Bug#961422: [Pkg-erlang-devel] Bug#961422: yaws: CVE-2020-12872

[Sergei Golovan]

Hi Salvatore,

On Sun, May 24, 2020 at 4:09 PM Salvatore Bonaccorso  wrote:
>
> The following vulnerability was published for yaws.
>
> CVE-2020-12872[0]:
> | yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS
> | ciphers, as demonstrated by ones that allow Sweet32 attacks.
>

As far as I can see, YAWS just uses the ciphersuite offered by the Erlang ssl
application. It indeed includes 3DES based ciphers in Erlang 19.2.1 (in stretch)
and in Erlang 17.3 (in jessie), but doesn't do so in Erlang 21.2.6 (in
buster) and
in later versions (in bullseye, sid and experimental).

So, currently, YAWS is vulnerable for jessie and stretch only.

>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

I would rather suggest to reassign this bug to erlang-ssl, and fix it there
(as not only YAWS can use this list of ciphers).

I've already prepared a patch for erlang in stretch, and if you think
it's an acceptable way
of fixing this bug, I'll inform the release team about it.

I wouldn't like to do anything about jessie, since its LTS support
comes to an end soon.

Sheers!
-- 
Sergei Golovan

Bug#961422: [Pkg-erlang-devel] Bug#961422: yaws: CVE-2020-12872

[Salvatore Bonaccorso]

Hi Sergei!

[Cc'in security team alias]

On Sun, May 24, 2020 at 08:05:23PM +0300, Sergei Golovan wrote:
> Hi Salvatore,
> 
> On Sun, May 24, 2020 at 4:09 PM Salvatore Bonaccorso  
> wrote:
> >
> > The following vulnerability was published for yaws.
> >
> > CVE-2020-12872[0]:
> > | yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS
> > | ciphers, as demonstrated by ones that allow Sweet32 attacks.
> >
> 
> As far as I can see, YAWS just uses the ciphersuite offered by the Erlang ssl
> application. It indeed includes 3DES based ciphers in Erlang 19.2.1 (in 
> stretch)
> and in Erlang 17.3 (in jessie), but doesn't do so in Erlang 21.2.6 (in
> buster) and
> in later versions (in bullseye, sid and experimental).
> 
> So, currently, YAWS is vulnerable for jessie and stretch only.

Ok seems reasonable, but to be sure I actually did fill an [issue][1]
upstream (wich apparently did not go a notice until then) and they
said something similar along the lines *but* said as well "and will
consider additional work to address this CVE".

 [1]:  

That said I would like to see what they plan as further work and then
only fix this bug with that change. But I agree with you that the
underlying issue can be considered in erlang-ssl, so just clone the
bug there?

> > If you fix the vulnerability please also make sure to include the
> > CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> I would rather suggest to reassign this bug to erlang-ssl, and fix it there
> (as not only YAWS can use this list of ciphers).

Or reassign? (and track this one to see what upstream is going to do
with [1]?

> I've already prepared a patch for erlang in stretch, and if you think
> it's an acceptable way
> of fixing this bug, I'll inform the release team about it.

I think that sounds good, and then include this for the next (and
last) point release. Thanks for working on it!

> I wouldn't like to do anything about jessie, since its LTS support
> comes to an end soon.

The LTS team marked the issue as well as no-dsa so I guess this is
fine and do nothing about it in jessie.

Regards,
Salvatore