Brian May writes:
> Had a quick look at the matrixssl security vulnerability.
>
> Unfortunately, finding it difficult to work out which of the upstream
> changes fixes this.
Was meaning to be more informative here, unfortunately the train I was
travelling on unexpectedly terminated
Hi Brian
After some investigation I found the fix here:
https://github.com/matrixssl/matrixssl/commit/57d20a6e85a9cd570884aba686368dd77511d866
This is a very large commit but from
https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
it looks like it is the
Ola Lundqvist writes:
> This is a very large commit but from
> https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
> it looks like it is the following files that were updated:
> - crypto/math/pstm.c
> - crypto/pubkey/dh.c
> - crypto/pubkey/rsa.
Hi
You seem to come to the same conclusion as I do.
The implementation of pstm_exptmod and mp_exptmod is considerably different.
They most likely have different set of vulnerabilities.
So let us take a look at what applications that may use matrixssl. The
reverse dependencies are: ipsvd and
On Thu, Aug 11, 2016 at 07:00:03PM +1000, Brian May wrote:
> Ola Lundqvist writes:
>
> > This is a very large commit but from
> > https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
> > it looks like it is the following files that were up
Guido Günther writes:
> As I wrote in dla-needed.txt the bignum handling is in
> crypto/peersec/mpi.c and it seems to use the same algorithms (and lacks
> the same checks in e.g. mp_exptmod) so I marked it as
> vulnerable. Porting back the fixes from the current version will be
> difficult though
Hi Brian,
On Wed, Aug 17, 2016 at 05:49:46PM +1000, Brian May wrote:
> Guido Günther writes:
>
> > As I wrote in dla-needed.txt the bignum handling is in
> > crypto/peersec/mpi.c and it seems to use the same algorithms (and lacks
> > the same checks in e.g. mp_exptmod) so I marked it as
> > vulne
in 3.8.4 which is missing in Wheezy and which is responsible for
the crashes detailed here:
https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
I did not try the patched openssl to crash the matrixssl server and I
did not look into the details of the "miscalcu
Guido Günther writes:
> They are basically identical but the git version got a length check
> added in 3.8.4 which is missing in Wheezy and which is responsible for
> the crashes detailed here:
>
>
> https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-a
d this package, and unlikely to have time to continue this
month. So if anybody wants to take over before then, feel free to do so.
--
Brian May
diff -u matrixssl-1.8.8/debian/changelog matrixssl-1.8.8/debian/changelog
--- matrixssl-1.8.8/debian/changelog
+++ matrixssl-1.8.8/debian/changelog
@@ -1,3
I have attached my proposed debdiff patch. It builds using sbuild. I
> haven't claimed this package, and unlikely to have time to continue this
> month. So if anybody wants to take over before then, feel free to do so.
> --
> Brian May
> diff -u matrixssl-1.8.8/debian/changelog
diff patch. It builds using sbuild. I
>> haven't claimed this package, and unlikely to have time to continue this
>> month. So if anybody wants to take over before then, feel free to do so.
>> --
>> Brian May
>
>> diff -u matrixssl-1.8.8/debian/changelog matrixssl-1
build. I
> >> haven't claimed this package, and unlikely to have time to continue this
> >> month. So if anybody wants to take over before then, feel free to do so.
> >> --
> >> Brian May
> >
> >> diff -u matrixssl-1.8.8/debian/changelog matrixssl
Guido Günther writes:
> There are exploits mentioned in the paper. I think we should test them
> before releasing a DLA.
What paper are you referring to here?
There is the blog post here:
https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
However I
the blog post here:
>
> https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html
>
> However I don't see any exploits mentioned.
It has a link:
"I created a patch against openssl that allows to test this." ->
https://github.com/hannob/bignum-fu
like you can test it if you can setup a matrixssl
server. Fair enough.
I looked and found only one package in wheezy that uses matrixssl:
(wheezy-amd64-default)root@prune:/home/brian# apt-cache rdepends libmatrixssl1.8
libmatrixssl1.8
Reverse Depends:
libmatrixssl1.8-dev
ipsvd
So I installed ipv
On 02/09/16 18:42, Brian May wrote:
> sslio[8259]: fatal: unable to read cert or key file: no error
I found that error reported in an unrelated bug report, the solution
seems to be:
https://bugs.contribs.org/show_bug.cgi?id=7664#c4
> I have been hit by the problem lamented by Jean Franco whiel
Christopher Samuel writes:
> I found that error reported in an unrelated bug report, the solution
> seems to be:
>
> https://bugs.contribs.org/show_bug.cgi?id=7664#c4
Thanks for this. Finally got it working...
...BUT matrixssl is SSLv3 only. openssl in sid - which seems to be
requ
Brian May writes:
> Ok, managed to rebuild the Debian package with ssl3 support enabled. It
> appears to work. Will try the exploit. Still leaves me wondering if it
> is actually worth fixing security issues in matrixssl.
Hmmm.. Interesting. Wheezy version appears to be not vulnerable
Hi Brian
I think we should state no-dsa for this.
Matrixssl is very seldomly used. According to popcon there are in
total 75 users.
https://qa.debian.org/popcon.php?package=matrixssl
Considering that it is really hard to reproduce (or impossible) and
lack of users I think we should spend our
> Thanks for this. Finally got it working...
>
> ...BUT matrixssl is SSLv3 only.
[...]
So let's add it to the unsupported packages list.
Ben.
--
Ben Hutchings
I haven't lost my mind; it's backed up on tape somewhere.
signature.asc
Description: This is a digitally signed message part
Ben Hutchings writes:
> So let's add it to the unsupported packages list.
Sounds like a good idea. Not sure we really should be supporting
encryption libraries that only support SSLv3.
How do we add packages to the unsupported list? Is this something I can
do?
--
Brian May
Brian May writes:
> How do we add packages to the unsupported list? Is this something I can
> do?
Possibly somebody has already done this, I see it is listed as
in data/CVE/list.
--
Brian May
On Wed, 2016-09-07 at 07:43 +1000, Brian May wrote:
> > Brian May writes:
>
> >
> > How do we add packages to the unsupported list? Is this something I can
> > do?
>
> Possibly somebody has already done this, I see it is listed as
> in data/CVE/list.
No, that only means it was removed from un
On Wed, 2016-09-07 at 07:38 +1000, Brian May wrote:
> > Ben Hutchings writes:
>
> >
> > So let's add it to the unsupported packages list.
>
> Sounds like a good idea. Not sure we really should be supporting
> encryption libraries that only support SSLv3.
>
> How do we add packages to the unsup
gt; After updating it, issue a DLA like this:
> https://lists.debian.org/debian-lts-announce/2016/05/msg00042.html
Ok, so looks like I should be able to add the following line:
matrixssl 1.8.8-1 2016-09-08 Not supported in
Debian LTS (https://lists.debian.org/d
Brian May wrote:
> Ok, so looks like I should be able to add the following line:
>
> matrixssl 1.8.8-1 2016-09-08 Not supported in
> Debian LTS (https://lists.debian.org/debian-lts/2016/09/msg00030.html)
>
> To security-support-ended.deb7
Chris Lamb writes:
> No. With my FD hat on, I went ahead and did this. :)
Thanks!
--
Brian May
28 matches
Mail list logo
