Your message dated Sun, 07 Dec 2008 11:33:47 +0200 with message-id <493B987B.9070007@gmail.com> and subject line state of #454666 has caused the Debian Bug report #454666, regarding MD5 signatures provide no security to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 454666: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454666 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: MD5 signatures provide no security
- From: bear@pagansexcult.org
- Date: Thu, 6 Dec 2007 14:33:06 -0800 (PST)
- Message-id: <Pine.LNX.4.53.0712061409170.30849@www.pagansexcult.org>
Package: dpkg Version: 1.13.25 Severity: critical Note: reported against the current version of dpkg, but applies equally to all versions up to the present time. MD5 checksums are not secure. A recently discovered mathematical technique allows *ANY* document containing a few attacker-chosen "random" blocks to have any chosen MD5 checksum. The paper is titled "Vulnerability of software integrity and code signing applications to chosen-prefix collisions for MD5" by Arjen Lenstra and Benne de Weger, Bell Laboratories. Full text is available online.[1] In particular, it is now computationally feasible for a single attacker with a desktop machine to modify any executable of his or her choosing to have any desired MD5 checksum. Exploitation of this flaw would allow an attacker to substitute arbitrary code for any legitimate Debian package using a "man in the middle" attack undetected whenever a user is installing new software, or to put up a debian mirror site or repository containing arbitrary code disguised as legitimate Debian software and having the same checksums. Ray Dillinger [1] http://www.win.tue.nl/hashclash/SoftIntCodeSign/
--- End Message ---
--- Begin Message ---
- To: 454666-done@bugs.debian.org
- Subject: state of #454666
- From: "Eugene V. Lyubimkin" <jackyf.devel@gmail.com>
- Date: Sun, 07 Dec 2008 11:33:47 +0200
- Message-id: <493B987B.9070007@gmail.com>
Hello. As already said by Sam Hocevar, this technique doesn't allows man-in-the-middle attack to be done for Debian packages, because no one Debian Developer/Maintainer will append some pieces of blob to Debian packages. So, MD5 provides security for Debian. Closing. -- Eugene V. Lyubimkin aka JackYF, JID: jackyf.devel(maildog)gmail.com Ukrainian C++ developer, Debian APT contributorAttachment: signature.asc
Description: OpenPGP digital signature
--- End Message ---