HiTo completely fix the second part of this CVE I think an API change is necessary.The API need to return a list of unsigned and signed portions of the message so the application using it can make it visible what parts are signed and what parts are not.However such a change is large and cannot be done in LTS.Regarding the security purpose of the hash information I cannot really judge. I think it serves very little function but I could be wrong.Cheers// OlaOn Mon, 7 Sep 2020 at 01:08, Brian May <bam@debian.org> wrote:Attached is my patch for Stretch, based on the upstream patch.
I am a bit uneasy about applying this and marking CVE-2019-11841 as
fixed, because contrary to what upstream say I don't think
CVE-2019-11841 is actually fixed. From the CVE description:
[...] However, the Go clearsign package ignores the value of this
header, which allows an attacker to spoof it. Consequently, an
attacker can lead a victim to believe the signature was generated
using a different message digest algorithm than what was actually
used. [...]
The upstream patch has done nothing to address this.
--
Brian May <bam@debian.org>
----- Inguza Technology AB --- MSc in Information Technology ----| http://inguza.com/ Mobile: +46 (0)70-332 1551 |---------------------------------------------------------------