exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

001058.html

001058.html
Posted Feb 10, 2006
Authored by Simon Josefsson | Site lists.gnupg.org

GnuTLS 1.2.10 was released and fixes several serious bugs that would make the DER decoder in libtasn1 crash on invalid input. The problems were reported by Evgeny Legerov on the 31th of January.

tags | advisory
SHA-256 | 89ecb6bc4bb43f015e259580c64a4e6127299856b664d3db37c11e5b7c073744

001058.html

Change Mirror Download
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:gnutls-dev%40gnupg.org?Subject=%5Bgnutls-dev%5D%20Libtasn1%200.2.18%20-%20Tiny%20ASN.1%20Library%20-%20Security%20release&In-Reply-To=">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="001055.html">
<LINK REL="Next" HREF="001059.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release</H1>
<B>Simon Josefsson</B>
<A HREF="mailto:gnutls-dev%40gnupg.org?Subject=%5Bgnutls-dev%5D%20Libtasn1%200.2.18%20-%20Tiny%20ASN.1%20Library%20-%20Security%20release&In-Reply-To="
TITLE="[gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release">jas at extundo.com
</A><BR>
<I>Thu Feb 9 16:38:35 CET 2006</I>
<P><UL>
<LI>Previous message: <A HREF="001055.html">[gnutls-dev] more than one trusted certificate - buffer overflow
</A></li>
<LI>Next message: <A HREF="001059.html">[gnutls-dev] GnuTLS 1.2.10 - Security release
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#1058">[ date ]</a>
<a href="thread.html#1058">[ thread ]</a>
<a href="subject.html#1058">[ subject ]</a>
<a href="author.html#1058">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>All,

this release fixes several serious bugs that would make the DER
decoder in libtasn1 crash on invalid input. The problems were
reported by Evgeny Legerov on the 31th of January. New releases of
GnuTLS will follow later today.

We invite more detailed analysis of the problem, following our general
security advisory approach explained on:

<A HREF="http://www.gnu.org/software/gnutls/security.html">http://www.gnu.org/software/gnutls/security.html</A>

Particularly, it would be useful to answer the question of whether
these bugs are possible to exploit remotely. It is certainly possible
to cause the server to crash. We don't have resources to investigate
this problem more ourselves currently.

To make it easier for you to review this problem, I have prepared a
self test that trigger three bugs in the old libtasn1. It will be
part of GnuTLS 1.3.4, in tests/certder.c. I have also created a diff
between libtasn1 0.2.17 and libtasn1 0.2.18. I contains unrelated
fixes too, but it is not too large. It is available from:

<A HREF="http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch">http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch</A>

Please send your analysis to <A HREF="http://lists.gnupg.org/mailman/listinfo/gnutls-dev">gnutls-dev at gnupg.org</A> and I'll update the
security advisory web page pointing to it.

Libtasn1 is a standalone library written in C for manipulating ASN.1
objects including DER encoding and DER decoding. It is used by GnuTLS
to manipulate X.509 objects and by GNU Shishi to handle Kerberos
packets.

Version 0.2.18
- Fix out-of-bounds access in DER decoding, reported by Evgeny Legerov.
- Add 'const' keyword to some prototypes, thanks to Frediano ZIGLIO.
- Fixed typo in src/Makefile.am to make it build with objdir != srcdir,
thanks to Bernard Leak.
- Update of gnulib files.
- Typo fixes in comments, e.g. finish libasn1 to libtasn1 renaming,
use LGPL boiler plate on some files in lib/.

Commercial support contracts for Libtasn1 are available, and they help
finance continued maintenance. Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding Libtasn1
maintenance. We are always looking for interesting development
projects.

If you need help to use Libtasn1, or want to help others, you are
invited to join our help-gnutls mailing list, see:
<<A HREF="http://lists.gnu.org/mailman/listinfo/help-gnutls">http://lists.gnu.org/mailman/listinfo/help-gnutls</A>>.

Homepage:
<A HREF="http://josefsson.org/libtasn1/">http://josefsson.org/libtasn1/</A>

Manual in many formats:
<A HREF="http://josefsson.org/gnutls/manual/libtasn1/">http://josefsson.org/gnutls/manual/libtasn1/</A>

Here are the compressed sources:
<A HREF="ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz">ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz</A> (888KB)
<A HREF="http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz">http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz</A>

Here are GPG detached signatures using key 0xB565716F:
<A HREF="ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz.sig">ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz.sig</A>
<A HREF="http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz.sig">http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz.sig</A>

Here are the SHA-1 checksums:

4f9c1be1586083cd605e17c7948f94deed63b024 libtasn1-0.2.18.tar.gz
08d625e5fbabee2710f9789c8508397e481b048b libtasn1-0.2.18.tar.gz.sig

Enjoy,
Nikos and Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 423 bytes
Desc: not available
Url : /pipermail/attachments/20060209/8a8d2205/attachment.pgp
</PRE>


<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="001055.html">[gnutls-dev] more than one trusted certificate - buffer overflow
</A></li>
<LI>Next message: <A HREF="001059.html">[gnutls-dev] GnuTLS 1.2.10 - Security release
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#1058">[ date ]</a>
<a href="thread.html#1058">[ thread ]</a>
<a href="subject.html#1058">[ subject ]</a>
<a href="author.html#1058">[ author ]</a>
</LI>
</UL>

<hr>
<a href="http://lists.gnupg.org/mailman/listinfo/gnutls-dev">More information about the Gnutls-dev
mailing list</a><br>
</body></html>
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close