Re: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)

To: debian-lts@lists.debian.org
Subject: Re: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
From: Markus Koschany <apo@debian.org>
Date: Mon, 4 Mar 2019 16:55:37 +0100
Message-id: <[🔎] a2656c20-d099-471d-a393-a7703e8612e2@debian.org>
In-reply-to: <[🔎] c2c043d7-659e-c9c5-7fb5-f446de64c316@beuc.net>
References: <[🔎] c2c043d7-659e-c9c5-7fb5-f446de64c316@beuc.net>

Am 04.03.19 um 16:33 schrieb Sylvain Beucler:
[...]
> I see this as a strong signal that we should not attempt to backport the
> fix, and go with a <no-dsa> (minor).
> 
> Alternatively we could upgrade nettle (libnettle4->libnettle6) which
> doesn't break gnutls28's test suite, though it's likely to introduce
> other issues (e.g. #789119).
> 
> Thoughts?
> 
> Cheers!
> Sylvain
> 

I also worked on nettle/gnutls26 for Wheezy. There are too many changes
and just backporting rsa_sec_decrypt in nettle would be an incomplete
fix for CVE-2018-16869 because they introduced more hardening against
those side-channel attacks in other functions. An upgrade of nettle
would require a rebuild of all reverse-dependencies and that is probably
too intrusive.

Regards,

Markus

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
  - From: Sylvain Beucler <beuc@beuc.net>

References:
- gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
  - From: Sylvain Beucler <beuc@beuc.net>

Prev by Date: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
Next by Date: Re: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
Previous by thread: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
Next by thread: Re: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
Index(es):
- Date
- Thread