Fedora has issued an advisory on October 25: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RPHA5S6ZQM46XJ2CGDEETO6U6I6M5NEG/ The issue is fixed upstream in 1.10.17: https://botan.randombit.net/security.html Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO, MGA5TOO
Updated packages uploaded for Mageia 5, Mageia 6, and Cauldron. Testing ideas in Bug 17737. Advisory: ======================== Updated botan packages fix security vulnerability: In the Montgomery exponentiation code, a table of precomputed values is used. An attacker able to analyze which cache lines were accessed (perhaps via an active attack such as Prime+Probe) could recover information about the exponent (CVE-2017-14737). References: References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14737 https://botan.randombit.net/security.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RPHA5S6ZQM46XJ2CGDEETO6U6I6M5NEG/ ======================== Updated packages in core/updates_testing: ======================== botan-1.10.17-1.mga5 botan-devel-1.10.17-1.mga5 botan-doc-1.10.17-1.mga5 python2-botan-1.10.17-1.mga5 botan-1.10.17-1.mga6 botan-devel-1.10.17-1.mga6 botan-doc-1.10.17-1.mga6 python2-botan-1.10.17-1.mga6 python3-botan-1.10.17-1.mga6 from SRPMS: botan-1.10.17-1.mga5.src.rpm botan-1.10.17-1.mga6.src.rpm
Version: Cauldron => 6Assignee: shlomif => qa-bugsWhiteboard: MGA6TOO, MGA5TOO => MGA5TOO
MGA5-32 on Asus A6000VM Xfce No installation issues. At CLI: # urpmq --whatrequires botan botan botan-devel and # urpmq --whatrequires python2-botan python2-botan I have no idea how to test this update.
CC: (none) => herman.viaene
@Herman re comment 2. A quick look at this confirms that we probably cannot run this. The manual at https://botan.randombit.net/manual/hash.html provides a code example which could be compiled under C++ but without any guidance on how to use it would not tell us much. It is supposed to work on data supplied on STDIN. Conclusion: a clean update will have to be enough.
CC: (none) => tarazed25
Mageia 6 on x86_64 Updated botan. Clean installation. $ rpm -qa | grep botan botan-1.10.17-1.mga6 botan-doc-1.10.17-1.mga6 python3-botan-1.10.17-1.mga6 python2-botan-1.10.17-1.mga6 botan-devel-1.10.17-1.mga6 Deployment over various directories: /usr/bin/botan-config-1.10 /usr/include/botan-1.10 /usr/lib64/libbotan-1.10.so.1.17 /usr/share/doc/botan-1.10.17 /usr/share/licenses/botan and there is an examples section and an HTML manual. In the light of comment 3 this is as far as it goes.
Whiteboard: MGA5TOO => MGA5TOO MGA6-64-OK
Addendum to comment 4. Tried compiling the specimen program from the documentation and came to grief. // crypt.cc #include <botan/hash.h> #include <botan/hex.h> #include <iostream> int main () { std::unique_ptr<Botan::HashFunction> hash1(Botan::HashFunction::create("SHA-1")); std::unique_ptr<Botan::HashFunction> hash2(Botan::HashFunction::create("Whirlpool")); std::unique_ptr<Botan::HashFunction> hash3(Botan::HashFunction::create("SHA-3")); std::vector<uint8_t> buf(2048); while(std::cin.good()) { //read STDIN to buffer std::cin.read(reinterpret_cast<char*>(buf.data()), buf.size()); size_t readcount = std::cin.gcount(); //update hash computations with read data hash1->update(buf.data(),readcount); hash2->update(buf.data(),readcount); hash3->update(buf.data(),readcount); } std::cout << "SHA-1: " << Botan::hex_encode(hash1->final()) << std::endl; std::cout << "Whirlpool: " << Botan::hex_encode(hash2->final()) << std::endl; std::cout << "SHA-3: " << Botan::hex_encode(hash3->final()) << std::endl; return 0; } $ g++ -o crypt.o -lbotan -I/usr/include/botan-1.10/ crypt.cc crypt.cc: In function ‘int main()’: crypt.cc:6:4: error: ‘unique_ptr’ is not a member of ‘std’ std::unique_ptr<Botan::HashFunction> hash1(Botan::HashFunction::create("SHA- ^ crypt.cc:6:39: error: expected primary-expression before ‘>’ token std::unique_ptr<Botan::HashFunction> hash1(Botan::HashFunction::create("SHA- ^ crypt.cc:6:47: error: ‘create’ is not a member of ‘Botan::HashFunction’ std::unique_ptr<Botan::HashFunction> hash1(Botan::HashFunction::create("SHA- ^ crypt.cc:6:83: error: ‘hash1’ was not declared in this scope d::unique_ptr<Botan::HashFunction> hash1(Botan::HashFunction::create("SHA-1")); ^ crypt.cc:7:4: error: ‘unique_ptr’ is not a member of ‘std’ std::unique_ptr<Botan::HashFunction> hash2(Botan::HashFunction::create("Whir ^ crypt.cc:7:39: error: expected primary-expression before ‘>’ token std::unique_ptr<Botan::HashFunction> hash2(Botan::HashFunction::create("Whir ^ crypt.cc:7:47: error: ‘create’ is not a member of ‘Botan::HashFunction’ std::unique_ptr<Botan::HashFunction> hash2(Botan::HashFunction::create("Whir ^ crypt.cc:7:87: error: ‘hash2’ was not declared in this scope nique_ptr<Botan::HashFunction> hash2(Botan::HashFunction::create("Whirlpool")); ^ crypt.cc:8:4: error: ‘unique_ptr’ is not a member of ‘std’ std::unique_ptr<Botan::HashFunction> hash3(Botan::HashFunction::create("SHA- ^ crypt.cc:8:39: error: expected primary-expression before ‘>’ token std::unique_ptr<Botan::HashFunction> hash3(Botan::HashFunction::create("SHA- ^ crypt.cc:8:47: error: ‘create’ is not a member of ‘Botan::HashFunction’ std::unique_ptr<Botan::HashFunction> hash3(Botan::HashFunction::create("SHA- ^ crypt.cc:8:83: error: ‘hash3’ was not declared in this scope d::unique_ptr<Botan::HashFunction> hash3(Botan::HashFunction::create("SHA-3")); ^ crypt.cc:9:4: error: ‘vector’ is not a member of ‘std’ std::vector<uint8_t> buf(2048); ^ crypt.cc:9:16: error: ‘uint8_t’ was not declared in this scope std::vector<uint8_t> buf(2048); ^ crypt.cc:9:33: error: ‘buf’ was not declared in this scope std::vector<uint8_t> buf(2048); ^ Other components must be needed. No point in guessing.
Keywords: (none) => advisory
Since there appears to be no way to exercise botan we shall have to be satisfied with a clean update. Giving this the OK for 64 bits and shall rubber-stamp the other variants.
Correction. Reverting the rubber-stamp. Testing on Mageia 6 for i586 in virtualbox. The python examples can be used to encrypt and decrypt data. See /usr/share/doc/botan-1.10.17/python2-examples. An example is cipher.py which takes a password string, encrypts it, creates an SHA-1 key from the password and a random number seed and then creates an AES-128/EAX encryption cipher from that key and encrypts a block of text before creating a decryptor based on that key. The decryptor then operates on the encoded text to regenerate the original. This works. $ python cipher.py Rapunzel ~/singing-games There is a maid Lives on the mountain Who she is I do not know. All she wants is gold and silver All she wants is a handsome beau. Call on the one ye love Call on the one ye love And tell me who will be oh. That is a faithful copy of the original text. In the examples section: $ g++ -o base64enc -lbotan-1.10 -I/usr/include/botan-1.10/ base64.cpp $ ls -l base64enc -rwxr-xr-x 1 lcl lcl 33336 Nov 19 15:35 base64enc* $ file base64enc base64enc: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=13a24ec61bf91b722a923ed7d66df22f5ba907c6, not stripped $ ./base64enc singing-games VGhlcmUgaXMgYSBtYWlkCkxpdmVzIG9uIHRoZSBtb3VudGFpbgpXaG8gc2hlIGlzIEkgZG8gbm90IGtub3cuCkFsbCBzaGUgd2FudHMgaXMgZ29sZCBhbmQgc2lsdmVyCkFsbCBzaGUgd2FudHMgaXMgYSBoYW5kc29tZSBiZWF1LgpDYWxsIG9uIHRoZSBvbmUgeWUgbG92ZQpDYWxsIG9uIHRoZSBvbmUgeWUgbG92ZQpBbmQgdGVsbCBtZSB3aG8gd2lsbCBiZSBvaC4KCg== $ ./base64enc -d code There is a maid Lives on the mountain .................................... Making an assumption that this is enough to validate the 32-bit OK.
Whiteboard: MGA5TOO MGA6-64-OK => MGA5TOO MGA6-64-OK MGA6-32-OK
Sorry, missed out a line: $ echo VGhlcmUgaX..... > code
Mageia 5 on i586 in virtualbox The four packages updated cleanly. Copied some example files from /usr/share/doc/botan-1.10.17. Ran a benchmark test. $ g++ -o bench -lbotan-1.10 -I/usr/include/botan-1.10/ bench.cpp [lcl@cursa ~]$ file bench bench: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=2769ca63775ccbd1528a7e6224966a1a43346b39, not stripped $ ./bench AES-128: 283.429 [core] 5710.01 [openssl] AES-192: 244.042 [core] 4862.21 [openssl] AES-256: 213.383 [core] 4139.02 [openssl] Blowfish: 131.838 [core] 149.366 [openssl] CAST-128: 157.357 [core] 134.256 [openssl] CAST-256: 127.438 [core] DES: 106.192 [core] 97.2983 [openssl] DESX: 97.9698 [core] TripleDES: 39.5031 [core] 36.078 [openssl] GOST: 91.9765 [core] IDEA: 81.0228 [core] KASUMI: 85.6864 [core] Lion(SHA-256,Turing,8192): 100.838 [core] Luby-Rackoff(SHA-512): 26.1714 [core] MARS: 161.002 [core] MISTY1: 105.804 [core] Noekeon: 153.447 [core] 178.691 [simd] RC2: 70.1043 [core] 55.136 [openssl] RC5(12): RC5(16): RC6: SAFER-SK(10): 65.5338 [core] SEED: 69.7606 [core] 97.9936 [openssl] Serpent: 100.671 [asm] 92.9959 [core] 76.4013 [simd] Skipjack: 52.3276 [core] Square: 241.172 [core] TEA: 93.9329 [core] Twofish: 199.917 [core] XTEA: 173.636 [core] 190.852 [simd] Adler32: 3160.69 [core] CRC32: 562.05 [core] GOST-34.11: 56.7049 [core] HAS-160: 875.554 [core] MD2: 9.59117 [core] MD4: 1105.99 [asm] 1060.06 [core] 1171.4 [openssl] MD5: 721.796 [asm] 753.809 [core] 808.768 [openssl] RIPEMD-128: 512.888 [core] RIPEMD-160: 391.099 [core] 254.439 [openssl] SHA-160: 370.99 [asm] 404.673 [core] 1027.84 [openssl] SHA-256: 227.012 [core] 410.808 [openssl] SHA-384: 117.568 [core] 380.03 [openssl] SHA-512: 117.642 [core] 328.769 [openssl] Skein-512: 130.66 [core] Tiger: 220.609 [core] Whirlpool: 71.7242 [core] CMAC(AES-128): 225.185 [core] HMAC(SHA-1): 386.879 [core] X9.19-MAC: 97.9875 [core] From python2 examples: $ python cipher.py Rumpelstiltskin ~/singing-games There is a maid Lives on the mountain Who she is I do not know. All she wants is gold and silver All she wants is a handsome beau. Call on the one ye love The one ye love, the one ye love Call on the one ye love And tell me who will be oh. Good for 32 bits.
Whiteboard: MGA5TOO MGA6-64-OK MGA6-32-OK => MGA5TOO MGA6-64-OK MGA6-32-OK MGA5-32-OK
Mageia 5 on x86_64 Updated the four packages without any problem. In previous update tests of botan monotone was used. $ urpmq --whatrequires lib64botan1.10 | sort -u lib64botan1.10 lib64botan-devel monotone softhsm However, it is a lot simpler to try some of the provided examples in /usr/share/doc/botan-1.10.17. $ g++ -o encrypt -lbotan-1.10 -I/usr/include/botan-1.10/ encrypt.cpp $ g++ -o decrypt -lbotan-1.10 -I/usr/include/botan-1.10/ decrypt.cpp $ file *crypt decrypt: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=bb1119ac435f9b2c0a894c519d3a2e10d43d6966, not stripped encrypt: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=7c96cf141e894580450008de7ee320ac311e754a, not stripped $ ./encrypt singing-games -p AlsoSprachZarathustra $ ls -l singing-games* -rw-r--r-- 1 lcl lcl 241 Nov 19 17:07 singing-games -rw-r--r-- 1 lcl lcl 280 Nov 19 17:30 singing-games.enc $ cat singing-games.enc -------- ENCRYPTED FILE -------- TripleDES /ZboXmI3w3Y= AFeQuPEl7zIx02rP5vwho1J9vxQ= gLminoapI2qmPDemEVsMR0OCv/WCzE9MVEjQcSlgmK2wnXKhf4dB01issU5CjwpT+VdpudJb sww7LM5Y9JPqZp6dNcNQnhxF5104NdVX6yNAndX6ijI6WX1sAnVJ1qXVgU7+DqMX0P7NI/lO qmAd4NjU7CdoU60zdXlxm8mu4Q2Zxq1mOpPyxOQ1Weu59Lp5 $ ./decrypt -p AlsoSprachZarathustra singing-games.enc There is a maid Lives on the mountain ...................... Simple test of the python2 components: $ python cipher.py Rapunzel ~/singing-games There is a maid Lives on the mountain ........................ The output matches the original file. Passing this for 64 bits.
Whiteboard: MGA5TOO MGA6-64-OK MGA6-32-OK MGA5-32-OK => MGA5TOO MGA6-64-OK MGA6-32-OK MGA5-32-OK MGA5-64-OK
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
Forgot to report that on Mageia6::x86_64 the benchmark and cipher.py tests returned very similar results to those in previous comments.
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2017-0422.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED