GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GnuPG |
Fix Released
|
Unknown
|
|||
gnupg (Debian) |
Fix Released
|
Unknown
|
|||
gnupg (Ubuntu) |
Undecided
|
Unassigned | |||
Lucid |
Wishlist
|
Marc Deslauriers | |||
Precise |
Wishlist
|
Marc Deslauriers | |||
Trusty |
Wishlist
|
Marc Deslauriers | |||
Utopic |
Wishlist
|
Marc Deslauriers | |||
Vivid |
Undecided
|
Unassigned | |||
gnupg2 (Ubuntu) |
Undecided
|
Unassigned | |||
Lucid |
Wishlist
|
Marc Deslauriers | |||
Precise |
Wishlist
|
Marc Deslauriers | |||
Trusty |
Wishlist
|
Marc Deslauriers | |||
Utopic |
Undecided
|
Unassigned | |||
Vivid |
Undecided
|
Unassigned |
Bug Description
The patch from http://
This leaves 12.04 users of GPG2 vulnerable to MITM attacks on gpg2 --recv-keys. See https:/
Marc Deslauriers (mdeslaur) wrote : | #1 |
information type: | Private Security → Public Security |
Changed in gnupg2 (Ubuntu Utopic): | |
status: | New → Fix Released |
Changed in gnupg2 (Ubuntu Vivid): | |
status: | New → Fix Released |
Changed in gnupg (Ubuntu Vivid): | |
status: | New → Fix Released |
Changed in gnupg (Ubuntu Lucid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in gnupg (Ubuntu Precise): | |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in gnupg (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in gnupg (Ubuntu Utopic): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in gnupg2 (Ubuntu Lucid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in gnupg2 (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in gnupg2 (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
devd (dbun6u) wrote : | #2 |
gpg is commonly used for verifying signatures before installing packages and is how you would get packages from Launchpad too, right? forgive me, but maybe wishlist is too low a importance? Obviously, your call and I am not experienced with the project here, but I really think this should be backported soon.
Marc Deslauriers (mdeslaur) wrote : | #3 |
apt-add-repository validates that the key that was downloaded is the right one before importing it, it doesn't blindly trust the key that gpg downloaded from the keyserver.
This is wishlist simply because it's security hardening. I will include it in the next gnupg security upload.
devd (dbun6u) wrote : | #4 |
aah makes sense. thanks.
Changed in gnupg: | |
status: | Unknown → Fix Released |
Changed in gnupg (Debian): | |
status: | Unknown → Fix Released |
Launchpad Janitor (janitor) wrote : | #5 |
This bug was fixed in the package gnupg - 1.4.16-1.2ubuntu1.2
---------------
gnupg (1.4.16-
* Screen responses from keyservers (LP: #1409117)
- d/p/0001-
- d/p/0002-
- d/p/0003-
- d/p/0004-
* Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
- d/p/Add-
- debian/rules: build with --enable-
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/
cipher/
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/
include/
- CVE-2015-0837
* SECURITY UPDATE: invalid memory read via invalid keyring
- debian/
a keyring in g10/keyring.c.
- CVE-2015-1606
* SECURITY UPDATE: memcpy with overlapping ranges
- debian/
buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
g10/
g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
g10/
- CVE-2015-1607
-- Marc Deslauriers <email address hidden> Fri, 27 Mar 2015 08:21:50 -0400
Changed in gnupg (Ubuntu Utopic): | |
status: | Confirmed → Fix Released |
Launchpad Janitor (janitor) wrote : | #6 |
This bug was fixed in the package gnupg - 1.4.16-1ubuntu2.3
---------------
gnupg (1.4.16-1ubuntu2.3) trusty-security; urgency=medium
* Screen responses from keyservers (LP: #1409117)
- d/p/0001-
- d/p/0002-
- d/p/0003-
- d/p/0004-
* Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
- d/p/Add-
- debian/rules: build with --enable-
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/
cipher/
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/
include/
- CVE-2015-0837
* SECURITY UPDATE: invalid memory read via invalid keyring
- debian/
a keyring in g10/keyring.c.
- CVE-2015-1606
* SECURITY UPDATE: memcpy with overlapping ranges
- debian/
buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
g10/
g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
g10/
- CVE-2015-1607
-- Marc Deslauriers <email address hidden> Fri, 27 Mar 2015 08:22:48 -0400
Changed in gnupg (Ubuntu Trusty): | |
status: | Confirmed → Fix Released |
Launchpad Janitor (janitor) wrote : | #7 |
This bug was fixed in the package gnupg2 - 2.0.22-3ubuntu1.3
---------------
gnupg2 (2.0.22-3ubuntu1.3) trusty-security; urgency=medium
* Screen responses from keyservers (LP: #1409117)
- d/p/0001-
- d/p/0002-
- d/p/0003-
- d/p/0004-
* Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
- d/p/Add-
- debian/rules: build with --enable-
* SECURITY UPDATE: invalid memory read via invalid keyring
- debian/
a keyring in g10/keyring.c.
- CVE-2015-1606
* SECURITY UPDATE: memcpy with overlapping ranges
- debian/
buffer data to scalars in common/iobuf.c, g10/build-packet.c,
g10/getkey.c, g10/keyid.c, g10/main.h, g10/misc.c,
g10/
kbx/
kbx/
scd/
- CVE-2015-1607
-- Marc Deslauriers <email address hidden> Fri, 27 Mar 2015 08:18:55 -0400
Changed in gnupg2 (Ubuntu Trusty): | |
status: | Confirmed → Fix Released |
Launchpad Janitor (janitor) wrote : | #8 |
This bug was fixed in the package gnupg - 1.4.11-3ubuntu2.9
---------------
gnupg (1.4.11-3ubuntu2.9) precise-security; urgency=medium
* Screen responses from keyservers (LP: #1409117)
- d/p/0001-
- d/p/0002-
- d/p/0003-
- d/p/0004-
* Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
- d/p/Add-
- debian/rules: build with --enable-
* SECURITY UPDATE: sidechannel attack on Elgamal
- debian/
cipher/
- CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
- debian/
include/
- CVE-2015-0837
* SECURITY UPDATE: invalid memory read via invalid keyring
- debian/
a keyring in g10/keyring.c.
- CVE-2015-1606
* SECURITY UPDATE: memcpy with overlapping ranges
- debian/
buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
g10/
g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
g10/
- CVE-2015-1607
-- Marc Deslauriers <email address hidden> Fri, 27 Mar 2015 08:24:00 -0400
Changed in gnupg (Ubuntu Precise): | |
status: | Confirmed → Fix Released |
Launchpad Janitor (janitor) wrote : | #9 |
This bug was fixed in the package gnupg2 - 2.0.17-
---------------
gnupg2 (2.0.17-
* Screen responses from keyservers (LP: #1409117)
- d/p/0001-
- d/p/0002-
- d/p/0003-
- d/p/0004-
* Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
- d/p/Add-
- debian/rules: build with --enable-
* SECURITY UPDATE: invalid memory read via invalid keyring
- debian/
a keyring in g10/keyring.c.
- CVE-2015-1606
* SECURITY UPDATE: memcpy with overlapping ranges
- debian/
buffer data to scalars in common/iobuf.c, g10/build-packet.c,
g10/getkey.c, g10/keygen.c, g10/keyid.c, g10/main.h, g10/misc.c,
g10/
kbx/
kbx/
scd/
- CVE-2015-1607
-- Marc Deslauriers <email address hidden> Fri, 27 Mar 2015 08:20:03 -0400
Changed in gnupg2 (Ubuntu Precise): | |
status: | Confirmed → Fix Released |
Marc Deslauriers (mdeslaur) wrote : | #10 |
Lucid is near end-of-life, we're not going to be fixing this.
Changed in gnupg (Ubuntu Lucid): | |
status: | Confirmed → Won't Fix |
Changed in gnupg2 (Ubuntu Lucid): | |
status: | Confirmed → Won't Fix |
Fixed in 2.0.24 and 1.4.17.