Source: libauthen-sasl-perl Version: 2.1700-1 Severity: important Tags: security upstream Forwarded: https://github.com/gbarr/perl-authen-sasl/pull/22 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for libauthen-sasl-perl. CVE-2025-40918[0]: | Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl | generates the cnonce insecurely. The cnonce (client nonce) is | generated from an MD5 hash of the PID, the epoch time and the built- | in rand function. The PID will come from a small set of numbers, and | the epoch time may be guessed, if it is not leaked from the HTTP | Date header. The built-in rand function is unsuitable for | cryptographic usage. According to RFC 2831, The cnonce-value is an | opaque quoted string value provided by the client and used by both | client and server to avoid chosen plaintext attacks, and to provide | mutual authentication. The security of the implementation depends | on a good choice. It is RECOMMENDED that it contain at least 64 bits | of entropy. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-40918 https://www.cve.org/CVERecord?id=CVE-2025-40918 [1] https://github.com/gbarr/perl-authen-sasl/pull/22 [2] https://security.metacpan.org/patches/A/Authen-SASL/2.1800/CVE-2025-40918-r1.patch Please adjust the affected versions in the BTS as needed. Regards, Salvatore
