Bug 32755

Summary: gnutls new security issues CVE-2024-0567 and CVE-2024-0553
Product: Mageia Reporter: Nicolas Salguero <nicolas.salguero>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, brtians1, mageia, marja11, sysadmin-bugs
Version: 9Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA9-64-OK
Source RPM: gnutls-3.8.0-2.1.mga9.src.rpm CVE: CVE-2024-0567, CVE-2024-0553
Status comment:

Description Nicolas Salguero 2024-01-22 15:45:57 CET 
Those CVEs were announced here:
https://www.openwall.com/lists/oss-security/2024/01/19/3

Mageia 9 is also affected.
Nicolas Salguero 2024-01-22 15:46:40 CET

Whiteboard: (none) => MGA9TOO
CVE: (none) => CVE-2024-0567, CVE-2024-0553
Source RPM: (none) => gnutls-3.8.2-1.mga10.src.rpm

Comment 1 Lewis Smith 2024-01-24 21:38:16 CET 
Another cure by version update.
Assigning to DavidG who has done several recent commits; but bear in mind that ns80 actually did the latest one: you must be automatically CC'd as the bug author.

Assignee: bugsquad => geiger.david68210
Status comment: (none) => 3.8.3 fixes CVE-2024-0553 & CVE-2024-0567

Comment 2 Nicolas Salguero 2024-01-29 11:21:47 CET 
Suggested advisory:
========================

The updated packages fix security vulnerabilities:

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack. (CVE-2024-0567)

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981. (CVE-2024-0553)

References:
https://www.openwall.com/lists/oss-security/2024/01/19/3
========================

Updated packages in core/updates_testing:
========================
gnutls-3.8.0-2.2.mga9
lib(64)gnutls30-3.8.0-2.2.mga9
lib(64)gnutls-dane0-3.8.0-2.2.mga9
lib(64)gnutls-devel-3.8.0-2.2.mga9
lib(64)gnutlsxx30-3.8.0-2.2.mga9

from SRPM:
gnutls-3.8.0-2.2.mga9.src.rpm

Status comment: 3.8.3 fixes CVE-2024-0553 & CVE-2024-0567 => (none)
Assignee: geiger.david68210 => qa-bugs
Status: NEW => ASSIGNED
Whiteboard: MGA9TOO => (none)
Version: Cauldron => 9
Source RPM: gnutls-3.8.2-1.mga10.src.rpm => gnutls-3.8.0-2.1.mga9.src.rpm

Comment 3 Marja Van Waes 2024-01-29 11:35:53 CET 
Advisory from comment 2 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete"

CC: (none) => marja11
Keywords: (none) => advisory

PC LX 2024-01-30 23:00:37 CET

CC: (none) => mageia

Comment 4 Brian Rockwell 2024-02-05 19:20:44 CET 
Installed gnutls

Ran

gnutls-cli utility - worked
certtool - worked
danetool - responded

I'm approving this

Whiteboard: (none) => MGA9-64-OK
CC: (none) => brtians1

Comment 5 Thomas Andrews 2024-02-06 22:15:12 CET 
Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Comment 6 Mageia Robot 2024-02-09 02:35:38 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0031.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED