Package: release.debian.org Severity: normal Tags: trixie X-Debbugs-Cc: [email protected], Salvatore Bonaccorso <[email protected]>, Andreas Metzler <[email protected]> Control: affects -1 + src:gnupg2 User: [email protected] Usertags: pu
Hello, I would like to fox the non-DSA CVE-2026-57062 for trixie: CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182. This was fixed for sid/forky in 2.4.9-5. The respective patch applies unchanged to the trixie version. Since gnupg2 builds a udeb I suspect I might be too late for the next point release. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable cu Andreas -- "You people are noisy," Nia said. I made the gesture of agreement.
diff --git a/debian/changelog b/debian/changelog index 786180728..6617da515 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,14 @@ +gnupg2 (2.4.7-21+deb13u2) trixie; urgency=medium + + * Fix CVE-2026-57062. + CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through + 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is + supposed to be 12 bytes but 4 bytes is accepted. + + -- Andreas Metzler <[email protected]> Sun, 05 Jul 2026 13:16:48 +0200 + gnupg2 (2.4.7-21+deb13u1) trixie; urgency=high * Avoid potential downgrade to SHA1 in 3rd party key signatures. https://gpg.fail/sha1 #12 Patch from STABLE-BRANCH-2-4 diff --git a/debian/patches/from-master/0004-gpgsm-Require-a-minimum-tag-length-for-GCM-decryptio.patch b/debian/patches/from-master/0004-gpgsm-Require-a-minimum-tag-length-for-GCM-decryptio.patch new file mode 100644 index 000000000..be629b0ee --- /dev/null +++ b/debian/patches/from-master/0004-gpgsm-Require-a-minimum-tag-length-for-GCM-decryptio.patch @@ -0,0 +1,45 @@ +From 4c7e68cf3d335328821bdbb70db309a60d0e4fd4 Mon Sep 17 00:00:00 2001 +From: Werner Koch <[email protected]> +Date: Thu, 18 Jun 2026 10:51:34 +0200 +Subject: [PATCH] gpgsm: Require a minimum tag length for GCM decryption. + +* sm/decrypt.c (gpgsm_decrypt): Require a minimum authtaglen. +-- + +Reported-by: Thai Duong <[email protected]> +CVE-id: CVE-2026-57062 +--- + sm/decrypt.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/sm/decrypt.c b/sm/decrypt.c +index 20fb96060..92a33c6e6 100644 +--- a/sm/decrypt.c ++++ b/sm/decrypt.c +@@ -1443,15 +1443,22 @@ gpgsm_decrypt (ctrl_t ctrl, estream_t in_fp, estream_t out_fp) + if (rc) + { + log_error ("error getting authtag: %s\n", gpg_strerror (rc)); + goto leave; + } + if (DBG_CRYPTO) + log_printhex (authtag, authtaglen, "Authtag ...:"); +- rc = gcry_cipher_checktag (dfparm.hd, authtag, authtaglen); ++ if (authtaglen < 12) ++ { ++ log_info ("authentication tag is too short (%zu octets)\n", ++ authtaglen); ++ rc = gpg_error (GPG_ERR_CHECKSUM); ++ } ++ else ++ rc = gcry_cipher_checktag (dfparm.hd, authtag, authtaglen); + xfree (authtag); + if (rc) + log_error ("data is not authentic: %s\n", gpg_strerror (rc)); + goto leave; + } + } + } +-- +2.53.0 + diff --git a/debian/patches/series b/debian/patches/series index 3b42e1375..501b4657b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -34,10 +34,11 @@ from-master/gpg-agent-idling/0005-agent-Better-interaction-between-main-loop-and from-master/gpg-agent-idling/0006-agent-Introduce-management-of-timer-to-expire-cache-.patch from-master/gpg-agent-idling/0007-agent-Fix-the-previous-commit.patch from-master/gpg-agent-idling/0008-agent-Fix-timer-list-management.patch from-master/gpg-agent-idling/0009-agent-Fix-sock_inotify_fd-handling.patch from-master/gpg-agent-idling/0010-agent-Fix-timer-round-up-check-when-inserting-an-ent.patch +from-master/0004-gpgsm-Require-a-minimum-tag-length-for-GCM-decryptio.patch Use-hkps-keys.openpgp.org-as-the-default-keyserver.patch debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch do-not-install-gnutls.7.html.to.mandir.diff gpg-agent.socket-Set-GPG_AGENT_INFO-in-systemd-for-g.patch
signature.asc
Description: PGP signature

