| Summary: | python-pycrypto new security issue CVE-2018-6594 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | herman.viaene, makowski.mageia, marja11, smelror, sysadmin-bugs |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA5TOO MGA5-32-OK MGA6-64-OK | ||
| Source RPM: | python-pycrypto-2.6.1-10.mga7.src.rpm | CVE: | CVE-2018-6594 |
| Status comment: | Patch available from Fedora | ||
| Attachments: |
PoC for pycrypto, Python script
python 2 and 3 compatible script |
||
|
Description
David Walser
2018-03-03 19:03:42 CET
David Walser
2018-03-03 19:04:06 CET
Whiteboard:
(none) =>
MGA6TOO Assigning to the Python stack maintainers, CC'ing the registered maintainer. Assignee:
bugsquad =>
python Hi. Since we have python-pycryptodome available and because it looks like python-pycrypto is hardly maintained, why don't we just obsolete the latter, rebuild everything using pycryptodome and in return "fix" the security issues? Cheers, Stig CC:
(none) =>
smelror (In reply to Stig-Ørjan Smelror from comment #2) > Since we have python-pycryptodome available and because it looks like > python-pycrypto is hardly maintained, why don't we just obsolete the latter, > rebuild everything using pycryptodome and in return "fix" the security > issues? For Cauldron why not, but we still need to fix Mageia 5 and Mageia 6
David Walser
2018-03-11 16:10:44 CET
Status comment:
(none) =>
Patch available from Fedora Updated python-pycrypto in cauldron, mga6 and mga5. Fix CVE-2018-6594 The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253 This update includes a fix for this problem backported from pycryptodome. ref : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6594 https://github.com/TElgamal/attack-on-pycrypto-elgamal https://github.com/Legrandin/pycryptodome/issues/90 https://github.com/dlitz/pycrypto/issues/253 Updated packages : python3-pycrypto-2.6.1-9.1.mga6.x86_64 python-pycrypto-2.6.1-9.1.mga6.x86_64 python3-pycrypto-2.6.1-9.1.mga6.i586 python-pycrypto-2.6.1-9.1.mga6.i586 from python-pycrypto-2.6.1-9.1.mga6.src python3-pycrypto-2.6.1-6.2.mga5.x86_64 python-pycrypto-2.6.1-6.2.mga5.x86_64 python3-pycrypto-2.6.1-6.2.mga5.i586 python-pycrypto-2.6.1-6.2.mga5.i586 from python-pycrypto-2.6.1-6.2.mga5.src Status:
NEW =>
ASSIGNED
claire robinson
2018-03-14 14:45:00 CET
Whiteboard:
MGA6TOO =>
(none)
claire robinson
2018-03-14 14:46:02 CET
Whiteboard:
(none) =>
MGA5TOO MGA5-32 on Dell Latitude D600 Xfce No installation issues. Used random output test as per bug 20031. Performs OK, after renaming the downloaded script (the two attachments of this bug come as attachment.cgi, I guess that was not their name when they were uploaded). CC:
(none) =>
herman.viaene
Lewis Smith
2018-03-17 20:32:03 CET
Keywords:
(none) =>
advisory Testing Mageia 6 x64 real h/w BEFORE update: python-pycrypto-2.6.1-9.mga6 python3-pycrypto-2.6.1-9.mga6 Downloaded from https://bugs.mageia.org/show_bug.cgi?id=20031#c3 the small test: https://bugs.mageia.org/attachment.cgi?id=8841 No need to make it executable. $ python cryptoRandom.py [u'090e8a5f7f110bf8,925c0d0a9834899a', u'1f65987d2637b703,400f3ed3c5a5035e', u'cbffb9906731bd83,a9bcd1b511466ffa', u'd9a5c5c856e6cac1,f6dd0b89b9969eca'] $ python3 cryptoRandom.py Similar random output. I found a PoC at: https://bugs.mageia.org/show_bug.cgi?id=20031#c3 [you can select the program without the line numbers - easy] which worked for Python: $ python attack-pycrypto.py Running experiment... Number of times adversary was wrong: 0 but NOT for Python3, throwing syntax errors. @Philippe : do you know enough Python to correct those for Python3 so at least it runs? If so, please attach the result to this bug. It will help for future Python tests. AFTER update: - python-pycrypto-2.6.1-9.1.mga6.x86_64 - python3-pycrypto-2.6.1-9.1.mga6.x86_64 $ python cryptoRandom.py $ python3 cryptoRandom.py both gave 4 lines of random O/P as shown above. $ python attack-pycrypto.py Running experiment... Number of times adversary was wrong: 0 Same as before; sad. However, I will attach the script because it is better than nothing. (Still no good for Python3). OKing & validating. Whiteboard:
MGA5TOO MGA5-32-OK =>
MGA5TOO MGA5-32-OK MGA6-64-OK Aaargh! The link to the PoC in the previous comment was wrongly pasted. It is: https://github.com/TElgamal/attack-on-pycrypto-elgamal/blob/master/attack-pycrypto.py Created attachment 10054 [details]
PoC for pycrypto, Python script
A script supposed to demonstrate a pycrypto security weakness. It ONLY runs for Python, *not* Python3 due to syntax differences.
$ python attack-pycrypto.py
Running experiment...
Number of times adversary was wrong: 0
Created attachment 10058 [details] python 2 and 3 compatible script (In reply to Lewis Smith from comment #8) here a version that can be run under Python2 and Python3 but I don't really understand this "POC" here what I get under Mageia Cauldron and under Fedora $ python3 attack-pycrypto.py Running experiment... Number of times adversary was wrong: 464 $ python3 attack-pycrypto.py Running experiment... Number of times adversary was wrong: 524 $ python2 attack-pycrypto.py Running experiment... Number of times adversary was wrong: 0 $ python2 attack-pycrypto.py Running experiment... Number of times adversary was wrong: 0 An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0171.html Resolution:
(none) =>
FIXED |