Re: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
On 04/03/2019 17:37, Sylvain Beucler wrote:
> On 04/03/2019 16:55, Markus Koschany wrote:
>> Am 04.03.19 um 16:33 schrieb Sylvain Beucler:
>>> I see this as a strong signal that we should not attempt to backport the
>>> fix, and go with a <no-dsa> (minor).
>>> Alternatively we could upgrade nettle (libnettle4->libnettle6) which
>>> doesn't break gnutls28's test suite, though it's likely to introduce
>>> other issues (e.g. #789119).
>> I also worked on nettle/gnutls26 for Wheezy. There are too many changes
>> and just backporting rsa_sec_decrypt in nettle would be an incomplete
>> fix for CVE-2018-16869 because they introduced more hardening against
>> those side-channel attacks in other functions. An upgrade of nettle
>> would require a rebuild of all reverse-dependencies and that is probably
>> too intrusive.
> Thanks for your input Markus.
> Instead of upgrading I was thinking of providing libnettle6 /in addition
> to/ libnettle4, but that still sounds like more troubles than it solves.
(and indeed, when testing gnutls28+libnettle6, "git clone" now fails.)
# git clone https://github.com/symfony/symfony-installer
Clonage dans 'symfony-installer'...
fatal: unable to access 'https://github.com/symfony/symfony-installer/':
gnutls_handshake() failed: Public key signature verification has failed.
Also, the stable security team didn't answer my mail but reached the
same conclusion (<no-dsa> minor).
I'll mark these CVE-s as <no-dsa> and fix the CVE/list incomplete