[Precise] gnutls26 is vulnerable to CVE-2012-1573

Bug #978661 reported by Tyler Hicks on 2012-04-11
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gnutls26 (Ubuntu)
Medium
Unassigned

Bug Description

Mitre's description of CVE-2012-1573:

---
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
---

I've updated the stable releases but need a sponsor if this is deemed urgent enough to make it into the Precise release.

More information can be found in the Ubuntu CVE Tracker:

http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-1573.html

Related branches

CVE References

Tyler Hicks (tyhicks) wrote :

This debdiff was tested in a local build. It passed the 'umt compare-log', 'umt compare-bin', and 'umt check' verifications and did not show any regressions with the tests in qa-regression-testing/scripts/test-gnutls.py.

visibility: private → public
Marc Deslauriers (mdeslaur) wrote :

ACK on the debdiff, uploaded to Precise.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.12.14-5ubuntu3

---------------
gnutls26 (2.12.14-5ubuntu3) precise; urgency=low

  * SECURITY UPDATE: Denial of service via crafted TLS record (LP: #978661)
    - debian/patches/CVE-2012-1573.patch: Validate the size of a
      GenericBlockCipher structure as it is processed. Based on upstream
      patch.
    - CVE-2012-1573
 -- Tyler Hicks <email address hidden> Wed, 11 Apr 2012 02:52:23 -0500

Changed in gnutls26 (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers