Bug 33281

Summary:	nss: Multiple issues (3.2)
Product:	UCS	Reporter:	Moritz Muehlenhoff <jmm>
Component:	Security updates	Assignee:	Arvid Requate <requate>
Status:	CLOSED FIXED	QA Contact:	Janek Walkenhorst <walkenhorst>
Severity:	normal
Priority:	P3	CC:	gohmann, requate
Version:	UCS 3.0	Flags:	requate: Patch_Available+
Target Milestone:	UCS 3.2-6-errata
Hardware:	Other
OS:	Linux
What kind of report is it?:	---	What type of bug is this?:	---
Who will be affected by this bug?:	---	How will those affected feel about the bug?:	---
User Pain:		Enterprise Customer affected?:
School Customer affected?:		ISV affected?:
Waiting Support:		Flags outvoted (downgraded) after PO Review:
Ticket number:		Bug group (optional):	Security
Max CVSS v3 score:

Description Moritz Muehlenhoff

2013-11-12 11:12:54 CET

+++ This bug was initially created as a clone of Bug #30634 +++

"Lucky 13" attack on TLS (CVE-2013-0169, CVE-2013-1620)

Comment 1 Moritz Muehlenhoff

2013-11-27 14:59:11 CET

Buffer overflow in parsing the cipher list (CVE-2013-5605)
Incomplete rejection of invalid certificates (CVE-2013-5606)
Denial of service in certificate parsing (CVE-2013-1741)

Comment 2 Moritz Muehlenhoff

2014-01-17 10:53:16 CET

Information disclosure in SSL handshake (CVE-2013-1740)

Comment 3 Moritz Muehlenhoff

2014-03-21 08:50:54 CET

Incorrect wildcard parsing in internationalised domain names (CVE-2014-1492)

Comment 4 Moritz Muehlenhoff

2014-05-02 13:13:05 CEST

(In reply to Moritz Muehlenhoff from comment #0)
> +++ This bug was initially created as a clone of Bug #30634 +++
> 
> "Lucky 13" attack on TLS (CVE-2013-0169, CVE-2013-1620)

This is only CVE-2013-1620, CVE-2013-0169 is for the general protocol and -1620 for the issue in NSS.

Comment 5 Moritz Muehlenhoff

2014-05-02 13:14:08 CEST

(In reply to Moritz Muehlenhoff from comment #2)
> Information disclosure in SSL handshake (CVE-2013-1740)

This is disabled in the NSS version in UCS 3.x, as such we won't update it.

Comment 6 Moritz Muehlenhoff

2014-05-02 13:19:44 CEST

CVE-2013-5605 was fixed with the update to Squeeze 6.0.9 (Bug 34588). As such only these issues remain open:

"Lucky 13" attack on TLS (CVE-2013-1620)
Buffer overflow in parsing the cipher list (CVE-2013-5605)
Denial of service in certificate parsing (CVE-2013-1741)
Incorrect wildcard parsing in internationalised domain names (CVE-2014-1492)

Comment 7 Moritz Muehlenhoff

2014-06-10 15:54:27 CEST

Race condition in libssl (CVE-2014-1490)
Insecure DH key exchange (CVE-2014-1491)

Comment 8 Moritz Muehlenhoff

2014-07-23 09:53:44 CEST

Use-after-free in certificate handling (CVE-2014-1544)

Comment 9 Moritz Muehlenhoff

2014-12-15 10:25:53 CET

Incorrect parsing of ASN.1 data can result in signature forgery (CVE-2014-1568)

Comment 10 Moritz Muehlenhoff

2014-12-16 15:13:17 CET

ASN.1 DER decoding of lengths is too permissive (CVE-2014-1569)

Comment 11 Arvid Requate

2015-05-06 19:06:06 CEST

Fixed in upstream Debian package version 3.12.8-1+squeeze11:

Denial of service in certificate parsing (CVE-2013-1741)
Buffer overflow in parsing the cipher list (CVE-2013-5605)
Incomplete rejection of invalid certificates (CVE-2013-5606)
Insecure DH key exchange (CVE-2014-1491)
Incorrect wildcard parsing in internationalised domain names (CVE-2014-1492)
Use-after-free in certificate handling (CVE-2014-1544)
Incorrect parsing of ASN.1 data can result in signature forgery (CVE-2014-1568)
ASN.1 DER decoding of lengths is too permissive (CVE-2014-1569)


Classified as "Minor issue" in Debian:
CVE-2013-0169 CVE-2013-1620
CVE-2013-1740 (false start disabled by default, needs to be enabled by clients)

Ignored by Debian:
CVE-2014-1490 (Too complex to backport)

Comment 12 Arvid Requate

2015-08-18 14:43:47 CEST

Already fixed in 3.12.8-1+squeeze7: CVE-2013-5605

Advisory: 2015-08-18-nss.yaml

Comment 13 Janek Walkenhorst

2015-08-19 18:41:41 CEST

Tests: OK
Advisory: OK

Comment 14 Janek Walkenhorst

2015-08-21 13:14:23 CEST

<http://errata.univention.de/ucs/3.2/361.html>