aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpsykose <alice@ayaya.dev>2023-02-11 04:55:24 +0000
committerpsykose <alice@ayaya.dev>2023-02-11 05:56:41 +0100
commit5fa50735420cc6af9867576051934c7d34a6f117 (patch)
tree2ddd2fd4631784fd7d5e7841772ed794a5953f70
parent461a8270e856ec885957b84b777d82a356c90194 (diff)
main/gnutls: patch CVE-2023-0361
-rw-r--r--main/gnutls/APKBUILD6
-rw-r--r--main/gnutls/CVE-2023-0361.patch47
2 files changed, 52 insertions, 1 deletions
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index b291f761b7b..ac3fa63b27a 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.7.1
-pkgrel=1
+pkgrel=2
pkgdesc="TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
@@ -19,10 +19,13 @@ source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
tests-crq.patch
tests-certtool.patch
CVE-2022-2509.patch
+ CVE-2023-0361.patch
"
# Upstream Tracker: https://gnutls.org/security-new.html
# secfixes:
+# 3.7.1-r2:
+# - CVE-2023-0361
# 3.7.1-r1:
# - CVE-2022-2509 GNUTLS-SA-2022-07-07
# 3.7.1-r0:
@@ -83,4 +86,5 @@ sha512sums="
3e7d872963cc25e49f1ecf98de7d6f3b6b22d2c1c9e982bc4b22ce658c11d8567903728e5aa33ce7b6d3e25fe0b7a75b8aca3e8f53838155af5abe23887d33fa tests-crq.patch
3cc35bf7dcf6b7963d59bc346f68e0004151e409899b50e98ba5c675e753ade19a7baf317449343688b1bb2905ef8c8a5677dfe819e701b5bd82374d99adeb65 tests-certtool.patch
a790a23b064196763de6cc8683b7c2ff70a5d7a3caad57aa339ed92318480aabf746de86124fecf4b3fc509a5416cb34fec6c308c9141b113b0e968c7dcf20eb CVE-2022-2509.patch
+4bebc92c0f337f33a7a0b34fba76d16de1516c3bce74352410b9bf7cd3adadf10833c92e1d0c3a3fd0f79d47fe9b5886098aef60ac7d9baf3bba5ae7dbc7dd39 CVE-2023-0361.patch
"
diff --git a/main/gnutls/CVE-2023-0361.patch b/main/gnutls/CVE-2023-0361.patch
new file mode 100644
index 00000000000..2707d2f6df1
--- /dev/null
+++ b/main/gnutls/CVE-2023-0361.patch
@@ -0,0 +1,47 @@
+Patch-Source: https://gitlab.com/gnutls/gnutls/-/commit/80a6ce8ddb02477cd724cd5b2944791aaddb702a
+--
+From 80a6ce8ddb02477cd724cd5b2944791aaddb702a Mon Sep 17 00:00:00 2001
+From: Alexander Sosedkin <asosedkin@redhat.com>
+Date: Tue, 9 Aug 2022 16:05:53 +0200
+Subject: [PATCH] auth/rsa: side-step potential side-channel
+
+Remove branching that depends on secret data.
+
+Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
+Signed-off-by: Hubert Kario <hkario@redhat.com>
+Tested-by: Hubert Kario <hkario@redhat.com>
+---
+ lib/auth/rsa.c | 10 ----------
+ 1 file changed, 10 deletions(-)
+
+diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c
+index 62c86e470a..562518d93e 100644
+--- a/lib/auth/rsa.c
++++ b/lib/auth/rsa.c
+@@ -154,7 +154,6 @@ _gnutls_get_public_rsa_params(gnutls_session_t session,
+ static int
+ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size)
+ {
+- const char attack_error[] = "auth_rsa: Possible PKCS #1 attack\n";
+ gnutls_datum_t ciphertext;
+ int ret, dsize;
+ ssize_t data_size = _data_size;
+@@ -234,15 +233,6 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size)
+ ok &= CONSTCHECK_NOT_EQUAL(check_ver_min, 0) &
+ CONSTCHECK_EQUAL(session->key.key.data[1], ver_min);
+
+- if (ok) {
+- /* call logging function unconditionally so all branches are
+- * indistinguishable for timing and cache access when debug
+- * logging is disabled */
+- _gnutls_no_log("%s", attack_error);
+- } else {
+- _gnutls_debug_log("%s", attack_error);
+- }
+-
+ /* This is here to avoid the version check attack
+ * discussed above.
+ */
+--
+GitLab
+