2012-06-14 11:37:42 |
Jamie Strandboge |
bug |
|
|
added bug |
2012-06-14 11:37:42 |
Jamie Strandboge |
attachment added |
|
sec1.bin https://bugs.launchpad.net/bugs/1013128/+attachment/3189152/+files/sec1.bin |
|
2012-06-14 11:45:49 |
Jamie Strandboge |
bug |
|
|
added subscriber Michael Vogt |
2012-06-14 11:45:58 |
Jamie Strandboge |
apt (Ubuntu): importance |
Undecided |
High |
|
2012-06-14 14:20:43 |
Michael Vogt |
attachment added |
|
bzr bundle with the fix from Marc Deslauriers and test https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013128/+attachment/3189399/+files/bzr-bundle-fix-with-test.diff |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Natty |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
bug task added |
|
apt (Ubuntu Natty) |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Lucid |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
bug task added |
|
apt (Ubuntu Lucid) |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Hardy |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
bug task added |
|
apt (Ubuntu Hardy) |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Oneiric |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
bug task added |
|
apt (Ubuntu Oneiric) |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Precise |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
bug task added |
|
apt (Ubuntu Precise) |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Quantal |
|
2012-06-14 15:50:28 |
Jamie Strandboge |
bug task added |
|
apt (Ubuntu Quantal) |
|
2012-06-14 15:51:09 |
Jamie Strandboge |
apt (Ubuntu Lucid): status |
New |
In Progress |
|
2012-06-14 15:51:10 |
Jamie Strandboge |
apt (Ubuntu Lucid): importance |
Undecided |
High |
|
2012-06-14 15:51:10 |
Jamie Strandboge |
apt (Ubuntu Lucid): assignee |
|
Jamie Strandboge (jdstrand) |
|
2012-06-14 15:51:11 |
Jamie Strandboge |
apt (Ubuntu Natty): status |
New |
In Progress |
|
2012-06-14 15:51:12 |
Jamie Strandboge |
apt (Ubuntu Natty): importance |
Undecided |
High |
|
2012-06-14 15:51:12 |
Jamie Strandboge |
apt (Ubuntu Natty): assignee |
|
Jamie Strandboge (jdstrand) |
|
2012-06-14 15:51:13 |
Jamie Strandboge |
apt (Ubuntu Oneiric): status |
New |
In Progress |
|
2012-06-14 15:51:14 |
Jamie Strandboge |
apt (Ubuntu Oneiric): importance |
Undecided |
High |
|
2012-06-14 15:51:15 |
Jamie Strandboge |
apt (Ubuntu Oneiric): assignee |
|
Jamie Strandboge (jdstrand) |
|
2012-06-14 15:51:16 |
Jamie Strandboge |
apt (Ubuntu Precise): status |
New |
In Progress |
|
2012-06-14 15:51:16 |
Jamie Strandboge |
apt (Ubuntu Precise): importance |
Undecided |
High |
|
2012-06-14 15:51:17 |
Jamie Strandboge |
apt (Ubuntu Precise): assignee |
|
Jamie Strandboge (jdstrand) |
|
2012-06-14 15:51:18 |
Jamie Strandboge |
apt (Ubuntu Quantal): status |
New |
In Progress |
|
2012-06-14 15:51:19 |
Jamie Strandboge |
apt (Ubuntu Quantal): assignee |
Michael Vogt (mvo) |
Jamie Strandboge (jdstrand) |
|
2012-06-14 15:51:20 |
Jamie Strandboge |
apt (Ubuntu Hardy): status |
New |
In Progress |
|
2012-06-14 15:51:21 |
Jamie Strandboge |
apt (Ubuntu Hardy): importance |
Undecided |
High |
|
2012-06-14 15:51:22 |
Jamie Strandboge |
apt (Ubuntu Hardy): assignee |
|
Jamie Strandboge (jdstrand) |
|
2012-06-14 15:52:53 |
Jamie Strandboge |
description |
Georgi Guninski reported on http://seclists.org/fulldisclosure/2012/Jun/267:
"While wasting my time with apt-key noticed strange behaviour with
colliding subkeys.
Out of paranoia ubuntu disallows importing certain trusted keyids.
This is trivial to circumvent by making a collision with subkey.
Attached is a key with subkey keyid colliding with
Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>.
By emulating apt-key netupdate, noticed that the order of the keyrings
is important. If the master keyring is first, the colliding key with
correct signature fails validation (probably because the other key is used).
If the colliding keyring is first, everything is ok (modulo reporting wrong
signer).
Probably this may lead to gpg abuse.
colliding first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring /tmp/sec1
--keyring /usr/share/keyrings/ubuntu-master-keyring.gpg --check-sigs
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid fuck31 (f) <f () f>
sig!3 76A4410F 2012-06-13 fuck31 (f) <f () f>
sig! 3F272F5B 2012-06-13 fuck31 (f) <f () f>
sig! 3F272F5B 2012-06-13 fuck31 (f) <f () f>
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 fuck31 (f) <f () f>
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 fuck31 (f) <f () f>
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 fuck31 (f) <f () f> #wrong
1 signature not checked due to a missing key
master first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring
/usr/share/keyrings/ubuntu-master-keyring.gpg --keyring /tmp/sec1 --check-sigs
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid fuck31 (f) <f () f>
sig!3 76A4410F 2012-06-13 [User ID not found]
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
2 bad signatures
1 signature not checked due to a missing key" |
Georgi Guninski reported on http://seclists.org/fulldisclosure/2012/Jun/267 (slightly modified for language):
"While wasting my time with apt-key noticed strange behaviour with
colliding subkeys.
Out of paranoia ubuntu disallows importing certain trusted keyids.
This is trivial to circumvent by making a collision with subkey.
Attached is a key with subkey keyid colliding with
Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>.
By emulating apt-key netupdate, noticed that the order of the keyrings
is important. If the master keyring is first, the colliding key with
correct signature fails validation (probably because the other key is used).
If the colliding keyring is first, everything is ok (modulo reporting wrong
signer).
Probably this may lead to gpg abuse.
colliding first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring /tmp/sec1
--keyring /usr/share/keyrings/ubuntu-master-keyring.gpg --check-sigs
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid f...31 (f) <f () f>
sig!3 76A4410F 2012-06-13 f...31 (f) <f () f>
sig! 3F272F5B 2012-06-13 f...31 (f) <f () f>
sig! 3F272F5B 2012-06-13 f...31 (f) <f () f>
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 f...31 (f) <f () f>
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 f...31 (f) <f () f>
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 fuck31 (f) <f () f> #wrong
1 signature not checked due to a missing key
master first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring
/usr/share/keyrings/ubuntu-master-keyring.gpg --keyring /tmp/sec1 --check-sigs
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid f...31 (f) <f () f>
sig!3 76A4410F 2012-06-13 [User ID not found]
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
2 bad signatures
1 signature not checked due to a missing key" |
|
2012-06-14 15:53:22 |
Jamie Strandboge |
description |
Georgi Guninski reported on http://seclists.org/fulldisclosure/2012/Jun/267 (slightly modified for language):
"While wasting my time with apt-key noticed strange behaviour with
colliding subkeys.
Out of paranoia ubuntu disallows importing certain trusted keyids.
This is trivial to circumvent by making a collision with subkey.
Attached is a key with subkey keyid colliding with
Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>.
By emulating apt-key netupdate, noticed that the order of the keyrings
is important. If the master keyring is first, the colliding key with
correct signature fails validation (probably because the other key is used).
If the colliding keyring is first, everything is ok (modulo reporting wrong
signer).
Probably this may lead to gpg abuse.
colliding first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring /tmp/sec1
--keyring /usr/share/keyrings/ubuntu-master-keyring.gpg --check-sigs
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid f...31 (f) <f () f>
sig!3 76A4410F 2012-06-13 f...31 (f) <f () f>
sig! 3F272F5B 2012-06-13 f...31 (f) <f () f>
sig! 3F272F5B 2012-06-13 f...31 (f) <f () f>
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 f...31 (f) <f () f>
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 f...31 (f) <f () f>
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 fuck31 (f) <f () f> #wrong
1 signature not checked due to a missing key
master first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring
/usr/share/keyrings/ubuntu-master-keyring.gpg --keyring /tmp/sec1 --check-sigs
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid f...31 (f) <f () f>
sig!3 76A4410F 2012-06-13 [User ID not found]
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
2 bad signatures
1 signature not checked due to a missing key" |
Georgi Guninski reported on http://seclists.org/fulldisclosure/2012/Jun/267 (slightly modified for language):
"While wasting my time with apt-key noticed strange behaviour with
colliding subkeys.
Out of paranoia ubuntu disallows importing certain trusted keyids.
This is trivial to circumvent by making a collision with subkey.
Attached is a key with subkey keyid colliding with
Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>.
By emulating apt-key netupdate, noticed that the order of the keyrings
is important. If the master keyring is first, the colliding key with
correct signature fails validation (probably because the other key is used).
If the colliding keyring is first, everything is ok (modulo reporting wrong
signer).
Probably this may lead to gpg abuse.
colliding first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring /tmp/sec1
--keyring /usr/share/keyrings/ubuntu-master-keyring.gpg --check-sigs
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid f...31 (f) <f () f>
sig!3 76A4410F 2012-06-13 f...31 (f) <f () f>
sig! 3F272F5B 2012-06-13 f...31 (f) <f () f>
sig! 3F272F5B 2012-06-13 f...31 (f) <f () f>
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 f...31 (f) <f () f>
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 f...31 (f) <f () f>
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 f...31 (f) <f () f> #wrong
1 signature not checked due to a missing key
master first:
$gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring
/usr/share/keyrings/ubuntu-master-keyring.gpg --keyring /tmp/sec1 --check-sigs
/usr/share/keyrings/ubuntu-master-keyring.gpg
---------------------------------------------
pub 4096R/3F272F5B 2007-11-09
uid Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
sig!3 3F272F5B 2007-11-09 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com>
/tmp/sec1
---------
pub 1024R/76A4410F 2012-06-13
uid f...31 (f) <f () f>
sig!3 76A4410F 2012-06-13 [User ID not found]
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sig- 3F272F5B 2012-06-13 Ubuntu Archive Master Signing Key <ftpmaster () ubuntu com> # wrong, signer is a
subkey of f () f
sub 1024R/2376C859 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
sub 2180R/3F272F5B 2012-06-13
sig! 76A4410F 2012-06-13 [User ID not found]
2 bad signatures
1 signature not checked due to a missing key" |
|
2012-06-14 17:55:07 |
Jamie Strandboge |
apt (Ubuntu Lucid): status |
In Progress |
Fix Committed |
|
2012-06-14 17:55:07 |
Jamie Strandboge |
apt (Ubuntu Natty): status |
In Progress |
Fix Committed |
|
2012-06-14 17:55:08 |
Jamie Strandboge |
apt (Ubuntu Oneiric): status |
In Progress |
Fix Committed |
|
2012-06-14 17:55:09 |
Jamie Strandboge |
apt (Ubuntu Precise): status |
In Progress |
Fix Committed |
|
2012-06-14 17:55:10 |
Jamie Strandboge |
apt (Ubuntu Quantal): status |
In Progress |
Fix Committed |
|
2012-06-14 17:55:11 |
Jamie Strandboge |
apt (Ubuntu Hardy): status |
In Progress |
Fix Committed |
|
2012-06-14 22:22:21 |
Jamie Strandboge |
visibility |
private |
public |
|
2012-06-14 22:36:33 |
Launchpad Janitor |
apt (Ubuntu Quantal): status |
Fix Committed |
Fix Released |
|
2012-06-14 22:36:33 |
Launchpad Janitor |
apt (Ubuntu Precise): status |
Fix Committed |
Fix Released |
|
2012-06-14 23:18:17 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/precise-security/apt |
|
2012-06-14 23:18:22 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/apt |
|
2012-06-15 02:38:25 |
Launchpad Janitor |
apt (Ubuntu Oneiric): status |
Fix Committed |
Fix Released |
|
2012-06-15 02:38:25 |
Launchpad Janitor |
apt (Ubuntu Natty): status |
Fix Committed |
Fix Released |
|
2012-06-15 02:38:25 |
Launchpad Janitor |
apt (Ubuntu Lucid): status |
Fix Committed |
Fix Released |
|
2012-06-15 02:38:25 |
Launchpad Janitor |
apt (Ubuntu Hardy): status |
Fix Committed |
Fix Released |
|
2012-06-15 02:51:17 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/lucid-security/apt |
|
2012-06-15 02:51:19 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/natty-security/apt |
|
2012-06-15 02:51:20 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/hardy-security/apt |
|
2012-06-15 02:51:23 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/oneiric-security/apt |
|
2012-06-15 03:05:04 |
Jamie Strandboge |
bug watch added |
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677587 |
|
2012-06-15 03:05:04 |
Jamie Strandboge |
bug task added |
|
apt (Debian) |
|
2012-06-15 03:22:35 |
Bug Watch Updater |
apt (Debian): status |
Unknown |
New |
|
2012-06-15 05:53:49 |
georgi |
bug |
|
|
added subscriber georgi |
2014-02-15 16:33:52 |
Bug Watch Updater |
apt (Debian): status |
New |
Fix Released |
|