatibility with existing
applications.
** Affects: gnutls28 (Ubuntu)
Importance: High
Status: Triaged
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/2062018
Title:
[FFe] gnutls28: merge 3.8.5-2 and backport RSAES-PKCS1-v1_5 fix
Status in gnutls28 package in Ubuntu:
Triaged
Bug description:
Please allow the merge and upload of
https://code.launchpad.net/~adrien-n/ubuntu/+source/gnutls28/+git/gnutls28/+merge/464535
.
I made the commit message there quite complete so I'm basically
copying that here. In a few words, this is meant to include as many
fixes as possible (potentially including security ones) since they
probably would linger on afterwards. There is also a change regarding
PKCS#1 v1.5 which has been deprecated but seemingly kept the same
status in gnutls; this adds the recommended replacement and makes it
possible to disable the deprecated format in configuration. This is
the kind of things we want for LTS releases.
Moreover, there are no changes that we want to avoid. There are
changes we don't care (much) about (tests, static builds, ...), but no
changes we want to avoid.
Below is a copy of the commit message of the MR.
This is a late update to gnutls in order to include the most recent
security fixes, even if they are low-severity. It merges 3.8.5-2 from
Debian and includes a better fix for the issue that prompted the
upload of -2 (wrong default configuration if no config file is
present).
There are fixes except one potential performance improvement. Some of
the fixes are about catching up with current standards.
I went through all commits, there are many varied changes. I'm
skipping updates to tests or changes that are not relevant to Ubuntu.
Basic fixes:
- ktls detection (possibly a regression in noble)
- memleak in gnutls-serv
- segfault in _gnutls13_recv_end_of_early_data
- potential segfault in _gnutls13_recv_finished
- missing argument when using the _gnutls_debug_log macro
- wrong test in lib/mpi.c
Misc changes that are still somewhat notable:
- nettle: plumb RIPEMD160, because GCR (commit says "GnuTLS", I think it's a typo) still uses it to display a fingerprint for openpgp keys
- x509: support PBES1-DES-SHA1, in order to parse legacy PKCS#8 files in GCR (the gnome library)
The one performance improvement (that I didn't benchmark): "Make
compression libraries dynamically loadable" (it's from January, not
April).
Finally, a fix to adapt gnutls to current standards: support RSA-OAEP
and make it possible to disable RSAES-PKCS1-v1_5. I think it is
important this gets into Noble due to the long support period.
Moreover, it can come in handy in the future to be able to disable
algorithms when flaws are discovered.
https://www.rfc-editor.org/rfc/rfc8017#section-7 :
> RSAES-OAEP is REQUIRED to be supported for new applications; RSAES-
PKCS1-v1_5 is included only for compatibility with existing
applications.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/2062018/+subscriptions
More information about the foundations-bugs
mailing list