gnutls vulnerable to CVE-2009-2730

Bug #413136 reported by Tim Kosse on 2009-08-13
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gnutls12 (Ubuntu)
Undecided
Unassigned
Dapper
Undecided
Jamie Strandboge
Hardy
Undecided
Unassigned
Intrepid
Undecided
Unassigned
Jaunty
Undecided
Unassigned
Karmic
Undecided
Unassigned
gnutls13 (Ubuntu)
Undecided
Unassigned
Dapper
Undecided
Unassigned
Hardy
Undecided
Jamie Strandboge
Intrepid
Undecided
Unassigned
Jaunty
Undecided
Unassigned
Karmic
Undecided
Unassigned
gnutls26 (Ubuntu)
Undecided
Jamie Strandboge
Dapper
Undecided
Unassigned
Hardy
Undecided
Unassigned
Intrepid
Undecided
Jamie Strandboge
Jaunty
Undecided
Jamie Strandboge
Karmic
Undecided
Jamie Strandboge

Bug Description

GnuTLS 2.8.3 fixes a security vulnerability, see CVE-2009-2730

Release notes at http://article.gmane.org/gmane.network.gnutls.general/1733 and http://article.gmane.org/gmane.network.gnutls.general/1743

Tim Kosse (tim-kosse) on 2009-08-13
visibility: private → public
summary: - Upgrade to GnuTLS 2.8.3
+ gnutls vulnerable to CVE-2009-2730
Changed in gnutls26 (Ubuntu Intrepid):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls26 (Ubuntu Jaunty):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls26 (Ubuntu Karmic):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.6.6-1ubuntu1

---------------
gnutls26 (2.6.6-1ubuntu1) karmic; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/16_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 09:55:54 -0500

Changed in gnutls26 (Ubuntu Karmic):
status: In Progress → Fix Released
Changed in gnutls12 (Ubuntu Hardy):
status: New → Invalid
Changed in gnutls12 (Ubuntu Intrepid):
status: New → Invalid
Changed in gnutls12 (Ubuntu Jaunty):
status: New → Invalid
Changed in gnutls12 (Ubuntu Karmic):
status: New → Invalid
Changed in gnutls13 (Ubuntu Dapper):
status: New → Invalid
Changed in gnutls13 (Ubuntu Intrepid):
status: New → Invalid
Changed in gnutls13 (Ubuntu Jaunty):
status: New → Invalid
Changed in gnutls13 (Ubuntu Karmic):
status: New → Invalid
Changed in gnutls26 (Ubuntu Dapper):
status: New → Invalid
Changed in gnutls26 (Ubuntu Hardy):
status: New → Invalid
Changed in gnutls13 (Ubuntu Hardy):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls12 (Ubuntu Dapper):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls26 (Ubuntu Intrepid):
status: In Progress → Fix Committed
Changed in gnutls26 (Ubuntu Jaunty):
status: In Progress → Fix Committed
Changed in gnutls13 (Ubuntu Hardy):
status: In Progress → Fix Committed
Changed in gnutls12 (Ubuntu Dapper):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.4.2-6ubuntu0.1

---------------
gnutls26 (2.4.2-6ubuntu0.1) jaunty-security; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/26_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 14:01:09 -0500

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.4.1-1ubuntu0.4

---------------
gnutls26 (2.4.1-1ubuntu0.4) intrepid-security; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/21_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 14:03:56 -0500

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls13 - 2.0.4-1ubuntu2.6

---------------
gnutls13 (2.0.4-1ubuntu2.6) hardy-security; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/91_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0.
      This fixed required updating _gnutls_hostname_compare() in
      lib/x509/rfc2818_hostname.c to support wide wildcard hostname matching.
      This is a backward compatible change and which only adds additional
      matching of hostnames.
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 14:57:08 -0500

Changed in gnutls13 (Ubuntu Hardy):
status: Fix Committed → Fix Released
Changed in gnutls26 (Ubuntu Intrepid):
status: Fix Committed → Fix Released
Changed in gnutls26 (Ubuntu Jaunty):
status: Fix Committed → Fix Released
Jamie Strandboge (jdstrand) wrote :
Changed in gnutls12 (Ubuntu Dapper):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers