[Bug 1672694] Re: Sync mbedtls 2.4.2-1 (universe) from Debian unstable (main)
Bhavani Shankar
right2bshankar at gmail.com
Tue Mar 14 16:27:02 UTC 2017
This bug was fixed in the package mbedtls - 2.4.2-1
Sponsored for James Cowgill (jcowgill)
---------------
mbedtls (2.4.2-1) unstable; urgency=high
* New upstream version.
- Fixes CVE-2017-2784 - freeing of memory allocated on the stack when
validating a public key with a secp224k1 curve. (Closes: #857560)
* debian/rules:
- Run testsuite inside faketime to prevent it suddenly failing in the
future. Thanks Niels Thykier!
-- James Cowgill <jcowgill at debian.org> Tue, 14 Mar 2017 10:54:33 +0000
** Changed in: mbedtls (Ubuntu)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-2784
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1672694
Title:
Sync mbedtls 2.4.2-1 (universe) from Debian unstable (main)
Status in mbedtls package in Ubuntu:
Fix Released
Bug description:
Please sync mbedtls 2.4.2-1 (universe) from Debian unstable (main)
mbed TLS 2.4.2 contains a fix for CVE-2017-2748 which should be in
zesty (LP #1672686). It also contains a number of other bugfixes.
Upstream changelog:
= mbed TLS 2.4.2 branch released 2017-03-08
Security
* Add checks to prevent signature forgeries for very large messages while
using RSA through the PK module in 64-bit systems. The issue was caused by
some data loss when casting a size_t to an unsigned int value in the
functions rsa_verify_wrap(), rsa_sign_wrap(), rsa_alt_sign_wrap() and
mbedtls_pk_sign(). Found by Jean-Philippe Aumasson.
* Fixed potential livelock during the parsing of a CRL in PEM format in
mbedtls_x509_crl_parse(). A string containing a CRL followed by trailing
characters after the footer could result in the execution of an infinite
loop. The issue can be triggered remotely. Found by Greg Zaverucha,
Microsoft.
* Removed MD5 from the allowed hash algorithms for CertificateRequest and
CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
Introduced by interoperability fix for #513.
* Fixed a bug that caused freeing a buffer that was allocated on the stack,
when verifying the validity of a key on secp224k1. This could be
triggered remotely for example with a maliciously constructed certificate
and potentially could lead to remote code execution on some platforms.
Reported independently by rongsaws and Aleksandar Nikolic, Cisco Talos
team. #569 CVE-2017-2784
Bugfix
* Fix output certificate verification flags set by x509_crt_verify_top() when
traversing a chain of trusted CA. The issue would cause both flags,
MBEDTLS_X509_BADCERT_NOT_TRUSTED and MBEDTLS_X509_BADCERT_EXPIRED, to be
set when the verification conditions are not met regardless of the cause.
Found by Harm Verhagen and inestlerode. #665 #561
* Fix the redefinition of macro ssl_set_bio to an undefined symbol
mbedtls_ssl_set_bio_timeout in compat-1.3.h, by removing it.
Found by omlib-lin. #673
* Fix unused variable/function compilation warnings in pem.c, x509_crt.c and
x509_csr.c that are reported when building mbed TLS with a config.h that
does not define MBEDTLS_PEM_PARSE_C. Found by omnium21. #562
* Fix incorrect renegotiation condition in ssl_check_ctr_renegotiate() that
would compare 64 bits of the record counter instead of 48 bits as indicated
in RFC 6347 Section 4.3.1. This could cause the execution of the
renegotiation routines at unexpected times when the protocol is DTLS. Found
by wariua. #687
* Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
the input string in PEM format to extract the different components. Found
by Eyal Itkin.
* Fixed potential arithmetic overflow in mbedtls_ctr_drbg_reseed() that could
cause buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed potential arithmetic overflows in mbedtls_cipher_update() that could
cause buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed potential arithmetic overflow in mbedtls_md2_update() that could
cause buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed potential arithmetic overflow in mbedtls_base64_decode() that could
cause buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed heap overreads in mbedtls_x509_get_time(). Found by Peng
Li/Yueh-Hsun Lin, KNOX Security, Samsung Research America.
* Fix potential memory leak in mbedtls_x509_crl_parse(). The leak was caused
by missing calls to mbedtls_pem_free() in cases when a
MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT error was encountered. Found and
fix proposed by Guido Vranken. #722
* Fixed the templates used to generate project and solution files for Visual
Studio 2015 as well as the files themselves, to remove a build warning
generated in Visual Studio 2015. Reported by Steve Valliere. #742
* Fix a resource leak in ssl_cookie, when using MBEDTLS_THREADING_C.
Raised and fix suggested by Alan Gillingham in the mbed TLS forum. #771
* Fix 1 byte buffer overflow in mbedtls_mpi_write_string() when the MPI
number to write in hexadecimal is negative and requires an odd number of
digits. Found and fixed by Guido Vranken.
* Fix unlisted DES configuration dependency in some pkparse test cases. Found
by inestlerode. #555
= mbed TLS 2.4.1 branch released 2016-12-13
Changes
* Update to CMAC test data, taken from - NIST Special Publication 800-38B -
Recommendation for Block Cipher Modes of Operation: The CMAC Mode for
Authentication – October 2016
Changelog entries since current zesty version 2.4.0-1:
mbedtls (2.4.2-1) unstable; urgency=high
* New upstream version.
- Fixes CVE-2017-2784 - freeing of memory allocated on the stack when
validating a public key with a secp224k1 curve. (Closes: #857560)
* debian/rules:
- Run testsuite inside faketime to prevent it suddenly failing in the
future. Thanks Niels Thykier!
-- James Cowgill <jcowgill at debian.org> Tue, 14 Mar 2017 10:54:33
+0000
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mbedtls/+bug/1672694/+subscriptions
More information about the Ubuntu-sponsors
mailing list