[Bug 467911] New: in gnutls the CVE-2008-4989 patch causes segfault with certain certificates (as used by libprelude)
https://bugzilla.novell.com/show_bug.cgi?id=467911 Summary: in gnutls the CVE-2008-4989 patch causes segfault with certain certificates (as used by libprelude) Classification: openSUSE Product: openSUSE 11.1 Version: RC 2 Platform: i586 OS/Version: openSUSE 11.1 Status: NEW Severity: Major Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: ag@pre-secure.de QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.5) Gecko/2008121300 SUSE/3.0.5-1.1 Firefox/3.0.5 i already reported this here: http://lists.gnu.org/archive/html/gnutls-devel/2009-01/msg00050.html and got this reply: http://lists.gnu.org/archive/html/gnutls-devel/2009-01/msg00051.html i was debugging a segfault in an application that uses libprelude which in turn uses gnutls. the system is opensuse 11.1 with gnutls-2.4.1. the client application segfaulted upon connection to a server. after some fiddling, i found out that this segfault was caused by the CVE-2008-4989 patch http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3217 that was added by opensuse to the gnutls-2.4.1 RPM. using a plain, selfcompiled gnutls-2.4.1 worked fine. gnutls-2.6.3 worked fine as well. the segfault also happens just using gnutls-cli to connect so its not a problem of libprelude. i can provide a certificate and a server to reproduce this segfault, if needed. the segfault just seems to happen with certain server- and ca-certificates. connecting to a regular https-server worked fine. i dont know enough of gnutls-internals to really figure out what the problem is, but it would be neat if this segfault could be fixed in 2.4.x. since 2.6.3 does not segfault, there seems to be a way to fix the vulnerability without this segfault... Reproducible: Always -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 Axel Grossklaus <ag@pre-secure.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|RC 2 |Final -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 User thoger@pobox.sk added comment https://bugzilla.novell.com/show_bug.cgi?id=467911#c1 Tomas Hoger <thoger@pobox.sk> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |thoger@pobox.sk --- Comment #1 from Tomas Hoger <thoger@pobox.sk> 2009-01-22 02:10:20 MST --- Is 2.4.1-24.1 the latest version in 11.1? If so, it seems to use original patch for CVE-2008-4989, which was found incorrect: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3224 and was changed few times in 2.6.2 and 2.6.3: http://article.gmane.org/gmane.network.gnutls.general/1499 http://www.gnu.org/software/gnutls/security.html -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 User thomas@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=467911#c2 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de AssignedTo|security-team@suse.de |jshi@novell.com --- Comment #2 from Thomas Biege <thomas@novell.com> 2009-01-22 07:09:23 MST --- reassigning to maintainer -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Summary|in gnutls the CVE-2008-4989 |VUL-0: in gnutls the |patch causes segfault with |CVE-2008-4989 patch causes |certain certificates (as |segfault with certain |used by libprelude) |certificates (as used by | |libprelude) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 User swamp@suse.com added comment https://bugzilla.novell.com/show_bug.cgi?id=467911#c3 Swamp Script User <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:22173 --- Comment #3 from Swamp Script User <swamp@suse.com> 2009-01-22 07:45:00 MST --- The SWAMPID for this issue is 22173. Please submit the patch and patchinfo file using this ID. (https://swamp.suse.de/webswamp/wf/22173) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 Shi John <jshi@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 User dmueller@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=467911#c5 --- Comment #5 from Dirk Mueller <dmueller@novell.com> 2009-03-09 06:13:28 MST --- ping ?! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 User jshi@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=467911#c6 Shi John <jshi@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |DUPLICATE --- Comment #6 from Shi John <jshi@novell.com> 2009-03-16 03:40:39 MST --- There is a new patch, just removing some code snippet instead of moving it. *** This bug has been marked as a duplicate of bug 457938 *** https://bugzilla.novell.com/show_bug.cgi?id=457938 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=467911 Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:22173 |. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com