Ubuntu Security Notice 170-1

Ubuntu Security Notice 170-1: Posted Aug 24, 2005; Authored by Ubuntu | Site ubuntu.com; Ubuntu Security Notice USN-170-1 - Serge Mister and Robert Zuccherato discovered a weakness of the symmetrical encryption algorithm of gnupg. When decrypting a message, gnupg uses a feature called 'quick scan'; this can quickly check whether the key that is used for decryption is (probably) the right one, so that wrong keys can be determined quickly without decrypting the whole message.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2005-0366; SHA-256 | 316285c5e7f8da83ca9ff2f4241d200e0ee398d878390031e94125fecbe5ba34; Download | Favorite | View

Ubuntu Security Notice 170-1

===========================================================
Ubuntu Security Notice USN-170-1      August 19, 2005
gnupg vulnerability
CAN-2005-0366
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

gnupg

The problem can be corrected by upgrading the affected package to
version 1.2.4-4ubuntu2.1 (for Ubuntu 4.10), or 1.2.5-3ubuntu5.1 (for
Ubuntu 5.04).  In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

Serge Mister and Robert Zuccherato discovered a weakness of the
symmetrical encryption algorithm of gnupg. When decrypting a message,
gnupg uses a feature called "quick scan"; this can quickly check
whether the key that is used for decryption is (probably) the right
one, so that wrong keys can be determined quickly without decrypting
the whole message.

A failure of the quick scan will be determined much faster than a
successful one.  Mister/Zuccherato demonstrated that this timing
difference can be exploited to an attack which allows an attacker to
decrypt parts of an encrypted message if an "oracle" is available, i.
e. an automatic system that receives random encrypted messages from
the attacker and answers whether it passes the quick scan check.

However, since the attack requires a huge amount of oracle answers
(about 32.000 for every 16 bytes of ciphertext), this attack is mostly
theoretical. It does not have any impact on human operation of gnupg
and is not believed to be exploitable in practice.

The updated packages disable the quick check, which renders this
timing attack impossible.


Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1.diff.gz
      Size/MD5:    56779 535ca76d0ef8e62ca39885695a09b55e
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1.dsc
      Size/MD5:      619 8fb0039e446c6c43670d1d46dbdcec4f
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4.orig.tar.gz
      Size/MD5:  3451202 adfab529010ba55533c8e538c0b042a2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1_amd64.deb
      Size/MD5:  1721956 c5ad08ee5c515a4704d90995cce78d24

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1_i386.deb
      Size/MD5:  1667010 a5bee7d9a0806a8cfc34e9fa630170ee

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1_powerpc.deb
      Size/MD5:  1721372 63e8981a1811f86885a94ce852d5d692

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1.diff.gz
      Size/MD5:    63056 504f55111886a4b9374c194fa03f53c8
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1.dsc
      Size/MD5:      654 82a302b486f65b7a1c7c4cbf44450729
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5.orig.tar.gz
      Size/MD5:  3645308 9109ff94f7a502acd915a6e61d28d98a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1_amd64.deb
      Size/MD5:   805058 7df82bdac6114a8901be677df747ba3e
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.1_amd64.udeb
      Size/MD5:   146276 0229d7a37bb97926a600c8adf1d56afe

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1_i386.deb
      Size/MD5:   750094 e8653aba101299b9964873b097911ed5
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.1_i386.udeb
      Size/MD5:   121180 7576662e8ffd07063b1f349f75cab0d0

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1_powerpc.deb
      Size/MD5:   805618 3a2da610043d28171e839ed0a1c20148
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.1_powerpc.udeb
      Size/MD5:   135250 ae393ff66004dccca13f9245d932218e

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Ubuntu Security Notice 170-1

Ubuntu Security Notice 170-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice 170-1

Share This

Ubuntu Security Notice 170-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems