Ping

First of all, let me apologize for the lack of communication here.

Second, this bug is really problematic. See the upstream ticket for the discussion, but my conclusion is that there is really not proper solution for this, and especially that whatever solution there could be depends first on OpenSSL (M2Crypto is really just rather thin wrapper over it). What pyca did in https://github.com/pyca/cryptography/commit/58494b41d6ec seems to me like a window dressing at best (and they admit it themselves in the Changelog). So, either I can try to do the same in M2Crypto or this bug just go WONTFIX until proper solution is found.

Reassigning to the Security for further evaluation.

Oh, I forgot to add (damn, I would like bugzilla to have Edit button for comments even more than Twitter!), that of course, the solution proposed by pyca changes API of M2Crypto, which is highly problematic for the library which is mostly oriented on supporting legacy applications.

It seems that they tried to address it within OpenSSL but the issue is still open:

https://github.com/openssl/openssl/issues/13421

From what I can see the upstream doesn't have any proper solution and most of the distributions are still vulnerable.

@security-team, can you please help here? We should decide how to treat this situation where there is no reasonable solution and no upstream patch available. 

Thanks!

There is an opened PR for OpenSSL upstream [1] that changes the RSA_private_decrypt() API in a way that makes it no longer possible to mount a Bleichenbacher attack on the private key based on the errors reported by the API call.

According to the discussion in that PR, it looks promising and it's possible that it will be accepted to OpenSSL but I'm not sure if they accept this change to OpenSSL 1.1.1 as well as it's changing the API (even though there is disagreement on that between the PR author and OpenSSL upstream). So it's a question if this would be safe for us to backport or not.

I'm adding Jason to the CC.

[1] https://github.com/openssl/openssl/pull/13817

We have decided in the end to at least reimplement the cryptography solution, merged upstream and in Factory as https://build.opensuse.org/request/show/988816.

(In reply to Kristyna Streitova from comment #11)
> [1] https://github.com/openssl/openssl/pull/13817

Based on the private conversation with the upstream OpenSSL developer, he doesn’t know when and whether this PR will be ever merged, and it certainly won’t happen for any stable branch.

SUSE-SU-2022:2527-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1178829
CVE References: CVE-2020-25657
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python-M2Crypto-0.29.0-23.8.1
SUSE OpenStack Cloud 9 (src):    python-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    python-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12-SP5 (src):    python-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    python-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    python-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    python-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    python-M2Crypto-0.29.0-23.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2022:2532-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1178829
CVE References: CVE-2020-25657
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    python-M2Crypto-0.38.0-150400.3.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    python-M2Crypto-0.38.0-150400.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2022:2562-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1178829
CVE References: CVE-2020-25657
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    python-M2Crypto-0.35.2-150000.3.14.1
openSUSE Leap 15.3 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Manager Server 4.1 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Manager Retail Branch Server 4.1 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Manager Proxy 4.1 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server for SAP 15 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Server 15-LTSS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Module for Python2 15-SP3 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Module for Public Cloud 15 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Micro 5.2 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise Micro 5.1 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Enterprise Storage 7 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE Enterprise Storage 6 (src):    python-M2Crypto-0.35.2-150000.3.14.1
SUSE CaaS Platform 4.0 (src):    python-M2Crypto-0.35.2-150000.3.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

This is an autogenerated message for OBS integration:
This bug (1178829) was mentioned in
https://build.opensuse.org/request/show/992616 Factory / python-M2Crypto

SUSE-SU-2022:2691-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1178829
CVE References: CVE-2020-25657
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    python-M2Crypto-0.38.0-150400.3.6.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    python-M2Crypto-0.38.0-150400.3.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

openSUSE-SU-2022:2562-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1178829
CVE References: CVE-2020-25657
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    python-M2Crypto-0.35.2-150000.3.14.1

All done, closing.