From owner-freebsd-ports-bugs@FreeBSD.ORG Thu May 21 14:40:04 2009 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3E8B01065676; Thu, 21 May 2009 14:40:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 195248FC25; Thu, 21 May 2009 14:40:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n4LEe3dP058495; Thu, 21 May 2009 14:40:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n4LEe3K6058494; Thu, 21 May 2009 14:40:03 GMT (envelope-from gnats) Resent-Date: Thu, 21 May 2009 14:40:03 GMT Resent-Message-Id: <200905211440.n4LEe3K6058494@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@freebsd.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Cc: novel@freebsd.org Resent-Reply-To: FreeBSD-gnats-submit@freebsd.org, Eygene Ryabinkin Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D95FB1065672 for ; Thu, 21 May 2009 14:38:32 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 901658FC14 for ; Thu, 21 May 2009 14:38:32 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtps (TLSv1:CAMELLIA256-SHA:256) id 1M79Pj-0004t3-NX for FreeBSD-gnats-submit@freebsd.org; Thu, 21 May 2009 18:38:31 +0400 Message-Id: <20090521143831.A8B28DA837@void.codelabs.ru> Date: Thu, 21 May 2009 18:38:31 +0400 (MSD) From: Eygene Ryabinkin To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 X-GNATS-Notify: novel@freebsd.org Cc: Subject: ports/134785: [patch][vuxml] security/gnutls: update to 2.6.6 and document fixed vulnerabilities X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Eygene Ryabinkin List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 May 2009 14:40:04 -0000 >Number: 134785 >Category: ports >Synopsis: [patch][vuxml] security/gnutls: update to 2.6.6 and document fixed vulnerabilities >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu May 21 14:40:03 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Eygene Ryabinkin >Release: FreeBSD 7.2-STABLE amd64 >Organization: Code Labs >Environment: System: FreeBSD 7.2-STABLE amd64 >Description: GnuTLS 2.6.6 is mostly a bugfix release that fixes 3 CVEs: [1], [2], [3] and [4]. Judging by release notes for gnutls-2.7.9, all three bugs were fixed before 2.7.8 and after 2.7.7, so I am marking gnutls-devel < 2.7.8 (current port version) as vulnerable too. >How-To-Repeat: [1] http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3514 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417 >Fix: The following patch updates to port to 2.6.6. I had tested its compilability and basic operations. --- update-to.2.6.6.diff begins here --- >From 6c9ce64c583931d5e669c72cd7e3ed7a41c6521c Mon Sep 17 00:00:00 2001 From: Eygene Ryabinkin Date: Thu, 21 May 2009 18:19:23 +0400 http://www.gnu.org/software/gnutls/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417 Signed-off-by: Eygene Ryabinkin --- security/gnutls/Makefile | 2 +- security/gnutls/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile index 1d33275..ed148a6 100644 --- a/security/gnutls/Makefile +++ b/security/gnutls/Makefile @@ -6,7 +6,7 @@ # PORTNAME= gnutls -PORTVERSION= 2.6.5 +PORTVERSION= 2.6.6 CATEGORIES= security net MASTER_SITES= ${MASTER_SITE_GNU} \ ${MASTER_SITE_GNUPG} diff --git a/security/gnutls/distinfo b/security/gnutls/distinfo index c5d70d2..f60cc82 100644 --- a/security/gnutls/distinfo +++ b/security/gnutls/distinfo @@ -1,3 +1,3 @@ -MD5 (gnutls-2.6.5.tar.bz2) = 92b92c36b616aa8bd69a9a0fb2b8eb24 -SHA256 (gnutls-2.6.5.tar.bz2) = e78be636072c0ab748ccf1742c4b41fc7aaff98b43166cfbc8df91c7185501cb -SIZE (gnutls-2.6.5.tar.bz2) = 5112923 +MD5 (gnutls-2.6.6.tar.bz2) = ca2489e29f9dc313a79b9747bb1090e5 +SHA256 (gnutls-2.6.6.tar.bz2) = 03d85b8b51ca7885740c69b87663963c58fe7c9672da0a43e45732078fabdc9e +SIZE (gnutls-2.6.6.tar.bz2) = 5116385 -- 1.6.3.1 --- update-to.2.6.6.diff ends here --- The following VuXML entry should be evaluated and added: --- vuln.xml begins here --- GnuTLS -- multiple vulnerabilities gnutls 2.6.6 gnutls-devel 2.7.8

SecurityFocus reports:

GnuTLS is prone to multiple remote vulnerabilities:

  • A remote code-execution vulnerability.
  • A denial-of-service vulnerability.
  • A signature-generation vulnerability.
  • A signature-verification vulnerability.

An attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.

 CVE-2009-1415 CVE-2009-1416 CVE-2009-1417 34783 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517 2009-05-21 TODAY --- vuln.xml ends here --- >Release-Note: >Audit-Trail: >Unformatted: