Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6

To: Sebastian Ramacher <sramacher@debian.org>
Cc: 990825@bugs.debian.org
Subject: Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
From: Shengjing Zhu <zhsj@debian.org>
Date: Tue, 13 Jul 2021 14:08:22 +0800
Message-id: <[🔎] YO0t1ngLm+L9T9wU@local.zhsj.me>
Reply-to: Shengjing Zhu <zhsj@debian.org>, 990825@bugs.debian.org
In-reply-to: <[🔎] YOwC3xOWpo6H43TV@ramacher.at>
References: <YOcd12b/OMPuuSPR@local.zhsj.me> <[🔎] YOwC3xOWpo6H43TV@ramacher.at> <YOcd12b/OMPuuSPR@local.zhsj.me>

Hi,

On Mon, Jul 12, 2021 at 10:52:47AM +0200, Sebastian Ramacher wrote:
> > [ Risks ]
> > 
> > It's security fix to standard library. So it needs binNMU for all Go packages.
> 
> That's about 1.7k source packages. It would help if you can reduce the
> set of affected packages to not waste time chasing binNMUs for packages
> that don't need them.
> 

That's about 200+ binary packages. arch:all packages are not affected.

Sadly the std library are statically embedded in all packages built by Go compiler.
So if there's security issue in std library, bunch of packages need to be rebuild.

It may be possible to disassemble all Go binaries to see how many std libraries
are embedded, but currently we don't have such tool to go through all unpacked binary
packages.

> Cheers
> 
> > As it's near hard freeze, I'd like to ask whether to fix it before release or after.
> > I don't have preference FWIW.
> > CCed security team as well.
> > 
> > [ Checklist ]
> >   [ ] all changes are documented in the d/changelog
> >   [ ] I reviewed all changes and I approve them
> >   [ ] attach debdiff against the package in testing
> > 
> > [ Other info ]
> > 
> > That's just pre-announcement by Go upstream. So I really don't have diff yet.
> > 
> > unblock golang-1.15/1.15.9-6
> > 

As the security issue is disclosed now, I have prepared the debdiff.


diff -Nru golang-1.15-1.15.9/debian/changelog golang-1.15-1.15.9/debian/changelog
--- golang-1.15-1.15.9/debian/changelog	2021-06-05 19:36:34.000000000 +0800
+++ golang-1.15-1.15.9/debian/changelog	2021-07-13 13:55:42.000000000 +0800
@@ -1,3 +1,12 @@
+golang-1.15 (1.15.9-6) unstable; urgency=medium
+
+  * Team upload.
+  * Backport patche for CVE-2021-34558
+    crypto/tls: clients can panic when provided a certificate of the wrong type
+    for the negotiated parameters
+
+ -- Shengjing Zhu <zhsj@debian.org>  Tue, 13 Jul 2021 13:55:42 +0800
+
 golang-1.15 (1.15.9-5) unstable; urgency=medium
 
   * Team upload.
diff -Nru golang-1.15-1.15.9/debian/patches/0013-CVE-2021-34558.patch golang-1.15-1.15.9/debian/patches/0013-CVE-2021-34558.patch
--- golang-1.15-1.15.9/debian/patches/0013-CVE-2021-34558.patch	1970-01-01 08:00:00.000000000 +0800
+++ golang-1.15-1.15.9/debian/patches/0013-CVE-2021-34558.patch	2021-07-13 13:55:42.000000000 +0800
@@ -0,0 +1,46 @@
+From c77980bc077f3774276ab2deba78d8e6bfe4b3bd Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker <roland@golang.org>
+Date: Wed, 9 Jun 2021 11:31:27 -0700
+Subject: [PATCH] [release-branch.go1.15] crypto/tls: test key type when
+ casting
+
+When casting the certificate public key in generateClientKeyExchange,
+check the type is appropriate. This prevents a panic when a server
+agrees to a RSA based key exchange, but then sends an ECDSA (or
+other) certificate.
+
+Updates #47143
+Fixes #47144
+Fixes CVE-2021-34558
+
+Thanks to Imre Rad for reporting this issue.
+
+Change-Id: Iabccacca6052769a605cccefa1216a9f7b7f6aea
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1116723
+Reviewed-by: Filippo Valsorda <valsorda@google.com>
+Reviewed-by: Katie Hockman <katiehockman@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/334030
+Trust: Filippo Valsorda <filippo@golang.org>
+Run-TryBot: Filippo Valsorda <filippo@golang.org>
+Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
+---
+ src/crypto/tls/key_agreement.go | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/crypto/tls/key_agreement.go b/src/crypto/tls/key_agreement.go
+index 7e6534bd465e3..22f1b2e1f2441 100644
+--- a/src/crypto/tls/key_agreement.go
++++ b/src/crypto/tls/key_agreement.go
+@@ -67,7 +67,11 @@ func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello
+ 		return nil, nil, err
+ 	}
+ 
+-	encrypted, err := rsa.EncryptPKCS1v15(config.rand(), cert.PublicKey.(*rsa.PublicKey), preMasterSecret)
++	rsaKey, ok := cert.PublicKey.(*rsa.PublicKey)
++	if !ok {
++		return nil, nil, errors.New("tls: server certificate contains incorrect key type for selected ciphersuite")
++	}
++	encrypted, err := rsa.EncryptPKCS1v15(config.rand(), rsaKey, preMasterSecret)
+ 	if err != nil {
+ 		return nil, nil, err
+ 	}
diff -Nru golang-1.15-1.15.9/debian/patches/series golang-1.15-1.15.9/debian/patches/series
--- golang-1.15-1.15.9/debian/patches/series	2021-06-05 19:36:34.000000000 +0800
+++ golang-1.15-1.15.9/debian/patches/series	2021-07-13 13:55:42.000000000 +0800
@@ -10,3 +10,4 @@
 0010-CVE-2021-33195-2.patch
 0011-CVE-2021-33197.patch
 0012-CVE-2021-33198.patch
+0013-CVE-2021-34558.patch

Reply to:

Follow-Ups:
- Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
  - From: Paul Wise <pabs@debian.org>
- Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
  - From: Adrian Bunk <bunk@debian.org>

References:
- Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
  - From: Shengjing Zhu <zhsj@debian.org>
- Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
  - From: Sebastian Ramacher <sramacher@debian.org>

Prev by Date: Bug#991018: unblock: qreator/16.06.1-7
Next by Date: Bug#991018: marked as done (unblock: qreator/16.06.1-7)
Previous by thread: Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
Next by thread: Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
Index(es):
- Date
- Thread