Your message dated Mon, 09 May 2005 19:02:52 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#300859: fixed in gnupg 1.4.1-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 22 Mar 2005 10:45:30 +0000
>From [EMAIL PROTECTED] Tue Mar 22 02:45:30 2005
Return-path: <[EMAIL PROTECTED]>
Received: from moutng.kundenserver.de [212.227.126.189]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DDgt7-0007Y6-00; Tue, 22 Mar 2005 02:45:29 -0800
Received: from [212.227.126.207] (helo=mrelayng.kundenserver.de)
by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
id 1DDgt6-00080o-00
for [EMAIL PROTECTED]; Tue, 22 Mar 2005 11:45:28 +0100
Received: from [195.90.9.8] (helo=anton)
by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1)
id 1DDgt6-00047c-00
for [EMAIL PROTECTED]; Tue, 22 Mar 2005 11:45:28 +0100
Received: by anton (Postfix, from userid 2028)
id E79C9B6EC9; Tue, 22 Mar 2005 11:45:27 +0100 (CET)
Content-Type: multipart/mixed; boundary="===============2015084441=="
MIME-Version: 1.0
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: [CAN-2005-0366] Minor cryptographic flaw in the OpenPGP protocol
X-Mailer: reportbug 2.26.1.1.200308291454
Date: Tue, 22 Mar 2005 11:45:27 +0100
Message-Id: <[EMAIL PROTECTED]>
X-Provags-ID: kundenserver.de [EMAIL PROTECTED]
auth:4ad79d65ac46f2345c6ef2e856c1d9ef
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
This is a multi-part MIME message sent by reportbug.
--===============2015084441==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Package: gnupg
Version: 1.4.0-3
Severity: normal
Tags: security
Serge Mister and Robert Zuccherato have published a paper, which describes
an attack against the symmetric encryption as used in the OpenPGP standard.
It's not exploitable in regular gnupg operation with a human endpoint.
Full details are described at the announce mail at:
http://lists.gnupg.org/pipermail/gnupg-announce/2005q1/000191.html
I've attached upstream's fix that circumvents the problem by disabling the
problematic bits of the OpenPGP standard.
Cheers,
Moritz
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]
Versions of packages gnupg depends on:
ii libc6 2.3.2-9 GNU C Library: Shared libraries an
ii libldap2 2.1.30-3 OpenLDAP libraries
ii makedev 2.3.1-70.3.200407260828 Creates device files in /dev
ii zlib1g 1:1.2.2-4.15.200501191530 compression library - runtime
-- debconf-show failed
--===============2015084441==
Content-Type: text/x-c; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="/home/jmm/gpg-can-2005-0366.diff"
Index: include/cipher.h
===================================================================
RCS file: /cvs/gnupg/gnupg/include/cipher.h,v
retrieving revision 1.53.2.6
diff -u -r1.53.2.6 cipher.h
--- include/cipher.h 29 Nov 2004 21:07:43 -0000 1.53.2.6
+++ include/cipher.h 8 Feb 2005 04:12:12 -0000
@@ -76,6 +76,7 @@
int keylen;
int algo_info_printed;
int use_mdc;
+ int symmetric;
byte key[32]; /* this is the largest used keylen (256 bit) */
} DEK;
Index: g10/mainproc.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/mainproc.c,v
retrieving revision 1.112.2.27
diff -u -r1.112.2.27 mainproc.c
--- g10/mainproc.c 27 Jun 2004 18:26:49 -0000 1.112.2.27
+++ g10/mainproc.c 8 Feb 2005 04:12:13 -0000
@@ -317,6 +317,8 @@
c->dek = passphrase_to_dek( NULL, 0, algo, &enc->s2k, 0, NULL, NULL );
if(c->dek)
{
+ c->dek->symmetric=1;
+
/* FIXME: This doesn't work perfectly if a symmetric key
comes before a public key in the message - if the user
doesn't know the passphrase, then there is a chance
Index: g10/encr-data.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/encr-data.c,v
retrieving revision 1.29
diff -u -r1.29 encr-data.c
--- g10/encr-data.c 29 Jun 2002 13:46:33 -0000 1.29
+++ g10/encr-data.c 8 Feb 2005 04:12:14 -0000
@@ -120,8 +120,7 @@
cipher_sync( dfx.cipher_hd );
p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */
- if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
+ if( dek->symmetric && (p[nprefix-2] != p[nprefix] || p[nprefix-1] !=
p[nprefix+1]) ) {
rc = G10ERR_BAD_KEY;
goto leave;
}
-------------- next part --------------
Index: include/cipher.h
===================================================================
RCS file: /cvs/gnupg/gnupg/include/cipher.h,v
retrieving revision 1.63
diff -u -r1.63 cipher.h
--- include/cipher.h 29 Nov 2004 21:14:18 -0000 1.63
+++ include/cipher.h 8 Feb 2005 04:10:29 -0000
@@ -75,6 +75,7 @@
int keylen;
int algo_info_printed;
int use_mdc;
+ int symmetric;
byte key[32]; /* this is the largest used keylen (256 bit) */
} DEK;
Index: g10/mainproc.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/mainproc.c,v
retrieving revision 1.161
diff -u -r1.161 mainproc.c
--- g10/mainproc.c 21 Oct 2004 19:18:47 -0000 1.161
+++ g10/mainproc.c 8 Feb 2005 04:10:30 -0000
@@ -330,6 +330,8 @@
if(c->dek)
{
+ c->dek->symmetric=1;
+
/* FIXME: This doesn't work perfectly if a symmetric
key comes before a public key in the message - if
the user doesn't know the passphrase, then there is
Index: g10/encr-data.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/encr-data.c,v
retrieving revision 1.30
diff -u -r1.30 encr-data.c
--- g10/encr-data.c 8 Oct 2004 21:54:26 -0000 1.30
+++ g10/encr-data.c 8 Feb 2005 04:10:30 -0000
@@ -125,6 +125,6 @@
cipher_sync( dfx.cipher_hd );
p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */
- if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
+ if( dek->symmetric && (p[nprefix-2] != p[nprefix] || p[nprefix-1] !=
p[nprefix+1]) ) {
rc = G10ERR_BAD_KEY;
goto leave;
}
--===============2015084441==--
---------------------------------------
Received: (at 300859-close) by bugs.debian.org; 9 May 2005 23:08:09 +0000
>From [EMAIL PROTECTED] Mon May 09 16:08:09 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DVHM9-0003UV-00; Mon, 09 May 2005 16:08:09 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DVHH2-0005S8-00; Mon, 09 May 2005 19:02:52 -0400
From: James Troup <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#300859: fixed in gnupg 1.4.1-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 09 May 2005 19:02:52 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: gnupg
Source-Version: 1.4.1-1
We believe that the bug you reported is fixed in the latest version of
gnupg, which is due to be installed in the Debian FTP archive:
gnupg_1.4.1-1.diff.gz
to pool/main/g/gnupg/gnupg_1.4.1-1.diff.gz
gnupg_1.4.1-1.dsc
to pool/main/g/gnupg/gnupg_1.4.1-1.dsc
gnupg_1.4.1-1_i386.deb
to pool/main/g/gnupg/gnupg_1.4.1-1_i386.deb
gnupg_1.4.1.orig.tar.gz
to pool/main/g/gnupg/gnupg_1.4.1.orig.tar.gz
gpgv-udeb_1.4.1-1_i386.udeb
to pool/main/g/gnupg/gpgv-udeb_1.4.1-1_i386.udeb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
James Troup <[EMAIL PROTECTED]> (supplier of updated gnupg package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 9 May 2005 23:41:50 +0100
Source: gnupg
Binary: gnupg gpgv-udeb
Architecture: source i386
Version: 1.4.1-1
Distribution: unstable
Urgency: low
Maintainer: James Troup <[EMAIL PROTECTED]>
Changed-By: James Troup <[EMAIL PROTECTED]>
Description:
gnupg - GNU privacy guard - a free PGP replacement
gpgv-udeb - minimal signature verification tool (udeb)
Closes: 299814 300859 307203
Changes:
gnupg (1.4.1-1) unstable; urgency=low
.
* New upstream release. Closes: #307203
* Fixes mis-selection of encryption key. Closes: #299814
* Countermeasures against the Mister/Zuccherato CFB attack.
Closes: #300859
* 18_ca_po_update.dpatch, 21_strgutil_update.dpatch: dropped - merged
upstream.
* debian/rules (build-deb-stamp): don't forcefully regenerate po/ca.gmo.
(clean): likewise, don't remove po/ca.gmo.
Files:
1d8bde243e7024b1cc7e137e6729881e 1304 utils standard gnupg_1.4.1-1.dsc
1cc77c6943baaa711222e954bbd785e5 4059170 utils standard gnupg_1.4.1.orig.tar.gz
cc11b349b662bf3810470e0a52ef545e 16502 utils standard gnupg_1.4.1-1.diff.gz
e92a533403a9523b92631581898f9c64 1908156 utils standard gnupg_1.4.1-1_i386.deb
1a1aaae3fbcd33fddddeed0c2d5d4cf0 129262 debian-installer extra
gpgv-udeb_1.4.1-1_i386.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iQIVAwUBQn/pFtfD8TGrKpH1AQIrPA//bOtX1tDgXM1B1hK+p1WQhOshjmvS2zP2
KiEVB7jJJDnaV6eFJ2yoVlJcbFMjNt0xHktGycZq+4Yfq9XVf04S3dQ7GuYl0Ejw
bmg+s3TKOqR9nPjY0wfnd43rdxUAAg1aLzA1hsZNAQZ2AHyysG67/e7TGJOCvvSE
SB58c18/eKvuFkkIDkssxn9wsQEkbLw7V5gRnzlcH8JhKfGCvtn1Vp9aXVnCpxuJ
+oA++CxctFQ69maMMwhDSI77DwRZk6b1N6vMsLctmlV4awY7275QMJn98rHw2keL
527gPBJwKVI8xr31Y5nbfLdcm2KQUp83qv+pDcaaqOT3ZzjQa5EEla9PyfQt4tO0
QhyG70jwYZkpqztu2Epiq5ZDxMToCq/elS+p4NiqbxpNF5+hfCWInIn8Ktk9mWV2
j0SyuZxD1ZNcoU60xOdSk5X2LrHgSqVopjDr1oivT+7dvZ37/8SMprV1Gp6nkY26
6f830EulFpXSGK3msbYfTXJ2vg1i/wtaFPC/mqIbazazGUP7gWP/KHrAFiWCg/vD
oFKGgWCDtWoeYkYCS92D7D5HfuMwU8evecWWg3c1eKWeWXe7Qw73JcLueuOnaYzV
hs53u5LBtwsm40JIebsZgnpwNvrIo+ysiGAR9P/q0uPQh6pno/sU4uieVCAonUyI
HL08xa3PAzU=
=Ofao
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
