=========================================================== Ubuntu Security Notice USN-170-1 August 19, 2005 gnupg vulnerability CAN-2005-0366 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: gnupg The problem can be corrected by upgrading the affected package to version 1.2.4-4ubuntu2.1 (for Ubuntu 4.10), or 1.2.5-3ubuntu5.1 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Serge Mister and Robert Zuccherato discovered a weakness of the symmetrical encryption algorithm of gnupg. When decrypting a message, gnupg uses a feature called "quick scan"; this can quickly check whether the key that is used for decryption is (probably) the right one, so that wrong keys can be determined quickly without decrypting the whole message. A failure of the quick scan will be determined much faster than a successful one. Mister/Zuccherato demonstrated that this timing difference can be exploited to an attack which allows an attacker to decrypt parts of an encrypted message if an "oracle" is available, i. e. an automatic system that receives random encrypted messages from the attacker and answers whether it passes the quick scan check. However, since the attack requires a huge amount of oracle answers (about 32.000 for every 16 bytes of ciphertext), this attack is mostly theoretical. It does not have any impact on human operation of gnupg and is not believed to be exploitable in practice. The updated packages disable the quick check, which renders this timing attack impossible. Updated packages for Ubuntu 4.10 (Warty Warthog): Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1.diff.gz Size/MD5: 56779 535ca76d0ef8e62ca39885695a09b55e http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1.dsc Size/MD5: 619 8fb0039e446c6c43670d1d46dbdcec4f http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4.orig.tar.gz Size/MD5: 3451202 adfab529010ba55533c8e538c0b042a2 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1_amd64.deb Size/MD5: 1721956 c5ad08ee5c515a4704d90995cce78d24 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1_i386.deb Size/MD5: 1667010 a5bee7d9a0806a8cfc34e9fa630170ee powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubuntu2.1_powerpc.deb Size/MD5: 1721372 63e8981a1811f86885a94ce852d5d692 Updated packages for Ubuntu 5.04 (Hoary Hedgehog): Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1.diff.gz Size/MD5: 63056 504f55111886a4b9374c194fa03f53c8 http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1.dsc Size/MD5: 654 82a302b486f65b7a1c7c4cbf44450729 http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5.orig.tar.gz Size/MD5: 3645308 9109ff94f7a502acd915a6e61d28d98a amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1_amd64.deb Size/MD5: 805058 7df82bdac6114a8901be677df747ba3e http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.1_amd64.udeb Size/MD5: 146276 0229d7a37bb97926a600c8adf1d56afe i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1_i386.deb Size/MD5: 750094 e8653aba101299b9964873b097911ed5 http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.1_i386.udeb Size/MD5: 121180 7576662e8ffd07063b1f349f75cab0d0 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.1_powerpc.deb Size/MD5: 805618 3a2da610043d28171e839ed0a1c20148 http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.1_powerpc.udeb Size/MD5: 135250 ae393ff66004dccca13f9245d932218e