Re: squeeze update of chrony?

To: Antoine Beaupré <anarcat@orangeseeds.org>
Cc: debian-lts@lists.debian.org, agx@sigxcpu.org
Subject: Re: squeeze update of chrony?
From: Vincent Blut <vincent.debian@free.fr>
Date: Fri, 5 Feb 2016 01:56:16 +0100
Message-id: <[🔎] 20160205005616.GA1859@lamella>
In-reply-to: <[🔎] 877fikm950.fsf@angela.anarcat.ath.cx>
References: <[🔎] 1454605010.3549.0@smtp.free.fr> <[🔎] 877fikm950.fsf@angela.anarcat.ath.cx>

On Thu, Feb 04, 2016 at 04:57:15PM -0500, Antoine Beaupré wrote:

On 2016-02-04 11:56:50, Vincent Blut wrote:

Hey Antoine,

On 2016-01-30 15:16:49, Antoine Beaupré wrote:
 >> On 2016-01-28 17:27:41, Vincent Blut wrote:
 >>> On Thu, Jan 28, 2016 at 09:23:01PM +0100, Guido Günther wrote:
 >>>>Hello dear maintainers,
 >>>
 >>> Hello Guido,
 >>>
 >>>>the Debian LTS team would like to fix the security issues which are
 >>>>currently open in the Squeeze version of chrony:
 >>>>https://security-tracker.debian.org/tracker/CVE-2016-1567
 >>>>
 >>>>Would you like to take care of this yourself?
 >>>
 >>> I’m well aware of that security issue. Sadly, I’m totally busy
these
 >>> days, thus I won’t be able to deal with this prior to
Sunday/Monday.
 >>> Hope that deadline is acceptable for you‽
 >>
 >> I think that is fine, thanks for looking into it!
 >
 >Ping! Did you have time to followup on this?

Yes, I’ve had an ack from upstream about my backported patch, I’m
testing the
patched package since yesterday. I do intend to upload to mentors.d.n
tonight.


Great, keep us informed!

Ok, so my attempt to upload to mentors.d.n has been rejected due tosqueeze-lts not being understood by the service. Hopefully this will befixed to ease cooperation with non DD or DM without upload right.


Whilst seeking a solution, here is a debdiff:

chrony_1.24-3+squeeze2 chrony_1.24-3+squeeze3

chrony-1.24/debian/applied/series | 1chrony-1.24/debian/changelog | 10 ++++

chrony-1.24/ntp_core.c                                                          |    3 -
debian/applied/14_restrict-authentication-of-server-peer-to-specified-key.patch |   24 ++++++++++
4 files changed, 37 insertions(+), 1 deletion(-)

diff -u chrony-1.24/debian/applied/series chrony-1.24/debian/applied/series
--- chrony-1.24/debian/applied/series
+++ chrony-1.24/debian/applied/series
@@ -7,0 +8 @@
+14_restrict-authentication-of-server-peer-to-specified-key.patch
diff -u chrony-1.24/debian/changelog chrony-1.24/debian/changelog
--- chrony-1.24/debian/changelog
+++ chrony-1.24/debian/changelog
@@ -1,3 +1,13 @@
+chrony (1.24-3+squeeze3) squeeze-lts; urgency=medium
+
+  * Fix CVE-2016-1567: retrict authentication of server/peer
+                       to specified key
+  * debian/applied/:
+    - Add 14_restrict-authentication-of-server-peer-to-specified-key.patch,
+    and update the series file accordingly.
+
+ -- Vincent Blut <vincent.debian@free.fr>  Wed, 03 Feb 2016 17:34:59 +0100
+
chrony (1.24-3+squeeze2) squeeze-lts; urgency=high

  * With the following security bugfixes (See: #782160):
diff -u chrony-1.24/ntp_core.c chrony-1.24/ntp_core.c
--- chrony-1.24/ntp_core.c
+++ chrony-1.24/ntp_core.c
@@ -966,7 +966,8 @@
      if (!KEY_KeyKnown(auth_key_id)) {
        test5 = 0;
      } else {
-        test5 = check_packet_auth(message, auth_key_id);
+        test5 = check_packet_auth(message, auth_key_id) &&
+                auth_key_id == inst->auth_key_id;
      }
    } else {
      /* If we expect authenticated info from this peer/server and the packet
only in patch2:
unchanged:
--- chrony-1.24.orig/debian/applied/14_restrict-authentication-of-server-peer-to-specified-key.patch
+++ chrony-1.24/debian/applied/14_restrict-authentication-of-server-peer-to-specified-key.patch
@@ -0,0 +1,24 @@
+From: Vincent Blut <vincent.debian@free.fr>
+Date: Tue, 02 Feb 2016 23:29:25 +0100
+Subject: ntp: restrict authentication of server/peer to specified key
+
+This patch fixes CVE-2016-1567 in chrony 1.24. Prior to version 1.31.2,
+chrony does not verify peer associations of symmetric keys when authenticating
+packets, which might allow remote attackers to conduct impersonation attacks
+via an arbitrary trusted key, aka a "skeleton key." This issue also affects
+chrony 2.2 and has been fixed in version 2.2.1.
+---
+
+diff -urNpa a/chrony-1.24/ntp_core.c b/chrony-1.24/ntp_core.c
+--- a/chrony-1.24/ntp_core.c	2016-02-02 23:28:39.070377463 +0100
++++ b/chrony-1.24/ntp_core.c	2016-02-02 23:01:10.414119775 +0100
+@@ -966,7 +966,8 @@ receive_packet(NTP_Packet *message, stru
+       if (!KEY_KeyKnown(auth_key_id)) {
+         test5 = 0;
+       } else {
+-        test5 = check_packet_auth(message, auth_key_id);
++        test5 = check_packet_auth(message, auth_key_id) &&
++                auth_key_id == inst->auth_key_id;
+       }
+     } else {
+       /* If we expect authenticated info from this peer/server and the packet

Cheers,
Vincent

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: squeeze update of chrony?
  - From: Paul Gevers <elbrus@debian.org>

References:
- Re: squeeze update of chrony?
  - From: Vincent Blut <vincent.debian@free.fr>
- Re: squeeze update of chrony?
  - From: Antoine Beaupré <anarcat@orangeseeds.org>

Prev by Date: Re: squeeze update of chrony?
Next by Date: Re: squeeze update of chrony?
Previous by thread: Re: squeeze update of chrony?
Next by thread: Re: squeeze update of chrony?
Index(es):
- Date
- Thread