OpenSuSE has issued an advisory today (September 27): http://lists.opensuse.org/opensuse-updates/2013-09/msg00058.html Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA3TOO, MGA2TOO
fixed packages has been submitted for all.
CC: (none) => oe
Thanks Oden! Advisory: ======================== Updated gnupg2 packages fix security vulnerability: RFC 4880 permits OpenPGP keyholders to mark their primary keys and subkeys with a "key flags" packet that indicates the capabilities of the key. These are represented as a set of binary flags, including things like "This key may be used to encrypt communications." If a key or subkey has this "key flags" subpacket attached with all bits cleared (off), GnuPG currently treats the key as having all bits set (on). While keys with this sort of marker are very rare in the wild, GnuPG's misinterpretation of this subpacket could lead to a breach of confidentiality or a mistaken identity verification (CVE-2013-4351). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 http://lists.opensuse.org/opensuse-updates/2013-09/msg00058.html ======================== Updated packages in core/updates_testing: ======================== gnupg2-2.0.18-1.3.mga2 gnupg2-2.0.19-3.1.mga3 from SRPMS: gnupg2-2.0.18-1.3.mga2.src.rpm gnupg2-2.0.19-3.1.mga3.src.rpm
CC: (none) => boklmVersion: Cauldron => 3Assignee: boklm => qa-bugsWhiteboard: MGA3TOO, MGA2TOO => MGA2TOO
Testing complete mga3 64 & mga2 32 Created a new key.. $ gpg --gen-key Used username Mrs_B Listed the keys to verify it's there $ gpg --list-keys Encrypt and decrypt a file $ echo "test test test" > test.txt $ ls test.txt $ gpg -e -r Mrs_B test.txt $ ls test.txt test.txt.gpg $ rm test.txt rm: remove regular file `test.txt'? y $ gpg test.txt.gpg You need a passphrase to unlock the secret key for user: "Mrs_B (blah blah) <mrsb@home.com>" 2048-bit RSA key, ID 2C9B32B6, created 2013-10-08 (main key ID C9F79FB9) gpg: encrypted with 2048-bit RSA key, ID 2C9B32B6, created 2013-10-08 "Mrs_B (blah blah) <mrsb@home.com>" $ ls test.txt test.txt.gpg $ cat test.txt test test test Deleted the key $ gpg --delete-secret-keys Mrs_B $ gpg --delete-key Mrs_B Checked it had gone $ gpg --list-keys | grep Mrs_B Import Mageia release key $ gpg --keyserver pgp.mit.edu --recv-keys EDCA7A90 Verify Mageia 3 iso with it $ cd Mageia-3-dual-CD $ gpg Mageia-3-dual-CD.iso.md5.gpg File `Mageia-3-dual-CD.iso.md5' exists. Overwrite? (y/N) y gpg: Signature made Fri 07 Jun 2013 23:38:47 BST using RSA key ID EDCA7A90 gpg: Good signature from "Mageia Release <release@mageia.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B210 76A0 CBE4 D93D 66A9 D08D 835E 41F4 EDCA 7A90 $ md5sum -c Mageia-3-dual-CD.iso.md5 Mageia-3-dual-CD.iso: OK
Whiteboard: MGA2TOO => MGA2TOO has_procedure mga2-32-ok mga3-64-ok
Repeated using gpg2 this time.. oops! Just replace the gpg command with gpg2
Testing complete (with gnupg2!) mga2 32
Whiteboard: MGA2TOO has_procedure mga2-32-ok mga3-64-ok => MGA2TOO has_procedure mga2-32-ok mga3-32-ok mga3-64-ok
mga3 32 in comment 5 even :\
Testing complete mga2 64 Validating. Advisory 11306.adv uploaded. Could sysadmin please push from 2&3 core/updates_testing to updates Thanks!
Keywords: (none) => validated_updateWhiteboard: MGA2TOO has_procedure mga2-32-ok mga3-32-ok mga3-64-ok => MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-32-ok mga3-64-okCC: (none) => sysadmin-bugs
This was fixed with gnupg-1.4.12-1.3.mga2, gnupg-1.4.14-1.1.mga3 and gnupg-1.4.15-1.mga4 (patch from debian)
(In reply to Oden Eriksson from comment #8) > This was fixed with gnupg-1.4.12-1.3.mga2, gnupg-1.4.14-1.1.mga3 and > gnupg-1.4.15-1.mga4 (patch from debian) I believe this comment was meant for Bug 11416.
This has been rebuilt to fix another issue. Advisory: ======================== Updated gnupg2 packages fix security vulnerability: RFC 4880 permits OpenPGP keyholders to mark their primary keys and subkeys with a "key flags" packet that indicates the capabilities of the key. These are represented as a set of binary flags, including things like "This key may be used to encrypt communications." If a key or subkey has this "key flags" subpacket attached with all bits cleared (off), GnuPG currently treats the key as having all bits set (on). While keys with this sort of marker are very rare in the wild, GnuPG's misinterpretation of this subpacket could lead to a breach of confidentiality or a mistaken identity verification (CVE-2013-4351). Special crafted input data may be used to cause a denial of service against GPG. GPG can be forced to recursively parse certain parts of OpenPGP messages ad infinitum (CVE-2013-4402). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 http://lists.gnu.org/archive/html/info-gnu/2013-10/msg00002.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00058.html ======================== Updated packages in core/updates_testing: ======================== gnupg2-2.0.18-1.4.mga2 gnupg2-2.0.19-3.2.mga3 from SRPMS: gnupg2-2.0.18-1.4.mga2.src.rpm gnupg2-2.0.19-3.2.mga3.src.rpm
Keywords: validated_update => (none)Blocks: (none) => 11416Whiteboard: MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-32-ok mga3-64-ok => MGA2TOO has_procedure
Fixing the advisory header. Advisory: ======================== Updated gnupg2 package fixes security vulnerabilities: RFC 4880 permits OpenPGP keyholders to mark their primary keys and subkeys with a "key flags" packet that indicates the capabilities of the key. These are represented as a set of binary flags, including things like "This key may be used to encrypt communications." If a key or subkey has this "key flags" subpacket attached with all bits cleared (off), GnuPG currently treats the key as having all bits set (on). While keys with this sort of marker are very rare in the wild, GnuPG's misinterpretation of this subpacket could lead to a breach of confidentiality or a mistaken identity verification (CVE-2013-4351). Special crafted input data may be used to cause a denial of service against GPG. GPG can be forced to recursively parse certain parts of OpenPGP messages ad infinitum (CVE-2013-4402). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 http://lists.gnu.org/archive/html/info-gnu/2013-10/msg00002.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00058.html ======================== Updated packages in core/updates_testing: ======================== gnupg2-2.0.18-1.4.mga2 gnupg2-2.0.19-3.2.mga3 from SRPMS: gnupg2-2.0.18-1.4.mga2.src.rpm gnupg2-2.0.19-3.2.mga3.src.rpm
Testing complete mga2 64 & mga3 64
Whiteboard: MGA2TOO has_procedure => MGA2TOO has_procedure mga2-64-ok mga3-64-ok
testing complete mga2 32
Whiteboard: MGA2TOO has_procedure mga2-64-ok mga3-64-ok => MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-64-ok
testing complete mga3 32
Whiteboard: MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-64-ok => MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-32-ok mga3-64-ok
Advisory updated. Validating again. Could sysadmin please push from 2&3 core/updates_testing to updates Thanks!
Keywords: (none) => validated_update
Update pushed: http://advisories.mageia.org/MGASA-2013-0298.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED
====================================================== Name: CVE-2013-4351 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20130612 Category: Reference: MLIST:[oss-security] 20130913 Re: GnuPG treats no-usage-permitted keys as all-usages-permitted Reference: URL:http://www.openwall.com/lists/oss-security/2013/09/13/4 Reference: CONFIRM:http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1010137 Reference: SUSE:openSUSE-SU-2013:1526 Reference: URL:http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html Reference: SUSE:openSUSE-SU-2013:1532 Reference: URL:http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html Reference: UBUNTU:USN-1987-1 Reference: URL:http://ubuntu.com/usn/usn-1987-1 GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
(In reply to David Walser from comment #9) > (In reply to Oden Eriksson from comment #8) > > This was fixed with gnupg-1.4.12-1.3.mga2, gnupg-1.4.14-1.1.mga3 and > > gnupg-1.4.15-1.mga4 (patch from debian) > > I believe this comment was meant for Bug 11416. No: [oden@titan ~]$ rpm -qlp /mnt/BIG/mirror/mageia/mga2/SRPMS/core/updates/gnupg-1.4.12-1.3.mga2.src.rpm | grep CVE gnupg-1.4.12-CVE-2012-6085.diff gnupg-1.4.12-CVE-2013-4242.diff gnupg-1.4.12-CVE-2013-4351.diff gnupg-1.4.12-CVE-2013-4402.diff
CC: boklm => (none)