11561 – gnutls new security issue CVE-2013-4466

Bug 11561 - gnutls new security issue CVE-2013-4466

Summary: gnutls new security issue CVE-2013-4466

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	3
Hardware:	i586 Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/572103/
Whiteboard:	advisory has_procedure mga3-32-ok mga...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2013-10-29 20:25 CET by David Walser
Modified:	2013-11-30 22:44 CET (History)
CC List:	3 users (show)

See Also:
Source RPM:	gnutls-3.1.13-1.mga3.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2013-10-29 20:25:07 CET

Fedora has issued an advisory on October 27:
https://lists.fedoraproject.org/pipermail/package-announce/2013-October/119788.html

The issue is fixed upstream in 3.1.15 and 3.2.5.

Mageia 3 is also affected.  Mageia 2 is not.

Reproducible: 

Steps to Reproduce:

Comment 1 David Walser 2013-11-05 21:27:55 CET

Updated packages uploaded for Mageia 3 and Cauldron.

Advisory:
========================

Updated gnutls packages fix security vulnerability:

A DNS server that returns more 4 DANE entries could corrupt the memory of a
requesting client using the DANE library from GnuTLS before 3.1.15 and 3.2.5
(CVE-2013-4466).

This updates GnuTLS to version 3.1.16, fixing this issue and several other bugs.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4466
http://www.gnutls.org/security.html#GNUTLS-SA-2013-3
http://lists.gnutls.org/pipermail/gnutls-help/2013-August/003216.html
http://lists.gnutls.org/pipermail/gnutls-help/2013-October/003250.html
http://lists.gnutls.org/pipermail/gnutls-help/2013-October/003262.html
https://lists.fedoraproject.org/pipermail/package-announce/2013-October/119788.html
========================

Updated packages in core/updates_testing:
========================
gnutls-3.1.16-1.mga3
libgnutls28-3.1.16-1.mga3
libgnutls-ssl27-3.1.16-1.mga3
libgnutls-xssl0-3.1.16-1.mga3
libgnutls-devel-3.1.16-1.mga3

from gnutls-3.1.16-1.mga3.src.rpm

Version: Cauldron => 3
Assignee: bugsquad => qa-bugs

Comment 2 David Walser 2013-11-18 21:34:49 CET

Just in case anyone wonders, I updated to 3.1.16 because it fixed a regression in the CVE-2013-4466 fix in 3.1.15.  This regression itself was allocated CVE-2013-4487, which we don't need to add to our advisory, since we never issued an update for 3.1.15.

http://lwn.net/Vulnerabilities/574202/

Dave Hodgins 2013-11-26 20:25:34 CET

CC: (none) => davidwhodgins
Whiteboard: (none) => advisory

Comment 3 claire robinson 2013-11-27 15:38:31 CET

Procedure: https://bugs.mageia.org/show_bug.cgi?id=6911#c1

"gnutls-cli www.mageia.org" shows handshake works. Then type anything and get a 400 error from mageia server, it shows the connection works.

Whiteboard: advisory => advisory has_procedure

Comment 4 claire robinson 2013-11-27 15:45:40 CET

Testing complete mga2 32 & 64

Validating

Could sysadmin please push from 3 core/updates_testing to updates

Thanks!

Keywords: (none) => validated_update
Whiteboard: advisory has_procedure => advisory has_procedure mga2-32-ok mga2-64-ok
CC: (none) => sysadmin-bugs

Comment 5 claire robinson 2013-11-27 15:45:55 CET

oops mga3 above :D

claire robinson 2013-11-27 15:46:12 CET

Whiteboard: advisory has_procedure mga2-32-ok mga2-64-ok => advisory has_procedure mga3-32-ok mga3-64-ok

Comment 6 Thomas Backlund 2013-11-30 22:44:12 CET

Update pushed:
http://advisories.mageia.org/MGASA-2013-0354.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.