gnutls28: CVE-2017-7507

Debian Bug report logs - #864560
gnutls28: CVE-2017-7507

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: gnutls28: CVE-2017-7507

Date: Sat, 10 Jun 2017 19:20:06 +0200

Source: gnutls28
Version: 3.5.8-1
Severity: important
Tags: patch security upstream fixed-upstream
Control: fixed -1 3.5.13-1

Hi,

the following vulnerability was published for gnutls28.

CVE-2017-7507[0]:
Crash upon receiving well-formed status_request extension

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-7507
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7507
[1] https://gnutls.org/security.html#GNUTLS-SA-2017-4

Please adjust the affected versions in the BTS as needed, just checked
3.5.8 in unstable sourcewise. Not sure as well if it would need a DSA
if older versions are affected as well.

Regards,
Salvatore

Message #12 received at 864560-close@bugs.debian.org (full text, mbox, reply):

From: Andreas Metzler <ametzler@debian.org>

To: 864560-close@bugs.debian.org

Subject: Bug#864560: fixed in gnutls28 3.5.8-6

Date: Sun, 11 Jun 2017 09:33:44 +0000

Source: gnutls28
Source-Version: 3.5.8-6

We believe that the bug you reported is fixed in the latest version of
gnutls28, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864560@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Metzler <ametzler@debian.org> (supplier of updated gnutls28 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 11 Jun 2017 10:44:33 +0200
Source: gnutls28
Binary: libgnutls28-dev libgnutls30 gnutls-bin gnutls-doc libgnutlsxx28 libgnutls-openssl27 libgnutls-dane0
Architecture: source
Version: 3.5.8-6
Distribution: unstable
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Closes: 864560
Description: 
 gnutls-bin - GNU TLS library - commandline utilities
 gnutls-doc - GNU TLS library - documentation and examples
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutlsxx28 - GNU TLS library - C++ runtime library
Changes:
 gnutls28 (3.5.8-6) unstable; urgency=high
 .
   * 36_CVE-2017-7507_*.patch: Pulled from 3.5.13, fix crash upon receiving
     well-formed status_request extension. GNUTLS-SA-2017-4/CVE-2017-7507
     Closes: #864560
Checksums-Sha1: 
 e4191d3c01f54ee5e538e31615302b87609d4dca 3258 gnutls28_3.5.8-6.dsc
 922ced9d1d4048008cefa1b5b5840cc87f2608b9 106584 gnutls28_3.5.8-6.debian.tar.xz
Checksums-Sha256: 
 0b0f35a0a6c2c5ab464a0c1b2c569479e722087c06f9a364bd9abe1965199b78 3258 gnutls28_3.5.8-6.dsc
 6e77c99e5aa728b311153202448e99159edf36785062eb0e1b7c001323067b39 106584 gnutls28_3.5.8-6.debian.tar.xz
Files: 
 146a427192794e3ff60894a44b594634 3258 libs optional gnutls28_3.5.8-6.dsc
 e3aa452c28866e5c84a24672834877c5 106584 libs optional gnutls28_3.5.8-6.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAlk9CNUACgkQpU8BhUOC
FIQQ2w/9G/voPH7ZZ3l9k50rKZDiQNxbohnUeKQT2hhPulPdIfI22SJq/INkA1H3
+pHhybueA3Wxu5KgvmARhFJw4nuyCMRVBQzFtj7azfL51oiPsIbPNBHyBLex94Nu
dQzYetZQ2CdGrqzbNlN0LnWENIIQflkDg91ZnsYXR8DcABOu3GO/b96CxjUkZEXw
7/kdmy/WfHbu8mkNxW3YBR3CQAttkSaWm1Jp3w0TK2n1Nxn0VssVuMSBalc+SDyX
OfFPN2rCecnfmQdyZYI9OdMvoX13g+zrlcCJrTUveeigqtbuQS5+s2Tytgjdqb8N
b9c0ANvMYhY7g3Kz4pVzTPUmNdCKaqydmBFGr5lQcmyFG4OkqnkoZcH4m5g3P0JK
chMS7h8bZGkgwNoK59jHCVKipoll6+EXLWIpr+KyLRydXwO+lwYhgDNvKwFbtjUE
npQyUyFtPNB36Hq4PXkai/ZwSuSdBwjpEe0elN4OtUGj9FpPLXtn5vf81z+qujxR
zXAL0ipuk649C1rplaZBqElY0rZnyj9VPI2sdJAI/YvDT07LdWw+wop+K8+3eDgE
FpjrqkKnnscjL1xoJ5H0hGGVmKErgi1EWm1VXMNjZ1CL5mpklgL1BKes8OcmOpc2
PedR3qaIby5B0yHtWOSYpdAY1qMRQw+nmkqKDdJfJTuxbL9NRtU=
=ytYu
-----END PGP SIGNATURE-----

Message #17 received at 864560@bugs.debian.org (full text, mbox, reply):

From: Andreas Metzler <ametzler@bebt.de>

To: Salvatore Bonaccorso <carnil@debian.org>, 864560@bugs.debian.org

Subject: Re: Bug#864560: gnutls28: CVE-2017-7507

Date: Sun, 11 Jun 2017 18:20:47 +0200

[Message part 1 (text/plain, inline)]

Control: found -1 3.3.8-1

On 2017-06-10 Salvatore Bonaccorso <carnil@debian.org> wrote:
> Source: gnutls28
> Version: 3.5.8-1
[...]
> the following vulnerability was published for gnutls28.

> CVE-2017-7507[0]:
> Crash upon receiving well-formed status_request extension
[...]
> Please adjust the affected versions in the BTS as needed, just checked
> 3.5.8 in unstable sourcewise. Not sure as well if it would need a DSA
> if older versions are affected as well.

Hello Salvatore,

thank you for notifying me, I somehow missed this when reading 3.5.13's
NEWS.

It does apply to stable. There is patchset on upstream's gnutls_3_3_x
branch which applies without fuzz to 3.3.8. (See attachment.)

If you are not doing a DSA I can try to fix this in jessie and stretch
point releases.

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

[proposed_jessie.patch (text/x-diff, attachment)]

Message #24 received at 864560-close@bugs.debian.org (full text, mbox, reply):

From: Andreas Metzler <ametzler@debian.org>

To: 864560-close@bugs.debian.org

Subject: Bug#864560: fixed in gnutls28 3.5.8-5+deb9u1

Date: Fri, 16 Jun 2017 17:19:59 +0000

Source: gnutls28
Source-Version: 3.5.8-5+deb9u1

We believe that the bug you reported is fixed in the latest version of
gnutls28, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864560@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Metzler <ametzler@debian.org> (supplier of updated gnutls28 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 16 Jun 2017 07:47:11 +0200
Source: gnutls28
Binary: libgnutls28-dev libgnutls30 gnutls-bin gnutls-doc libgnutlsxx28 libgnutls-openssl27 libgnutls-dane0
Architecture: all source
Version: 3.5.8-5+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Closes: 864560
Description: 
 gnutls-bin - GNU TLS library - commandline utilities
 gnutls-doc - GNU TLS library - documentation and examples
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutlsxx28 - GNU TLS library - C++ runtime library
Changes:
 gnutls28 (3.5.8-5+deb9u1) stretch-security; urgency=high
 .
   * 36_CVE-2017-7507_*.patch: Pulled from 3.5.13, fix crash upon receiving
     well-formed status_request extension. GNUTLS-SA-2017-4/CVE-2017-7507
     Closes: #864560
   * Upload is identical to 3.5.8-6 except for the version number.
Checksums-Sha1: 
 c2d2826d42fb375f2b9dc0777970ca722b05c083 3286 gnutls28_3.5.8-5+deb9u1.dsc
 238d5e62f9bb078101131dd2f4c7f2c1ac13e813 7264448 gnutls28_3.5.8.orig.tar.xz
 a48eb37b418a20fa78593786c1a2aeea25479176 287 gnutls28_3.5.8.orig.tar.xz.asc
 d17b3629a7a950db5cf7c7189711b0caa1bf94ed 106592 gnutls28_3.5.8-5+deb9u1.debian.tar.xz
 c8c4ac07fd912c397c84f137bed16c8d23c9dcfd 4059056 gnutls-doc_3.5.8-5+deb9u1_all.deb
Checksums-Sha256: 
 f854fcc690a28a442cb0a7a9125e5c82f280865e83f898afba98b8dce0290dd2 3286 gnutls28_3.5.8-5+deb9u1.dsc
 0e97f243ae72b70307d684b84c7fe679385aa7a7a0e37e5be810193dcc17d4ff 7264448 gnutls28_3.5.8.orig.tar.xz
 417da9db564a841128edb2dc2c98465a5749541f7d71492cb7c4905a0bfeac82 287 gnutls28_3.5.8.orig.tar.xz.asc
 e8aada97863d8b785c66e20e91bc5b345e9cfe82b572984b89d5ef18283c831b 106592 gnutls28_3.5.8-5+deb9u1.debian.tar.xz
 65906fa82bd45b2f1aa0e52a7111e421313a31ae58e564c3559cc02f5a2fbf3a 4059056 gnutls-doc_3.5.8-5+deb9u1_all.deb
Files: 
 f5b0272ea11f842ac7f2bc0e3e31a030 3286 libs optional gnutls28_3.5.8-5+deb9u1.dsc
 113e892e51acdb11b81804cd355adfee 7264448 libs optional gnutls28_3.5.8.orig.tar.xz
 02647c990bd24fd3fa55b9be17d684d2 287 libs optional gnutls28_3.5.8.orig.tar.xz.asc
 50d2fd8d72f72d18bd77db85636a8b39 106592 libs optional gnutls28_3.5.8-5+deb9u1.debian.tar.xz
 deee64c6f01653d1e34b74ff8d6d8d2f 4059056 doc optional gnutls-doc_3.5.8-5+deb9u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAllDnBcACgkQpU8BhUOC
FIRMfA/+NKHnCQ6yWQvIytPsU54oivvnqTCVqtzs+p2CS+RCTPH5AI1DHlOyWeqO
sL/VlmS3AneiHhPjph7tC/BgJ34uNlclG1klWKKKEDBHL1qcZlJ8dqQn625dq34S
pR4QcuuVzXfsPAfg7RLUIbtaAHdqoJ2/lidX/1FdEgmnZFb13r140ycVbYf30JN1
dV5KfjyqYd6oYtEUSY1wRbBpAM/zoelFewXlhZwPddr3eayGNtlrhC5vU1kh4cAu
uiVpJkdu5I46SGJAwOQYh9iT0UY+yWXZ6gOBEVrps7uFVMPVfFXQvQqomd4xHiUz
Dt+lLE61YyU2ekvLmi/OOuYjA3XSkqOYK7u3IyVWTD9V1Np97ItG/Ww/2dG62Jfx
KPtYcuCkrP/uxnr8ZDf946lvc6wDYFiMf1oEnFpEr4dtMwZab2yOvgsrp8i2wyzW
cZdUPCghYsXJwAFWgX95KGjYUxX/wjPEGIbOlvrOT8TvWepCs3vfI1pJ2HQb3NYn
8zn27emdRRbCJ/cByF3D29mglGLeIND6i/qSGVHh4eAKKb6hjwh/h6H57Y6NZro+
wJGPswAcuzG2mn7aympm5rpaHbwaNxN02xzUNKB/UQIk20jYK12WVkpGV5MDZqIs
RzfG/v0iuSNw4fR69kjGjRTOcBJuaKpJb3aQxPr9UmiWl567t1o=
=mVAv
-----END PGP SIGNATURE-----

Message #29 received at 864560-close@bugs.debian.org (full text, mbox, reply):

From: Andreas Metzler <ametzler@debian.org>

To: 864560-close@bugs.debian.org

Subject: Bug#864560: fixed in gnutls28 3.3.8-6+deb8u6

Date: Sat, 24 Jun 2017 21:18:12 +0000

Source: gnutls28
Source-Version: 3.3.8-6+deb8u6

We believe that the bug you reported is fixed in the latest version of
gnutls28, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864560@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Metzler <ametzler@debian.org> (supplier of updated gnutls28 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 16 Jun 2017 07:39:52 +0200
Source: gnutls28
Binary: libgnutls28-dev libgnutls-deb0-28 libgnutls28-dbg gnutls-bin gnutls-doc guile-gnutls libgnutlsxx28 libgnutls-openssl27
Architecture: all source
Version: 3.3.8-6+deb8u6
Distribution: jessie-security
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Closes: 864560
Description: 
 gnutls-bin - GNU TLS library - commandline utilities
 gnutls-doc - GNU TLS library - documentation and examples
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls28-dbg - GNU TLS library - debugger symbols
 libgnutls28-dev - GNU TLS library - development files
 libgnutls-deb0-28 - GNU TLS library - main runtime library
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutlsxx28 - GNU TLS library - C++ runtime library
Changes:
 gnutls28 (3.3.8-6+deb8u6) jessie-security; urgency=high
 .
   * 56_CVE-2017-7507_1-ext-status_request-ensure-response-IDs-are-pro.patch
     56_CVE-2017-7507_2-ext-status_request-Removed-the-parsing-of-resp.patch
     56_CVE-2017-7507_3-gnutls_ocsp_status_request_enable_client-docum.patch
     from upstream gnutls_3_3_x branch: Fix crash upon receiving
     well-formed status_request extension. GNUTLS-SA-2017-4/CVE-2017-7507
     Closes: #864560
Checksums-Sha1: 
 82abb49280d87d109de7be93d501296eb757cf9e 2958 gnutls28_3.3.8-6+deb8u6.dsc
 cbae63155970ee2b85cabf9a7b36cc0ddc09929c 105968 gnutls28_3.3.8-6+deb8u6.debian.tar.xz
 52a79bab603d13968b3e1af624bf269ac3961488 3628582 gnutls-doc_3.3.8-6+deb8u6_all.deb
Checksums-Sha256: 
 109f05884b2ff5c50766749986603083ed56e11ff98a51cd6a102baf906a2bef 2958 gnutls28_3.3.8-6+deb8u6.dsc
 67041552c37898eb50c009069ebad127b109bb035920918147b86b60dd7361f5 105968 gnutls28_3.3.8-6+deb8u6.debian.tar.xz
 6e399d6e857ac77402257cd530302046d0c89b707c2ae0e5f518ce3ae5062983 3628582 gnutls-doc_3.3.8-6+deb8u6_all.deb
Files: 
 3c5ce07f3e1fedaa33a87808ed1c181e 2958 libs optional gnutls28_3.3.8-6+deb8u6.dsc
 f4bb1e793efabf5381d75deb2ab5a925 105968 libs optional gnutls28_3.3.8-6+deb8u6.debian.tar.xz
 2f15f305e797c91e592e5389f07d2a0b 3628582 doc optional gnutls-doc_3.3.8-6+deb8u6_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAllDcdkACgkQpU8BhUOC
FIQigQ/+KMd4Mx4S13yn9Sv60Wx4WzLavZ21yAZLNdBr+Ydtn072S5Y6CoNtAc6R
xeWPGYgokLH/BT8CMdzHeMl8yOFh4pS2H6P2mOQ+Q+TXzUeRztpY6v+I7tjU2t/1
J7XT9rN7eOzmikdJI6KDPxSxGmVz99HPwSuSoAZ2VFWXQ2jRj9I6JoYtdMbv68xb
vKRVATq5vJ8jQOR10DcD8B5uY1cwcdELh+1cz6s3Eso1JGFPJsvycarcVzfVoYUw
NY5LD/TPKbc6ld5Kiq5jxmVpDNzXTMNZ6nTnUtbGcq5g7IwG38REmetk/M5Nk0WX
1locR84oXwOp6CQBm1X0XS/RqIBr7sW1JRt8zir+ltw5zubAUU4EisNBBu6yq5ap
Xg8QA0VVGHokOaOrzX8JIt/+uf8Bznyh/itgC54efXfQpcSUHDBWZqpPQWM51Ab+
Q9SBykbBGsTubeOQSgt/iHvSKAa5vGkPzs8w3xPKPkmFLGh8orxENtgPPMEBZVg0
IW+CVyYY9JlSGms9fsL0K0nO1zYdqV4o6i3yA2LFOiJe+G0XJMx7kj2wpb1bknlz
f9+LbhsPI1aGtM4nJ6lGzsGU/isCxCLHJD2TKmGJ6OwGchjMe2ZOiSxDJWiV1uva
jrfPpxyq+QWLzuDMVbNVzo2kkSFdRfWZOT0kvZfS2SG/GZjt240=
=Co8b
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.