Bug 13324

Summary: ldns new security issue CVE-2014-3209
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: oe, sysadmin-bugs, tmb
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/598317/
Whiteboard: MGA3TOO has_procedure advisory mga-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
Source RPM: ldns-1.6.16-3.mga4.src.rpm CVE:
Status comment:

Description David Walser 2014-05-05 18:48:36 CEST 
A CVE has been assigned for a security issue in ldns today (May 4):
http://openwall.com/lists/oss-security/2014/05/05/4

No fix is available yet.

Mageia 3 and Mageia 4 are also affected.

Reproducible: 

Steps to Reproduce:
David Walser 2014-05-05 18:48:42 CEST

Whiteboard: (none) => MGA4TOO, MGA3TOO

Comment 1 Oden Eriksson 2014-05-07 10:45:20 CEST 
fixed with ldns-1.6.16-2.1.mga3, ldns-1.6.16-3.1.mga4 & ldns-1.6.17-1.mga5

CC: (none) => oe

Comment 2 David Walser 2014-05-07 20:38:06 CEST 
Thanks Oden!

Advisory:
========================

Updated ldns packages fix security vulnerability:

ldns-keygen creates a private key with the default permissions according to
the user's umask, which in most cases will cause the private key to be
world-readable (CVE-2014-3209).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209
http://openwall.com/lists/oss-security/2014/05/05/4
========================

Updated packages in core/updates_testing:
========================
ldns-utils-1.6.16-2.1.mga3
libldns1-1.6.16-2.1.mga3
libldns-devel-1.6.16-2.1.mga3
python-ldns-1.6.16-2.1.mga3
ldns-utils-1.6.16-3.1.mga4
libldns1-1.6.16-3.1.mga4
libldns-devel-1.6.16-3.1.mga4
python-ldns-1.6.16-3.1.mga4

from SRPMS:
ldns-1.6.16-2.1.mga3.src.rpm
ldns-1.6.16-3.1.mga4.src.rpm

Version: Cauldron => 4
Assignee: luis.daniel.lucio => qa-bugs
Whiteboard: MGA4TOO, MGA3TOO => MGA3TOO

Comment 3 claire robinson 2014-05-08 15:11:11 CEST 
Testing complete mga4 64

Borrowed the line from here http://whyscream.net/wiki/index.php/Dnssec_howto_with_NSD_and_ldns

Before
------
$ cd test
$ ldns-keygen -a RSASHA1_NSEC3 -b 1024 example.net
Kexample.net.+007+59213

$ ll
total 12
-rw-r--r-- 1 claire claire  70 May  8 14:05 Kexample.net.+007+59213.ds
-rw-r--r-- 1 claire claire 242 May  8 14:05 Kexample.net.+007+59213.key
-rw-r--r-- 1 claire claire 943 May  8 14:05 Kexample.net.+007+59213.private

World readable private key..

After
-----
$ ldns-keygen -a RSASHA1_NSEC3 -b 1024 example.net
Kexample.net.+007+03662

$ ll
total 12
-rw-r--r-- 1 claire claire  69 May  8 14:04 Kexample.net.+007+03662.ds
-rw-r--r-- 1 claire claire 241 May  8 14:04 Kexample.net.+007+03662.key
-rw------- 1 claire claire 943 May  8 14:04 Kexample.net.+007+03662.private

Testing with some random commands from  urpmf ldns-utils | grep bin

$ ldns-mx mageia.org
mageia.org.     1800    IN      MX      10 alamut.mageia.org.
mageia.org.     1800    IN      MX      20 krampouezh.mageia.org.

$ drill mageia.org @8.8.8.8
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 26382
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; mageia.org.  IN      A

;; ANSWER SECTION:
mageia.org.     1799    IN      A       217.70.188.116

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 119 msec
;; SERVER: 8.8.8.8
;; WHEN: Thu May  8 14:09:38 2014
;; MSG SIZE  rcvd: 44

Whiteboard: MGA3TOO => MGA3TOO has_procedure mga4-64-ok

Comment 4 claire robinson 2014-05-10 08:54:59 CEST 
Testing complete mga3 32 & 64 and mga4 32

Validating. Advisory uploaded.

Could sysadmin please push to 3 & 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure mga4-64-ok => MGA3TOO has_procedure advisory mga-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

Comment 5 Thomas Backlund 2014-05-10 21:53:46 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0212.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

David Walser 2014-05-12 22:39:53 CEST

URL: (none) => http://lwn.net/Vulnerabilities/598317/