Bug#962289: marked as done (gnutls28: CVE-2020-13777: session resumption works without master key allowing MITM)
Your message dated Fri, 12 Jun 2020 08:17:32 + with message-id and subject line Bug#962289: fixed in gnutls28 3.6.7-4+deb10u4 has caused the Debian Bug report #962289, regarding gnutls28: CVE-2020-13777: session resumption works without master key allowing MITM to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 962289: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962289 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: gnutls28 Version: 3.6.13-4 Severity: grave Tags: security upstream Forwarded: https://gitlab.com/gnutls/gnutls/-/issues/1011 Control: found -1 3.6.4-1 Control: found -1 3.6.7-4+deb10u3 Hi Andreas, The following vulnerability was published for gnutsl28, filling it as RC given the resulting in authentication bypass possibility, but if you do not agree please downgrade. CVE-2020-13777[0]: | GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting | a session ticket (a loss of confidentiality in TLS 1.2, and an | authentication bypass in TLS 1.3). The earliest affected version is | 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until | the first key rotation, the TLS server always uses wrong data in place | of an encryption key derived from an application. If you want I can try to help preparing as well a corresponding buster-security update. The issue was introduced in 3.6.4 upstream, so stretch is not affected. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-13777 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13777 [1] https://gnutls.org/security-new.html#GNUTLS-SA-2020-06-03 [2] https://gitlab.com/gnutls/gnutls/-/issues/1011 Regards, Salvatore --- End Message --- --- Begin Message --- Source: gnutls28 Source-Version: 3.6.7-4+deb10u4 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of gnutls28, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 962...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated gnutls28 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 05 Jun 2020 19:32:17 +0200 Source: gnutls28 Architecture: source Version: 3.6.7-4+deb10u4 Distribution: buster-security Urgency: high Maintainer: Debian GnuTLS Maintainers Changed-By: Salvatore Bonaccorso Closes: 962289 Changes: gnutls28 (3.6.7-4+deb10u4) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * GNUTLS-SA-2020-06-03: Flaw in TLS session ticket key construction (CVE-2020-13777) (Closes: #962289) Checksums-Sha1: a6a03560185c91ff0756e4a5a89e64cc216aef6e 3509 gnutls28_3.6.7-4+deb10u4.dsc ab70d6845d2efd27986a7af146ffa3192d973838 78712 gnutls28_3.6.7-4+deb10u4.debian.tar.xz Checksums-Sha256: 0d633cb281152d025b49fa398930c8f5ea2e9af529bc9a2d288813679e75d88f 3509 gnutls28_3.6.7-4+deb10u4.dsc 2bf9e2ce3603e46ad2a47762e4e96c2f64729fe5bd784274025aa99f33a11688 78712 gnutls28_3.6.7-4+deb10u4.debian.tar.xz Files: 4e19564f52ba71851112b45c5e4cfc9f 3509 libs optional gnutls28_3.6.7-4+deb10u4.dsc f2e6a94c3af7e8346738ee0b339d9790 78712 libs optional gnutls28_3.6.7-4+deb10u4.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7bmT5fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EygkP/RmssqHIMnJO3RT8Fcyry1YwfoYOCnnI 7cGQALm5OaQvlduqrrfbw75nSO5MoSoCDVxwEtUkqpMHQR6mZacDfSA/7vdWTQ0g rtRd+LJ2gtUceRdoX0fQV4KH0fCfnYUv/YITjiT4UYqr98RV6n/MZAJyNt1gMOGL 84BPeLqcVfmNOOatoWTpH9H93qqpxPyepqPcx8W21DId8Y9d21OpXNBylo8rc7et k0iwe5bGeQoQA8h9M23P3HtO9o9Fgap/SeKAvm5LPGXRBCpMCuxBnez0rvVw/I6c lR+Ze6xVGIO8H03j66PDhy4D/M7V8JbInP1FEwtw0TNAgVXiwPk2b7YrTepCSgQE ByqF+STaAyccP69NVGwbh7fW2EW/oaJqtUL8w0HH7+3KPcYKKUcyTU/dNvENZlr0 hdqIitX3Ogkr2/A9SGSVhSMR/AonCYodYuZAPjjiicg5BeS+dwauT7kDxvTfCugp
Bug#962289: marked as done (gnutls28: CVE-2020-13777: session resumption works without master key allowing MITM)
Your message dated Sat, 06 Jun 2020 12:49:02 + with message-id and subject line Bug#962289: fixed in gnutls28 3.6.14-1 has caused the Debian Bug report #962289, regarding gnutls28: CVE-2020-13777: session resumption works without master key allowing MITM to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 962289: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962289 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: gnutls28 Version: 3.6.13-4 Severity: grave Tags: security upstream Forwarded: https://gitlab.com/gnutls/gnutls/-/issues/1011 Control: found -1 3.6.4-1 Control: found -1 3.6.7-4+deb10u3 Hi Andreas, The following vulnerability was published for gnutsl28, filling it as RC given the resulting in authentication bypass possibility, but if you do not agree please downgrade. CVE-2020-13777[0]: | GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting | a session ticket (a loss of confidentiality in TLS 1.2, and an | authentication bypass in TLS 1.3). The earliest affected version is | 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until | the first key rotation, the TLS server always uses wrong data in place | of an encryption key derived from an application. If you want I can try to help preparing as well a corresponding buster-security update. The issue was introduced in 3.6.4 upstream, so stretch is not affected. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-13777 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13777 [1] https://gnutls.org/security-new.html#GNUTLS-SA-2020-06-03 [2] https://gitlab.com/gnutls/gnutls/-/issues/1011 Regards, Salvatore --- End Message --- --- Begin Message --- Source: gnutls28 Source-Version: 3.6.14-1 Done: Andreas Metzler We believe that the bug you reported is fixed in the latest version of gnutls28, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 962...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Metzler (supplier of updated gnutls28 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 06 Jun 2020 14:11:30 +0200 Source: gnutls28 Architecture: source Version: 3.6.14-1 Distribution: unstable Urgency: high Maintainer: Debian GnuTLS Maintainers Changed-By: Andreas Metzler Closes: 962199 962218 962289 Changes: gnutls28 (3.6.14-1) unstable; urgency=high . * Drop debugging code added in -4, fixes nocheck profile build error. Closes: #962199 * Add Daiki Ueno 462225C3B46F34879FC8496CD605848ED7E69871 key to debian/upstream/signing-key.asc. * New upstream version. + Fixes insecure session ticket key construction. [GNUTLS-SA-2020-06-03, CVE-2020-13777] Closes: #962289 + Drop 50_Update-session_ticket.c-to-add-support-for-zero-leng.patch 51_01-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch 51_02-x509-trigger-fallback-verification-path-when-cert-is.patch 51_03-tests-add-test-case-for-certificate-chain-supersedin.patch * Drop guile-gnutls.lintian-overrides. * 40_fix_ipv6only_testsuite_AI_ADDRCONFIG.diff: In gnutls-serv do not pass AI_ADDRCONFIG to getaddrinfo. This broke the testsuite on systems without IPv4 on non-loopback addresses. (Thanks, Adrian Bunk and Julien Cristau!) Hopefully Closes: #962218 Checksums-Sha1: 7c9199a08f66d1d0431141be3a3ffe6ac6e376e5 3479 gnutls28_3.6.14-1.dsc bea1b5abcb691acf014e592f41d0a9580a41216a 6069088 gnutls28_3.6.14.orig.tar.xz 49cb57a9accb3a95a0c23605b2c8d76b21d90dd0 854 gnutls28_3.6.14.orig.tar.xz.asc 7c18ebbc0669216fa3ad82ba6539276cb0626a3d 62708 gnutls28_3.6.14-1.debian.tar.xz Checksums-Sha256: 9f85587356a29ceb26ba6d741348e190090b9f2c86b6352626eff2ea5cbe6dfd 3479 gnutls28_3.6.14-1.dsc 5630751adec7025b8ef955af4d141d00d252a985769f51b4059e5affa3d39d63 6069088 gnutls28_3.6.14.orig.tar.xz a3e05b531b68a4aca8fdc5dce83e7091b5aa859d76de7e8ba9992047272f04dd 854 gnutls28_3.6.14.orig.tar.xz.asc