Bug 17451

Summary: python-rsa new security issue CVE-2016-1494
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: davidwhodgins, geiger.david68210, sysadmin-bugs, tarazed25
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/671636/
Whiteboard: MGA5-64-OK MGA5-32-OK advisory
Source RPM: python-rsa-3.1.4-6.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-01-05 17:13:49 CET 
A security issue was reported, fixed, and assigned a CVE, for python-rsa:
http://openwall.com/lists/oss-security/2016/01/05/3

The fix is linked in the message above.

Mageia 5 is also affected.

Reproducible: 

Steps to Reproduce:
David Walser 2016-01-05 17:14:23 CET

CC: (none) => geiger.david68210
Whiteboard: (none) => MGA5TOO

Comment 1 David GEIGER 2016-01-05 18:08:30 CET 
security issue fixed now for Cauldron and mga5 too!!  :)
Comment 2 David Walser 2016-01-05 18:15:34 CET 
Thanks David!

This is the QA team's first 2016 CVE.  Enjoy.

Advisory:
========================

Updated python-rsa packages fix security vulnerability:

A signature forgery vulnerability in python-rsa allows an attacker to fake
signatures for arbitrary messages for any key with a low exponent "e", such as
the common value of 3 (CVE-2016-1494).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1494
https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
http://openwall.com/lists/oss-security/2016/01/05/3
========================

Updated packages in core/updates_testing:
========================
python-rsa-3.1.4-6.1.mga5
python3-rsa-3.1.4-6.1.mga5

from python-rsa-3.1.4-6.1.mga5.src.rpm

Assignee: mageia => qa-bugs
Whiteboard: MGA5TOO => (none)

Comment 3 Len Lawrence 2016-01-11 23:14:09 CET 
mga5  x86_64  Mate

Had to read up on the use of RSA encryption and found some useful links but could not fully understand the mathematics involved.  Wikipedia is a good start.

This little script is a very basic test of RSA in python.
It runs fine both before and after the update.

#!/bin/env python
# Primitive Alice and Bob scenario using python-rsa
# reference: https://stuvel.eu/files/python-rsa-doc/usage.html#generating-keys
import rsa

# Jim generates a keypair and gives Suzy the public key by some means.
# The poolsize parameter allows the calculation to be speeded up if more than
# one core is available.  Leave it out if speed is not an issue.
(publickey, privatekey) = rsa.newkeys( 512, poolsize=8 )
# Suzy composes message as an encoded byte-string and encrypts it.
message = "Tonight's the night".encode( 'utf8' )
print( message )
print( "-------------------" )
crypted = rsa.encrypt( message, publickey )
print( crypted )
# ... Suzy sends message ...
# ... Jim receives it and decodes it ...
received = rsa.decrypt( crypted, privatekey )
print( received.decode( 'utf8' ) )
exit( )

CC: (none) => tarazed25

Len Lawrence 2016-01-11 23:14:30 CET

Whiteboard: (none) => MGA5-64-OK

Comment 4 Len Lawrence 2016-01-11 23:33:55 CET 
mga5  i586 VM  Mate

Used the script from comment #3 to test RSA encryption/decryption.
Leaving validation to allow time for objections.
Len Lawrence 2016-01-11 23:34:16 CET

Whiteboard: MGA5-64-OK => MGA5-64-OK MGA5-32-OK

Dave Hodgins 2016-01-12 07:35:54 CET

Keywords: (none) => validated_update
Whiteboard: MGA5-64-OK MGA5-32-OK => MGA5-64-OK MGA5-32-OK advisory
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 5 Mageia Robot 2016-01-12 10:15:07 CET 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0011.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2016-01-12 21:42:58 CET

URL: (none) => http://lwn.net/Vulnerabilities/671636/