--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: r...@packages.debian.org, d...@fifthhorseman.net
Control: affects -1 + src:rnp
Control: blocks -1 + 1034558
Please unblock package rnp
[ Reason ]
RNP upstream provided a narrowly-targeted point release (0.16.3) for
fixing two CVEs. It is a small diff from 0.16.2, which is already in
testing.
[ Impact ]
Without this fix, the two CVEs will remain open:
- CVE-2023-29479 (possible hang on malformed inputs)
- CVE-2023-29480 (some secret keys may remain unlocked after use)
Anyone using thunderbird (the most prominent consumer of librnp for
OpenPGP messages) will be vulnerable to them.
>From a debian perspective, debian RC bug #1034558 could cause the
ejection of librnp from testing, which would damage our ability to
ship thunderbird.
[ Tests ]
librnp upstream ships a substantial test suite in src/tests/ --
src/tests/ffi-enc.cpp has been updated to ensure that secret keys
remain locked (CVE-2023-29480). I haven't seen a test for
CVE-2023-29479, but i've asked upstream for one (they might not want
to include a PoC artifact until the fix is more widely distributed):
https://github.com/rnpgp/rnp/issues/2082
[ Risks ]
The code changes are small and relatively compact. there are a few
other source changes beyond the CVE fixes, mostly either shell script
cleanup or improvements to builds on MacOS. I've opted to go with
upstream's 0.16.3 rather than cherry-picking the CVE fixes because the
differences are relatively small and it's better for the user to see
that they're running the upstream bugfix release explicitly.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock rnp/0.16.3-1
diff -Nru rnp-0.16.2/CHANGELOG.md rnp-0.16.3/CHANGELOG.md
--- rnp-0.16.2/CHANGELOG.md 2022-09-22 05:27:54.000000000 -0400
+++ rnp-0.16.3/CHANGELOG.md 2023-04-12 20:27:38.000000000 -0400
@@ -1,5 +1,12 @@
## Changelog
+### 0.16.3 [2023-04-11]
+
+#### Security
+
+* Fixed issue with possible hang on malformed inputs (CVE-2023-29479).
+* Fixed issue where in some cases, secret keys remain unlocked after use
(CVE-2023-29480).
+
### 0.16.2 [2022-09-20]
#### General
diff -Nru rnp-0.16.2/ci/lib/install_functions.inc.sh
rnp-0.16.3/ci/lib/install_functions.inc.sh
--- rnp-0.16.2/ci/lib/install_functions.inc.sh 2022-09-22 05:27:54.000000000
-0400
+++ rnp-0.16.3/ci/lib/install_functions.inc.sh 2023-04-12 20:27:38.000000000
-0400
@@ -19,6 +19,11 @@
: "${RECOMMENDED_CMAKE_VERSION:=3.20.5}"
: "${RECOMMENDED_PYTHON_VERSION:=3.9.2}"
: "${RECOMMENDED_RUBY_VERSION:=2.5.8}"
+# Bundler version to use if Ruby version is less then
+# FALLBACK_BUNDLER_RUBY_VERSION
+: "${FALLBACK_BUNDLER_VERSION:=2.3.26}"
+: "${FALLBACK_BUNDLER_RUBY_VERSION:=2.6.0}"
+
: "${RECOMMENDED_BOTAN_VERSION_MSYS:=${RECOMMENDED_BOTAN_VERSION}-1}"
: "${CMAKE_VERSION:=${RECOMMENDED_CMAKE_VERSION}}"
@@ -69,6 +74,17 @@
rm /usr/local/Cellar/openssl || true
# homebrew fails to update python 3.9.1 to 3.9.1.1 due to unlinking failure
rm /usr/local/bin/2to3 || true
+ # homebrew fails to update python from 3.9 to 3.10 due to another unlinking
failure
+ rm /usr/local/bin/idle3 || true
+ rm /usr/local/bin/pydoc3 || true
+ rm /usr/local/bin/python3 || true
+ rm /usr/local/bin/python3-config || true
+ # homebrew fails to update python from 3.11.0 to 3.11.1
+ rm /usr/local/bin/2to3-3.11 || true
+ rm /usr/local/bin/idle3.11 || true
+ rm /usr/local/bin/pydoc3.11 || true
+ rm /usr/local/bin/python3.11 || true
+ rm /usr/local/bin/python3.11-config || true
# homebrew fails to update openssl@1.1 1.1.1l to 1.1.1l_1 due to linking
failure of nghttp2.h
brew unlink nghttp2 || true
brew update
@@ -252,6 +268,7 @@
}
linux_install_centos8() {
+ "${SUDO}" "${YUM}" -y -q install 'dnf-command(config-manager)'
"${SUDO}" "${YUM}" config-manager --set-enabled powertools
yum_prepare_repos epel-release
yum_install_build_dependencies \
@@ -492,7 +509,7 @@
automake_build=${LOCAL_BUILDS}/automake
mkdir -p "${automake_build}"
pushd "${automake_build}"
- curl -L -o automake.tar.xz
https://ftp.gnu.org/gnu/automake/automake-${AUTOMAKE_VERSION}.tar.xz
+ curl -L -o automake.tar.xz
"https://ftp.gnu.org/gnu/automake/automake-${AUTOMAKE_VERSION}.tar.xz";
tar -xf automake.tar.xz --strip 1
./configure --enable-optimizations --prefix=/usr && ${MAKE}
-j"${MAKE_PARALLEL}" && ${SUDO} make install
popd
@@ -687,7 +704,11 @@
# ruby-rnp
install_bundler() {
- gem_install bundler bundle
+ if is_version_at_least ruby "${FALLBACK_BUNDLER_RUBY_VERSION}" command ruby
-e 'puts RUBY_VERSION'; then
+ gem_install bundler bundle
+ else
+ gem_install "bundler:${FALLBACK_BUNDLER_VERSION}" bundle
+ fi
}
install_asciidoctor() {
@@ -747,7 +768,7 @@
;;
*)
# TODO: handle ubuntu?
- >&2 echo Error: Need to install ruby ${MINIMUM_RUBY_VERSION}+
+ >&2 echo "Error: Need to install ruby ${MINIMUM_RUBY_VERSION}+"
exit 1
esac
}
@@ -931,7 +952,7 @@
local rnpsrc="$PWD"
pushd "$(mktemp -d)" || return 1
- # shellcheck disable=SC2046
+ # shellcheck disable=SC2046,SC2086
gcc "${rnpsrc}/src/examples/generate.c" -ogenerate $(pkg-config --cflags
--libs $pkgflags librnp) $gccflags
./generate
readelf -d generate
diff -Nru rnp-0.16.2/debian/changelog rnp-0.16.3/debian/changelog
--- rnp-0.16.2/debian/changelog 2022-10-03 21:30:25.000000000 -0400
+++ rnp-0.16.3/debian/changelog 2023-05-24 09:06:07.000000000 -0400
@@ -1,3 +1,14 @@
+rnp (0.16.3-1) unstable; urgency=medium
+
+ * New upstream release, Closes: #1034558
+ - Fixes CVE-2023-29479
+ - Fixes CVE-2023-29480
+ * standards-version: bump to 4.6.2 (no changes needed)
+ * drop unnecessary lintian overrides
+ * d/copyright: include 2023
+
+ -- Daniel Kahn Gillmor <d...@fifthhorseman.net> Wed, 24 May 2023 09:06:07
-0400
+
rnp (0.16.2-1) unstable; urgency=medium
* New upstream release
diff -Nru rnp-0.16.2/debian/control rnp-0.16.3/debian/control
--- rnp-0.16.2/debian/control 2022-09-09 19:03:00.000000000 -0400
+++ rnp-0.16.3/debian/control 2023-05-24 09:06:07.000000000 -0400
@@ -15,7 +15,7 @@
python3 <!nocheck>,
python3-distutils <!nocheck>,
zlib1g-dev,
-Standards-Version: 4.6.1
+Standards-Version: 4.6.2
Vcs-Git: https://salsa.debian.org/debian/rnp.git
Vcs-Browser: https://salsa.debian.org/debian/rnp
Homepage: https://www.rnpgp.com/software/rnp/
diff -Nru rnp-0.16.2/debian/copyright rnp-0.16.3/debian/copyright
--- rnp-0.16.2/debian/copyright 2022-09-09 15:36:52.000000000 -0400
+++ rnp-0.16.3/debian/copyright 2023-05-24 09:06:07.000000000 -0400
@@ -5,7 +5,7 @@
Files: *
Copyright:
- 2017-2022, Ribose Inc.
+ 2017-2023, Ribose Inc.
2009-2010, The NetBSD Foundation, Inc.
License: BSD-2-clause
@@ -30,7 +30,7 @@
Files: debian/*
Copyright:
- 2021-2022 Daniel Kahn Gillmor <d...@fifthhorseman.net>
+ 2021-2023 Daniel Kahn Gillmor <d...@fifthhorseman.net>
License: BSD-2-clause
License: BSD-2-clause
diff -Nru rnp-0.16.2/debian/source/lintian-overrides
rnp-0.16.3/debian/source/lintian-overrides
--- rnp-0.16.2/debian/source/lintian-overrides 2022-09-09 19:03:00.000000000
-0400
+++ rnp-0.16.3/debian/source/lintian-overrides 2023-05-24 09:06:07.000000000
-0400
@@ -1,5 +1,2 @@
-# These two files are OpenPGP packets that libmagic is confused about.
-rnp source: source-contains-prebuilt-windows-binary
[src/tests/data/test_key_validity/case8/subkey-no-sig.pgp]
-rnp source: source-contains-prebuilt-windows-binary
[src/tests/data/test_key_validity/case8/subkey.pgp]
# these are test elements that are expected to be long:
rnp source: very-long-line-length-in-source-file * > 512 [src/tests/data/*]
diff -Nru rnp-0.16.2/docs/installation.adoc rnp-0.16.3/docs/installation.adoc
--- rnp-0.16.2/docs/installation.adoc 2022-09-22 05:27:54.000000000 -0400
+++ rnp-0.16.3/docs/installation.adoc 2023-04-12 20:27:38.000000000 -0400
@@ -55,7 +55,7 @@
[source,console]
----
# Clone the repository by version tag (or omit it to get the latest sources)
-git clone https://github.com/rnpgp/rnp.git -b v0.16.2
+git clone https://github.com/rnpgp/rnp.git -b v0.16.3
# Install required packages
sudo apt install g++-8 cmake libbz2-dev zlib1g-dev libjson-c-dev \
@@ -91,7 +91,7 @@
[source,console]
----
# Clone the repository by version tag (or omit it to get the latest sources)
-git clone https://github.com/rnpgp/rnp.git -b v0.16.2
+git clone https://github.com/rnpgp/rnp.git -b v0.16.3
# Enable access to `testing` packages by editing /etc/apt/sources.list
# deb http://deb.debian.org/debian testing main
diff -Nru rnp-0.16.2/.github/workflows/macos.yml
rnp-0.16.3/.github/workflows/macos.yml
--- rnp-0.16.2/.github/workflows/macos.yml 2022-09-22 05:27:54.000000000
-0400
+++ rnp-0.16.3/.github/workflows/macos.yml 2023-04-12 20:27:38.000000000
-0400
@@ -42,7 +42,7 @@
strategy:
fail-fast: false
matrix:
- os: [macos-10.15, macos-11.0]
+ os: [macos-11, macos-12]
env:
- CC: gcc
CXX: g++
diff -Nru rnp-0.16.2/src/librepgp/stream-parse.cpp
rnp-0.16.3/src/librepgp/stream-parse.cpp
--- rnp-0.16.2/src/librepgp/stream-parse.cpp 2022-09-22 05:27:54.000000000
-0400
+++ rnp-0.16.3/src/librepgp/stream-parse.cpp 2023-04-12 20:27:38.000000000
-0400
@@ -1919,9 +1919,10 @@
int ptype;
/* Reading pk/sk encrypted session key(s) */
try {
- bool stop = false;
+ size_t errors = 0;
+ bool stop = false;
while (!stop) {
- if (param->pubencs.size() + param->symencs.size() >
MAX_RECIPIENTS) {
+ if (param->pubencs.size() + param->symencs.size() + errors >
MAX_RECIPIENTS) {
RNP_LOG("Too many recipients of the encrypted message.
Aborting.");
return RNP_ERROR_BAD_STATE;
}
@@ -1935,8 +1936,13 @@
case PGP_PKT_SK_SESSION_KEY: {
pgp_sk_sesskey_t skey;
rnp_result_t ret = skey.parse(*param->pkt.readsrc);
+ if (ret == RNP_ERROR_READ) {
+ RNP_LOG("SKESK: Premature end of data.");
+ return ret;
+ }
if (ret) {
RNP_LOG("Failed to parse SKESK, skipping.");
+ errors++;
continue;
}
param->symencs.push_back(skey);
@@ -1945,8 +1951,13 @@
case PGP_PKT_PK_SESSION_KEY: {
pgp_pk_sesskey_t pkey;
rnp_result_t ret = pkey.parse(*param->pkt.readsrc);
+ if (ret == RNP_ERROR_READ) {
+ RNP_LOG("PKESK: Premature end of data.");
+ return ret;
+ }
if (ret) {
RNP_LOG("Failed to parse PKESK, skipping.");
+ errors++;
continue;
}
param->pubencs.push_back(pkey);
diff -Nru rnp-0.16.2/src/librepgp/stream-write.cpp
rnp-0.16.3/src/librepgp/stream-write.cpp
--- rnp-0.16.2/src/librepgp/stream-write.cpp 2022-09-22 05:27:54.000000000
-0400
+++ rnp-0.16.3/src/librepgp/stream-write.cpp 2023-04-12 20:27:38.000000000
-0400
@@ -1126,7 +1126,7 @@
}
/* decrypt the secret key if needed */
- rnp::KeyLocker(*signer.key);
+ rnp::KeyLocker keylock(*signer.key);
if (signer.key->encrypted() &&
!signer.key->unlock(*param.password_provider, PGP_OP_SIGN)) {
RNP_LOG("wrong secret key password");
diff -Nru rnp-0.16.2/src/tests/CMakeLists.txt
rnp-0.16.3/src/tests/CMakeLists.txt
--- rnp-0.16.2/src/tests/CMakeLists.txt 2022-09-22 05:27:54.000000000 -0400
+++ rnp-0.16.3/src/tests/CMakeLists.txt 2023-04-12 20:27:38.000000000 -0400
@@ -222,11 +222,11 @@
GIT_SHALLOW yes
SOURCE_DIR "${_sourcedir}"
BUILD_IN_SOURCE yes
- CONFIGURE_COMMAND ""
+ CONFIGURE_COMMAND bundle config set --local path '.'
BUILD_COMMAND
COMMAND bundle add ffi --version 1.15.5
COMMAND bundle show parallel_tests || bundle add parallel_tests
- COMMAND bundle install --path .
+ COMMAND bundle install
INSTALL_COMMAND ""
TEST_COMMAND ""
)
diff -Nru rnp-0.16.2/src/tests/ffi-enc.cpp rnp-0.16.3/src/tests/ffi-enc.cpp
--- rnp-0.16.2/src/tests/ffi-enc.cpp 2022-09-22 05:27:54.000000000 -0400
+++ rnp-0.16.3/src/tests/ffi-enc.cpp 2023-04-12 20:27:38.000000000 -0400
@@ -670,6 +670,28 @@
// make sure the output file was created
assert_true(rnp_file_exists("encrypted"));
+ // check whether keys are locked
+ rnp_identifier_iterator_t it = NULL;
+ assert_rnp_success(rnp_identifier_iterator_create(ffi, &it,
"fingerprint"));
+ const char *fprint = NULL;
+ while (!rnp_identifier_iterator_next(it, &fprint)) {
+ if (!fprint) {
+ break;
+ }
+ SCOPED_TRACE(fprint);
+ rnp_key_handle_t skey = NULL;
+ assert_rnp_success(rnp_locate_key(ffi, "fingerprint", fprint, &skey));
+ bool secret = true;
+ assert_rnp_success(rnp_key_have_secret(skey, &secret));
+ if (secret) {
+ bool locked = false;
+ assert_rnp_success(rnp_key_is_locked(skey, &locked));
+ assert_true(locked);
+ }
+ rnp_key_handle_destroy(skey);
+ }
+ rnp_identifier_iterator_destroy(it);
+
// cleanup
assert_rnp_success(rnp_input_destroy(input));
input = NULL;
@@ -762,6 +784,25 @@
assert_string_equal(hname, "SHA512");
rnp_buffer_destroy(hname);
hname = NULL;
+ // make sure keys are locked
+ assert_rnp_success(rnp_identifier_iterator_create(ffi, &it,
"fingerprint"));
+ while (!rnp_identifier_iterator_next(it, &fprint)) {
+ if (!fprint) {
+ break;
+ }
+ SCOPED_TRACE(fprint);
+ rnp_key_handle_t skey = NULL;
+ assert_rnp_success(rnp_locate_key(ffi, "fingerprint", fprint, &skey));
+ bool secret = true;
+ assert_rnp_success(rnp_key_have_secret(skey, &secret));
+ if (secret) {
+ bool locked = false;
+ assert_rnp_success(rnp_key_is_locked(skey, &locked));
+ assert_true(locked);
+ }
+ rnp_key_handle_destroy(skey);
+ }
+ rnp_identifier_iterator_destroy(it);
// cleanup
rnp_op_verify_destroy(verify);
rnp_input_destroy(input);
diff -Nru rnp-0.16.2/version.txt rnp-0.16.3/version.txt
--- rnp-0.16.2/version.txt 2022-09-22 05:27:54.000000000 -0400
+++ rnp-0.16.3/version.txt 2023-04-12 20:27:38.000000000 -0400
@@ -1 +1 @@
-0.16.2
+0.16.3
--- End Message ---
