Bugzilla – Bug 821818
VUL-0: CVE-2013-2116: GnuTLS: remote Denial of Service (app. crash)
Last modified: 2019-04-16 11:41:30 UTC
Embargoed until Wed May 29. =========================================================================== On Mon, 27 May 2013 09:29:27 +0200 Tomas Hoger wrote: > CVE-2013-2116 has been assigned to a GnuTLS issue. Details are not > planned to be made public before Wed May29. Mail me off-list if you > need more info. The issue was previously raised via this gnutls-devel mailing list post: http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6753 which does not mention all implications though. Client crash is noted, but affected code is used by the server code too, and allows easy remote server crash, at least on some architectures. You should only be affected if you've upgraded to 2.12.23 or backported Lucky13 fix that was applied to 2.x. No 3.x version should be affected. -- Tomas Hoger / Red Hat Security Response Team ===========================================================================
The SWAMPID for this issue is 52656. This issue was rated as important. Please submit fixed packages until 2013-06-03. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Affected (at the minimum): SLE10-SP-{3,4} + SLE11-SP-{1,2}. Not affected: SLE9-SP4.
Upstream commit that addresses this issue available from gitorious [1]. [1] https://gitorious.org/gnutls/gnutls/commit/5164d5
Matthias, Thanks for the info. I'm handling...
Hi, after updating, Segmentation fault still exists on sle10sp4, but not on sle11sp2. 1) sle10sp4 after: sles10sp4-x64:~ # /usr/bin/gnutls-cli sede.dgt.gob.es -p 443 Resolving 'sede.dgt.gob.es'... Connecting to '213.4.59.219:443'... Segmentation fault sles10sp4-x64:~ # rpm -q gnutls gnutls-1.2.10-13.34.3 2) sle11sp2 before: sles11sp2-x86-64:~ # /usr/bin/gnutls-cli sede.dgt.gob.es -p 443 Resolving 'sede.dgt.gob.es'... Connecting to '213.4.59.219:443'... Segmentation fault after: sles11sp2-x86-64:~ # /usr/bin/gnutls-cli sede.dgt.gob.es -p 443 Resolving 'sede.dgt.gob.es'... Connecting to '213.4.59.219:443'... *** Fatal error: Decryption has failed. *** Handshake has failed GNUTLS ERROR: Decryption has failed. sles11sp2-x86-64:~ # rpm -q gnutls gnutls-2.4.1-24.39.47.1
@Shukui, could you plz tell me the ip/usr/pw of your testing machine( sle10-sp4)? I'll check what was wrong there.
@Shukui, could you reject the gnutls SWAMP work-flow for SLE10, please. I will open a new work-flow for the new submission then.
Rejected for SLE10. can I approve it for SLE11?
Did you test the one I submit request for SLE-10-SP3 on June 14? It seems worked for me.
Please reject also the SLE10-SP3 work-flow. The submission from comment 17 lives in SLE-10-SP3. As there was no version update of gnutls within SLE-10-SP4 both repositories share the same code stream. In other words: SR#27261 will be used for SLE-10-SP3 and SLE-10-SP4. @Shawn: I think your submission was not yet handed over to QA. I'll start a new sub-work-flow now.
what about SLE11-SP2 work-flow? reject? approve? or just wait?
(In reply to comment #21) > > @Shawn: I think your submission was not yet handed over to QA. > I'll start a new sub-work-flow now. > @Alexander, got it!
@Shawn, are the changes from submission in comment 17 relevant for SLE11 SP1/2?
released, except for sle11 sp3.
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26, libgnutls26-32bit Products: SLE-SERVER 11-SP1-TERADATA (x86_64)
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26, libgnutls26-32bit, libgnutls26-x86 Products: SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP2 (i386, x86_64) SLE-SDK 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP2 (i386, x86_64)
Update released for: gnutls, gnutls-32bit, gnutls-debuginfo, gnutls-devel, gnutls-devel-32bit Products: SLE-SERVER 10-SP3-TERADATA (x86_64)
Update released for: gnutls, gnutls-32bit, gnutls-64bit, gnutls-debuginfo, gnutls-devel, gnutls-devel-32bit, gnutls-devel-64bit, gnutls-x86 Products: SLE-DEBUGINFO 10-SP4 (i386, ia64, ppc, s390x, x86_64) SLE-DESKTOP 10-SP4 (i386, x86_64) SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26, libgnutls26-32bit, libgnutls26-x86 Products: SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP3 (i386, x86_64) SLE-SDK 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP3 (i386, x86_64)
Update released for: gnutls, gnutls-debuginfo, gnutls-debugsource, libgnutls-devel, libgnutls-extra-devel, libgnutls-extra26, libgnutls26, libgnutls26-32bit, libgnutls26-x86 Products: SLE-DEBUGINFO 11-SP1 (i386, s390x, x86_64) SLE-SERVER 11-SP1-LTSS (i386, s390x, x86_64)
Update released for: gnutls, gnutls-32bit, gnutls-debuginfo, gnutls-devel, gnutls-devel-32bit, gnutls-x86 Products: SLE-DEBUGINFO 10-SP3 (i386, s390x, x86_64) SLE-SERVER 10-SP3-LTSS (i386, s390x, x86_64)
SUSE-SU-2014:0320-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (critical) Bug References: 536809,554084,659128,739898,753301,754223,802651,821818,865804,865993 CVE References: CVE-2009-5138,CVE-2011-4108,CVE-2012-0390,CVE-2012-1569,CVE-2012-1573,CVE-2013-0169,CVE-2013-1619,CVE-2013-2116,CVE-2014-0092 Sources used: SUSE Linux Enterprise Server 10 SP3 LTSS (src): gnutls-1.2.10-13.38.1
SUSE-SU-2014:0322-1: An update that solves four vulnerabilities and has two fixes is now available. Category: security (critical) Bug References: 760265,802651,821818,835760,865804,865993 CVE References: CVE-2009-5138,CVE-2013-1619,CVE-2013-2116,CVE-2014-0092 Sources used: SUSE Linux Enterprise Server 11 SP1 LTSS (src): gnutls-2.4.1-24.39.49.1