[Bug 1197083] New: VUL-0: weechat: Possible man-in-the-middle attack in TLS connection to servers
https://bugzilla.suse.com/show_bug.cgi?id=1197083 Bug ID: 1197083 Summary: VUL-0: weechat: Possible man-in-the-middle attack in TLS connection to servers Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: mimi.vx@gmail.com Reporter: gianluca.gabrielli@suse.com QA Contact: qa-bugs@suse.de CC: security-team@suse.de Found By: --- Blocker: --- Description After changing the options weechat.network.gnutls_ca_system or weechat.network.gnutls_ca_user, the TLS verification function is lost. Consequently, any connection to a server with TLS is made without verifying the certificate, which could lead to a man-in-the-middle attack. Connection to IRC servers with TLS is affected, as well as any connection a server made by a plugin or a script using the function hook_connect. Mitigation After changing options weechat.network.gnutls_ca_system or weechat.network.gnutls_ca_user, you must restart WeeChat. References: https://weechat.org/doc/security/WSA-2022-1/ -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 https://bugzilla.suse.com/show_bug.cgi?id=1197083#c1 --- Comment #1 from Gianluca Gabrielli <gianluca.gabrielli@suse.com> --- Please submit a version bump to version 3.4.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 Maintenance Robot <maint-coord+maintenance_robot@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 https://bugzilla.suse.com/show_bug.cgi?id=1197083#c3 Gianluca Gabrielli <gianluca.gabrielli@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|mimi.vx@gmail.com |dmueller@suse.com --- Comment #3 from Gianluca Gabrielli <gianluca.gabrielli@suse.com> --- good point, lets loop Dirk since he managed the last couple of version bumps. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 https://bugzilla.suse.com/show_bug.cgi?id=1197083#c5 --- Comment #5 from Dirk Mueller <dmueller@suse.com> --- is is also needed for openSUSE:Backports:SLE-15-SP2:Update, openSUSE:Backports:SLE-15-SP3:Update and openSUSE:Backports:SLE-15-SP4 also I'm not package maintainer, can't even review Andreas submission :) -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 https://bugzilla.suse.com/show_bug.cgi?id=1197083#c7 --- Comment #7 from Dirk Mueller <dmueller@suse.com> --- (In reply to Andreas Stieger from comment #6)
is is also needed for openSUSE:Backports:SLE-15-SP2:Update, not maintained?
it is marked as being maintained, not sure whats going on. I'll ask.
openSUSE:Backports:SLE-15-SP3:Update
Not according to https://weechat.org/doc/security/WSA-2022-1/ https://weechat.org/doc/security/version/2.8/
not for this issue indeed. I would update to 3.4.1 as well as it includes a much higher priorty fix for https://weechat.org/doc/security/WSA-2021-1/ which we're missing here. CVE-2021-40516 is upstream marked as high severity (SUSE marked it as minor severity, not sure about that).
and openSUSE:Backports:SLE-15-SP4> Let's put 3.4.1 there from the devel project.
agreed
Maximilian check your review queue.
-- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 Gianluca Gabrielli <gianluca.gabrielli@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@suse.com Flags| |needinfo?(meissner@suse.com | |) -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 https://bugzilla.suse.com/show_bug.cgi?id=1197083#c12 --- Comment #12 from Marcus Meissner <meissner@suse.com> --- fwiw packagehub 15-sp2 is no longer security supported by SUSE (EOL has been reached Dec 31st). -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(meissner@suse.com | |) | -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|VUL-0: weechat: Possible |VUL-0: CVE-2022-28352: |man-in-the-middle attack in |weechat: Possible |TLS connection to servers |man-in-the-middle attack in | |TLS connection to servers Alias| |CVE-2022-28352 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1197083 https://bugzilla.suse.com/show_bug.cgi?id=1197083#c18 --- Comment #18 from Marcus Meissner <meissner@suse.com> --- *** Bug 1198063 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com