[Bug 1166634] Re: gnutls26 crashes on particularly malformed crypt stream
Marc Deslauriers
marc.deslauriers at canonical.com
Fri Apr 12 21:57:41 UTC 2013
Upstream's 2.12 tree does have the i <= pad though:
https://gitorious.org/gnutls/gnutls/blobs/gnutls_2_12_x/lib/gnutls_cipher.c
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1166634
Title:
gnutls26 crashes on particularly malformed crypt stream
Status in “gnutls26” package in Ubuntu:
New
Bug description:
The patch for CVE-2013-1619 has a bug. It fails to do proper range
protection. The attached patch may not be correct insofar as
reintroducing a timing exposure; but it does stop the segfaults, which
are perhaps more problematic.
This is a security issue becuase crashes in libgnutls are inherently
security issues.
I triggered this by trying to access https URLs via an "all_proxy" in
libcurl-gnutls.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1166634/+subscriptions
More information about the foundations-bugs
mailing list