Re: [OE-core][dunfell][PATCH v2] go: Backport fix for CVE-2023-45287
V2 also has issues, as flagged by patchtest and my local testing:
Applying: go: Backport fix for CVE-2023-45287
error: corrupt patch at line 2273
error: could not build fake ancestor
Patch failed at 0001 go: Backport fix for CVE-2023-45287
Steve
On Thu, Jan 4, 2024 at 9:33 PM Vijay Anusuri via
lists.openembedded.org
wrote:
>
> From: Vijay Anusuri
>
> Upstream-Status: Backport
> [https://github.com/golang/go/commit/9baafabac9a84813a336f068862207d2bb06d255
> &
> https://github.com/golang/go/commit/c9d5f60eaa4450ccf1ce878d55b4c6a12843f2f3
> &
> https://github.com/golang/go/commit/8f676144ad7b7c91adb0c6e1ec89aaa6283c6807
> &
> https://github.com/golang/go/commit/8a81fdf165facdcefa06531de5af98a4db343035]
>
> Signed-off-by: Vijay Anusuri
> ---
> meta/recipes-devtools/go/go-1.14.inc |4 +
> .../go/go-1.14/CVE-2023-45287-pre1.patch | 393
> .../go/go-1.14/CVE-2023-45287-pre2.patch | 401
> .../go/go-1.14/CVE-2023-45287-pre3.patch | 86 +
> .../go/go-1.14/CVE-2023-45287.patch | 1697 +
> 5 files changed, 2581 insertions(+)
> create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
> create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre2.patch
> create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre3.patch
> create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287.patch
>
> diff --git a/meta/recipes-devtools/go/go-1.14.inc
> b/meta/recipes-devtools/go/go-1.14.inc
> index b827a3606d..42a9ac8435 100644
> --- a/meta/recipes-devtools/go/go-1.14.inc
> +++ b/meta/recipes-devtools/go/go-1.14.inc
> @@ -83,6 +83,10 @@ SRC_URI += "\
> file://CVE-2023-39318.patch \
> file://CVE-2023-39319.patch \
> file://CVE-2023-39326.patch \
> +file://CVE-2023-45287-pre1.patch \
> +file://CVE-2023-45287-pre2.patch \
> +file://CVE-2023-45287-pre3.patch \
> +file://CVE-2023-45287.patch \
> "
>
> SRC_URI_append_libc-musl = "
> file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
> diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
> b/meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
> new file mode 100644
> index 00..4d65180253
> --- /dev/null
> +++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
> @@ -0,0 +1,393 @@
> +From 9baafabac9a84813a336f068862207d2bb06d255 Mon Sep 17 00:00:00 2001
> +From: Filippo Valsorda
> +Date: Wed, 1 Apr 2020 17:25:40 -0400
> +Subject: [PATCH] crypto/rsa: refactor RSA-PSS signing and verification
> +
> +Cleaned up for readability and consistency.
> +
> +There is one tiny behavioral change: when PSSSaltLengthEqualsHash is
> +used and both hash and opts.Hash were set, hash.Size() was used for the
> +salt length instead of opts.Hash.Size(). That's clearly wrong because
> +opts.Hash is documented to override hash.
> +
> +Change-Id: I3e25dad933961eac827c6d2e3bbfe45fc5a6fb0e
> +Reviewed-on: https://go-review.googlesource.com/c/go/+/226937
> +Run-TryBot: Filippo Valsorda
> +TryBot-Result: Gobot Gobot
> +Reviewed-by: Katie Hockman
> +
> +Upstream-Status: Backport
> [https://github.com/golang/go/commit/9baafabac9a84813a336f068862207d2bb06d255]
> +CVE: CVE-2023-45287 #Dependency Patch1
> +Signed-off-by: Vijay Anusuri
> +---
> + src/crypto/rsa/pss.go | 173 ++
> + src/crypto/rsa/rsa.go | 9 ++-
> + 2 files changed, 96 insertions(+), 86 deletions(-)
> +
> +diff --git a/src/crypto/rsa/pss.go b/src/crypto/rsa/pss.go
> +index 3ff0c2f4d0076..f9844d87329a8 100644
> +--- a/src/crypto/rsa/pss.go
> b/src/crypto/rsa/pss.go
> +@@ -4,9 +4,7 @@
> +
> + package rsa
> +
> +-// This file implements the PSS signature scheme [1].
> +-//
> +-// [1]
> https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf
> ++// This file implements the RSASSA-PSS signature scheme according to RFC
> 8017.
> +
> + import (
> + "bytes"
> +@@ -17,8 +15,22 @@ import (
> + "math/big"
> + )
> +
> ++// Per RFC 8017, Section 9.1
> ++//
> ++// EM = MGF1 xor DB || H( 8*0x00 || mHash || salt ) || 0xbc
> ++//
> ++// where
> ++//
> ++// DB = PS || 0x01 || salt
> ++//
> ++// and PS can be empty so
> ++//
> ++// emLen = dbLen + hLen + 1 = psLen + sLen + hLen + 2
> ++//
> ++
> + func emsaPSSEncode(mHash []byte, emBits int, salt []byte, hash hash.Hash)
> ([]byte, error) {
> +- // See [1], section 9.1.1
> ++ // See RFC 8017, Section 9.1.1.
> ++
> + hLen := hash.Size()
> + sLen := len(salt)
> + emLen := (emBits + 7) / 8
> +@@ -30,7 +42,7 @@ func emsaPSSEncode(mHash []byte, emBits int, salt []byte,
> hash hash.Hash) ([]byt
> + // 2. Let mHash = Hash(M), an octet string of length hLen.
> +
> + if len(mHash) != hLen {
> +- return nil, errors.New("crypto/rsa: input must be hashed
> message")
> ++ return nil, errors.New("crypto/rsa: input must be hashed with
>
Patchtest results for [OE-core][dunfell][PATCH v2] go: Backport fix for CVE-2023-45287
Thank you for your submission. Patchtest identified one or more issues with the patch. Please see the log below for more information: --- Testing patch /home/patchtest/share/mboxes/dunfell-v2-go-Backport-fix-for-CVE-2023-45287.patch FAIL: test mbox format: Series has malformed diff lines. Create the series again using git-format-patch and ensure it applies using git am (test_mbox.TestMbox.test_mbox_format) PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence) PASS: test author valid (test_mbox.TestMbox.test_author_valid) PASS: test commit message presence (test_mbox.TestMbox.test_commit_message_presence) PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade) PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format) PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length) PASS: test target mailing list (test_mbox.TestMbox.test_target_mailing_list) SKIP: test CVE tag format: Parse error Hunk is shorter than expected (test_patch.TestPatch.test_cve_tag_format) SKIP: test Signed-off-by presence: Parse error Hunk is shorter than expected (test_patch.TestPatch.test_signed_off_by_presence) SKIP: test Upstream-Status presence: Parse error Hunk is shorter than expected (test_patch.TestPatch.test_upstream_status_presence_format) SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format) SKIP: test pylint: Python-unidiff parse error (test_python_pylint.PyLint.test_pylint) SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head) --- Please address the issues identified and submit a new revision of the patch, or alternatively, reply to this email with an explanation of why the patch should be accepted. If you believe these results are due to an error in patchtest, please submit a bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category under 'Yocto Project Subprojects'). For more information on specific failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank you! -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#193345): https://lists.openembedded.org/g/openembedded-core/message/193345 Mute This Topic: https://lists.openembedded.org/mt/103539189/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell][PATCH v2] go: Backport fix for CVE-2023-45287
From: Vijay Anusuri
Upstream-Status: Backport
[https://github.com/golang/go/commit/9baafabac9a84813a336f068862207d2bb06d255
&
https://github.com/golang/go/commit/c9d5f60eaa4450ccf1ce878d55b4c6a12843f2f3
&
https://github.com/golang/go/commit/8f676144ad7b7c91adb0c6e1ec89aaa6283c6807
&
https://github.com/golang/go/commit/8a81fdf165facdcefa06531de5af98a4db343035]
Signed-off-by: Vijay Anusuri
---
meta/recipes-devtools/go/go-1.14.inc |4 +
.../go/go-1.14/CVE-2023-45287-pre1.patch | 393
.../go/go-1.14/CVE-2023-45287-pre2.patch | 401
.../go/go-1.14/CVE-2023-45287-pre3.patch | 86 +
.../go/go-1.14/CVE-2023-45287.patch | 1697 +
5 files changed, 2581 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre2.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre3.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287.patch
diff --git a/meta/recipes-devtools/go/go-1.14.inc
b/meta/recipes-devtools/go/go-1.14.inc
index b827a3606d..42a9ac8435 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -83,6 +83,10 @@ SRC_URI += "\
file://CVE-2023-39318.patch \
file://CVE-2023-39319.patch \
file://CVE-2023-39326.patch \
+file://CVE-2023-45287-pre1.patch \
+file://CVE-2023-45287-pre2.patch \
+file://CVE-2023-45287-pre3.patch \
+file://CVE-2023-45287.patch \
"
SRC_URI_append_libc-musl = "
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
b/meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
new file mode 100644
index 00..4d65180253
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
@@ -0,0 +1,393 @@
+From 9baafabac9a84813a336f068862207d2bb06d255 Mon Sep 17 00:00:00 2001
+From: Filippo Valsorda
+Date: Wed, 1 Apr 2020 17:25:40 -0400
+Subject: [PATCH] crypto/rsa: refactor RSA-PSS signing and verification
+
+Cleaned up for readability and consistency.
+
+There is one tiny behavioral change: when PSSSaltLengthEqualsHash is
+used and both hash and opts.Hash were set, hash.Size() was used for the
+salt length instead of opts.Hash.Size(). That's clearly wrong because
+opts.Hash is documented to override hash.
+
+Change-Id: I3e25dad933961eac827c6d2e3bbfe45fc5a6fb0e
+Reviewed-on: https://go-review.googlesource.com/c/go/+/226937
+Run-TryBot: Filippo Valsorda
+TryBot-Result: Gobot Gobot
+Reviewed-by: Katie Hockman
+
+Upstream-Status: Backport
[https://github.com/golang/go/commit/9baafabac9a84813a336f068862207d2bb06d255]
+CVE: CVE-2023-45287 #Dependency Patch1
+Signed-off-by: Vijay Anusuri
+---
+ src/crypto/rsa/pss.go | 173 ++
+ src/crypto/rsa/rsa.go | 9 ++-
+ 2 files changed, 96 insertions(+), 86 deletions(-)
+
+diff --git a/src/crypto/rsa/pss.go b/src/crypto/rsa/pss.go
+index 3ff0c2f4d0076..f9844d87329a8 100644
+--- a/src/crypto/rsa/pss.go
b/src/crypto/rsa/pss.go
+@@ -4,9 +4,7 @@
+
+ package rsa
+
+-// This file implements the PSS signature scheme [1].
+-//
+-// [1]
https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf
++// This file implements the RSASSA-PSS signature scheme according to RFC 8017.
+
+ import (
+ "bytes"
+@@ -17,8 +15,22 @@ import (
+ "math/big"
+ )
+
++// Per RFC 8017, Section 9.1
++//
++// EM = MGF1 xor DB || H( 8*0x00 || mHash || salt ) || 0xbc
++//
++// where
++//
++// DB = PS || 0x01 || salt
++//
++// and PS can be empty so
++//
++// emLen = dbLen + hLen + 1 = psLen + sLen + hLen + 2
++//
++
+ func emsaPSSEncode(mHash []byte, emBits int, salt []byte, hash hash.Hash)
([]byte, error) {
+- // See [1], section 9.1.1
++ // See RFC 8017, Section 9.1.1.
++
+ hLen := hash.Size()
+ sLen := len(salt)
+ emLen := (emBits + 7) / 8
+@@ -30,7 +42,7 @@ func emsaPSSEncode(mHash []byte, emBits int, salt []byte,
hash hash.Hash) ([]byt
+ // 2. Let mHash = Hash(M), an octet string of length hLen.
+
+ if len(mHash) != hLen {
+- return nil, errors.New("crypto/rsa: input must be hashed
message")
++ return nil, errors.New("crypto/rsa: input must be hashed with
given hash")
+ }
+
+ // 3. If emLen < hLen + sLen + 2, output "encoding error" and stop.
+@@ -40,8 +52,9 @@ func emsaPSSEncode(mHash []byte, emBits int, salt []byte,
hash hash.Hash) ([]byt
+ }
+
+ em := make([]byte, emLen)
+- db := em[:emLen-sLen-hLen-2+1+sLen]
+- h := em[emLen-sLen-hLen-2+1+sLen : emLen-1]
++ psLen := emLen - sLen - hLen - 2
++ db := em[:psLen+1+sLen]
++ h := em[psLen+1+sLen : emLen-1]
+
+ // 4. Generate a random octet string salt of length sLen; if sLen = 0,
+ // then salt is the
