what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

001058.html

001058.html
Posted Feb 10, 2006
Authored by Simon Josefsson | Site lists.gnupg.org

GnuTLS 1.2.10 was released and fixes several serious bugs that would make the DER decoder in libtasn1 crash on invalid input. The problems were reported by Evgeny Legerov on the 31th of January.

tags | advisory
SHA-256 | 89ecb6bc4bb43f015e259580c64a4e6127299856b664d3db37c11e5b7c073744
Download | Favorite | View

001058.html

Change Mirror Download
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
 <HEAD>
   <TITLE> [gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release
   </TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:gnutls-dev%40gnupg.org?Subject=%5Bgnutls-dev%5D%20Libtasn1%200.2.18%20-%20Tiny%20ASN.1%20Library%20-%20Security%20release&In-Reply-To=">
   <META NAME="robots" CONTENT="index,nofollow">
   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
   <LINK REL="Previous"  HREF="001055.html">
   <LINK REL="Next"  HREF="001059.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release</H1>
    <B>Simon Josefsson</B> 
    <A HREF="mailto:gnutls-dev%40gnupg.org?Subject=%5Bgnutls-dev%5D%20Libtasn1%200.2.18%20-%20Tiny%20ASN.1%20Library%20-%20Security%20release&In-Reply-To="
       TITLE="[gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release">jas at extundo.com
       </A><BR>
    <I>Thu Feb  9 16:38:35 CET 2006</I>
    <P><UL>
        <LI>Previous message: <A HREF="001055.html">[gnutls-dev] more than one trusted certificate - buffer overflow
</A></li>
        <LI>Next message: <A HREF="001059.html">[gnutls-dev] GnuTLS 1.2.10 - Security release
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#1058">[ date ]</a>
              <a href="thread.html#1058">[ thread ]</a>
              <a href="subject.html#1058">[ subject ]</a>
              <a href="author.html#1058">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>All,

this release fixes several serious bugs that would make the DER
decoder in libtasn1 crash on invalid input.  The problems were
reported by Evgeny Legerov on the 31th of January.  New releases of
GnuTLS will follow later today.

We invite more detailed analysis of the problem, following our general
security advisory approach explained on:

<A HREF="http://www.gnu.org/software/gnutls/security.html">http://www.gnu.org/software/gnutls/security.html</A>

Particularly, it would be useful to answer the question of whether
these bugs are possible to exploit remotely.  It is certainly possible
to cause the server to crash.  We don't have resources to investigate
this problem more ourselves currently.

To make it easier for you to review this problem, I have prepared a
self test that trigger three bugs in the old libtasn1.  It will be
part of GnuTLS 1.3.4, in tests/certder.c.  I have also created a diff
between libtasn1 0.2.17 and libtasn1 0.2.18.  I contains unrelated
fixes too, but it is not too large.  It is available from:

<A HREF="http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch">http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch</A>

Please send your analysis to <A HREF="http://lists.gnupg.org/mailman/listinfo/gnutls-dev">gnutls-dev at gnupg.org</A> and I'll update the
security advisory web page pointing to it.

Libtasn1 is a standalone library written in C for manipulating ASN.1
objects including DER encoding and DER decoding.  It is used by GnuTLS
to manipulate X.509 objects and by GNU Shishi to handle Kerberos
packets.

Version 0.2.18
- Fix out-of-bounds access in DER decoding, reported by Evgeny Legerov.
- Add 'const' keyword to some prototypes, thanks to Frediano ZIGLIO.
- Fixed typo in src/Makefile.am to make it build with objdir != srcdir,
  thanks to Bernard Leak.
- Update of gnulib files.
- Typo fixes in comments, e.g. finish libasn1 to libtasn1 renaming,
  use LGPL boiler plate on some files in lib/.

Commercial support contracts for Libtasn1 are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding Libtasn1
maintenance.  We are always looking for interesting development
projects.

If you need help to use Libtasn1, or want to help others, you are
invited to join our help-gnutls mailing list, see:
<<A HREF="http://lists.gnu.org/mailman/listinfo/help-gnutls">http://lists.gnu.org/mailman/listinfo/help-gnutls</A>>.

Homepage:
  <A HREF="http://josefsson.org/libtasn1/">http://josefsson.org/libtasn1/</A>

Manual in many formats:
  <A HREF="http://josefsson.org/gnutls/manual/libtasn1/">http://josefsson.org/gnutls/manual/libtasn1/</A>

Here are the compressed sources:
  <A HREF="ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz">ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz</A> (888KB)
  <A HREF="http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz">http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz</A>

Here are GPG detached signatures using key 0xB565716F:
  <A HREF="ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz.sig">ftp://ftp.gnutls.org/pub/gnutls/libtasn1/libtasn1-0.2.18.tar.gz.sig</A>
  <A HREF="http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz.sig">http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18.tar.gz.sig</A>

Here are the SHA-1 checksums:

4f9c1be1586083cd605e17c7948f94deed63b024  libtasn1-0.2.18.tar.gz
08d625e5fbabee2710f9789c8508397e481b048b  libtasn1-0.2.18.tar.gz.sig

Enjoy,
Nikos and Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 423 bytes
Desc: not available
Url : /pipermail/attachments/20060209/8a8d2205/attachment.pgp
</PRE>


<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
  <LI>Previous message: <A HREF="001055.html">[gnutls-dev] more than one trusted certificate - buffer overflow
</A></li>
  <LI>Next message: <A HREF="001059.html">[gnutls-dev] GnuTLS 1.2.10 - Security release
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#1058">[ date ]</a>
              <a href="thread.html#1058">[ thread ]</a>
              <a href="subject.html#1058">[ subject ]</a>
              <a href="author.html#1058">[ author ]</a>
         </LI>
       </UL>

<hr>
<a href="http://lists.gnupg.org/mailman/listinfo/gnutls-dev">More information about the Gnutls-dev
mailing list</a><br>
</body></html>
Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close