GNU has released gnupg 1.4.14 and libgcrypt 1.5.3 (used by gnupg2) to fix an attack vector that allows users on a shared machine to steal other users' private GPG keys. The updates were announced on July 25. The update announcement for gnupg provides a good description of the issue: http://lists.gnu.org/archive/html/info-gnu/2013-07/msg00014.html http://lists.gnu.org/archive/html/info-gnu/2013-07/msg00013.html A CVE has been requested, with no response yet: http://openwall.com/lists/oss-security/2013/07/25/15 Reproducible: Steps to Reproduce:
CC: (none) => boklm, fundawang, oeWhiteboard: (none) => MGA3TOO, MGA2TOO
CVE-2013-4242 has been assigned: http://openwall.com/lists/oss-security/2013/07/26/7
Summary: gnupg/gnupg2 side-channel attack on RSA private keys => gnupg/gnupg2 side-channel attack on RSA private keys (CVE-2013-4242)
Working on update.
Assignee: bugsquad => boklm
Fixed in Cauldron in gnupg-1.4.14-1.mga4 and libgcrypt-1.5.3-1.mga4.
Version: Cauldron => 3Whiteboard: MGA3TOO, MGA2TOO => MGA2TOO
Currently built for Mageia 3: gnupg-1.4.14-1.mga3 libgcrypt11-1.5.3-1.mga3 libgcrypt-devel-1.5.3-1.mga3 from SRPMS: gnupg-1.4.14-1.mga3.src.rpm libgcrypt-1.5.3-1.mga3.src.rpm
Debian has issued advisories for this on July 29: http://www.debian.org/security/2013/dsa-2730 http://www.debian.org/security/2013/dsa-2731
URL: (none) => http://lwn.net/Vulnerabilities/561440/
Is there any procedure to test the updated package?
CC: (none) => olivier.delaune
(In reply to Olivier Delaune from comment #6) > Is there any procedure to test the updated package? I don't know that there's any documentation on how exactly to perform the RSA side-channel attack, so I don't know that you'll be able to verify that the CVE is fixed. What will need to be tested is that the gnupg stuff basically works. You can look at the gpg and gpg2 manpages for some of the options and information on different things that they do. You can use those commands to encrypt and decrypt a file for example.
gnupg-1.4.12-1.2.mga2 + libgcrypt-1.5.0-2.1.mga2 has been submitted.
Found no PoCs, basic usage tested only. All OK. http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:205/
Thanks Nicolas and Oden. Assigning to QA. Advisory: ======================== Updated gnupg and libgcrypt packages fix security vulnerability: Yarom and Falkner discovered that RSA secret keys in applications using GnuPG 1.x, and using the libgcrypt library, could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system (CVE-2013-4242). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000329.html http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html http://eprint.iacr.org/2013/448 http://www.debian.org/security/2013/dsa-2730 http://www.debian.org/security/2013/dsa-2731 http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:205/ ======================== Updated packages in core/updates_testing: ======================== gnupg-1.4.12-1.2.mga2 libgcrypt11-1.5.0-2.1.mga2 libgcrypt-devel-1.5.0-2.1.mga2 gnupg-1.4.14-1.mga3 libgcrypt11-1.5.3-1.mga3 libgcrypt-devel-1.5.3-1.mga3 from SRPMS: gnupg-1.4.12-1.2.mga2.src.rpm libgcrypt-1.5.0-2.1.mga2.src.rpm gnupg-1.4.14-1.mga3.src.rpm libgcrypt-1.5.3-1.mga3.src.rpm
Assignee: boklm => qa-bugs
Testing complete Mageia 2 and 3, i586 and x86_64. On each install, generated a key (using kgpg set to use /usr/bin/gpg, instead of /usr/bin/gpg2), encrypted and signed a msg with "gpg -sea msg", decrypted it with "gpg msg.asc". Could someone from the sysadmin team push 10850.adv to updates.
Keywords: (none) => validated_updateWhiteboard: MGA2TOO => MGA2TOO MGA3-64-OK MGA3-32-OK MGA2-64-OK MGA2-32-OKCC: (none) => davidwhodgins, sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0239.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED
CC: boklm => (none)