[Bug 1893924] Re: memory leak in GnuTLS iov operations used by Samba

Launchpad Bug Tracker 1893924 at bugs.launchpad.net
Mon Sep 28 18:18:41 UTC 2020 

This bug was fixed in the package gnutls28 - 3.6.15-4ubuntu2

---------------
gnutls28 (3.6.15-4ubuntu2) groovy; urgency=low

  * Merge from Debian unstable LP: #1893924.  Remaining changes:
    - Enable CET.
    - Set default priority string to only allow TLS1.2, DTLS1.2, and
    TLS1.3 with medium security profile (2048 RSA keys minimum, and
    similar).
  * Add patch to fix ftbfs gnulib with new glibc.

gnutls28 (3.6.15-4) unstable; urgency=medium

  * autopkgtest: Require build-essential.
  * autopkgtest: respect dpkg-buildflags for helper-binary build.

gnutls28 (3.6.15-3) unstable; urgency=medium

  * More autopkgtest hotfixes.

gnutls28 (3.6.15-2) unstable; urgency=medium

  * 50_autopkgtestfixes.diff: Fix testsuite issues when running against
    installed gnutls-bin.
  * In autopkgtest set top_builddir and builddir, ignore
    tests/cert-tests/tolerate-invalid-time and tests/gnutls-cli-debug.sh.

gnutls28 (3.6.15-1) unstable; urgency=low

  * New upstream version.
    + Fixes NULL pointer dereference if a no_renegotiation alert is sent with
      unexpected timing. CVE-2020-24659 / GNUTLS-SA-2020-09-04
      Closes: #969547
    + Drop 50_01-serv-omit-upper-bound-of-maxearlydata-option-definit.patch
      50_02-gnutls_aead_cipher_init-fix-potential-memleak.patch
      50_03-gnutls_cipher_init-fix-potential-memleak.patch
      50_04-crypto-api-always-allocate-memory-when-serializing-i.patch
    + Fix build error due to outdated gettext in Debian by removing newer
      gettext m4 macros from m4/.

gnutls28 (3.6.14-2) unstable; urgency=medium

  * Pull selected patches from upstream GIT:
    + 50_01-serv-omit-upper-bound-of-maxearlydata-option-definit.patch:
      Fixes difference in generated docs on 32 and 64 bit archs.
    + 50_02-gnutls_aead_cipher_init-fix-potential-memleak.patch
      50_03-gnutls_cipher_init-fix-potential-memleak.patch
      Fix memleak in gnutls_aead_cipher_init() with keys having invalid
      length. (Broken since 3.6.3)
    + 50_04-crypto-api-always-allocate-memory-when-serializing-i.patch
      Closes: #962467

gnutls28 (3.6.14-1) unstable; urgency=high

  * Drop debugging code added in -4, fixes nocheck profile build error.
    Closes: #962199
  * Add Daiki Ueno 462225C3B46F34879FC8496CD605848ED7E69871 key to
    debian/upstream/signing-key.asc.
  * New upstream version.
    + Fixes insecure session ticket key construction.
      [GNUTLS-SA-2020-06-03, CVE-2020-13777] Closes: #962289
    + Drop 50_Update-session_ticket.c-to-add-support-for-zero-leng.patch
      51_01-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch
      51_02-x509-trigger-fallback-verification-path-when-cert-is.patch
      51_03-tests-add-test-case-for-certificate-chain-supersedin.patch
  * Drop guile-gnutls.lintian-overrides.
  * 40_fix_ipv6only_testsuite_AI_ADDRCONFIG.diff: In gnutls-serv do not pass
    AI_ADDRCONFIG to getaddrinfo. This broke the testsuite on systems without
    IPv4 on non-loopback addresses. (Thanks, Adrian Bunk and Julien Cristau!)
    Hopefully Closes: #962218

 -- Dimitri John Ledkov <xnox at ubuntu.com>  Thu, 24 Sep 2020 12:03:44
+0100

** Changed in: gnutls28 (Ubuntu Groovy)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-13777

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-24659

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1893924

Title:
  memory leak in GnuTLS iov operations used by Samba

Status in Gnutls:
  Unknown
Status in gnutls28 package in Ubuntu:
  Fix Released
Status in gnutls28 source package in Groovy:
  Fix Released
Status in gnutls28 package in Debian:
  Unknown

Bug description:
  GnuTLS 3.6.10 and later, such as the version in Ubuntu 20.04 has
  3.6.13 and needs a patch for  otherwise Samba 4.12 and later (when
  installed by an administrator) leaks memory when used by a MacOS
  client:

  See https://bugzilla.samba.org/show_bug.cgi?id=14399 and
  https://gitlab.com/gnutls/gnutls/-/merge_requests/1278

  I can't see the patch to address this issues in the 3.6.13-2ubuntu1.2
  patches.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnutls/+bug/1893924/+subscriptions

More information about the foundations-bugs mailing list