[SECURITY] [DLA 602-1] gnupg security and hardening update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 602-1] gnupg security and hardening update
From: Ola Lundqvist <ola@inguza.com>
Date: Mon, 29 Aug 2016 22:25:52 +0200
Message-id: <[🔎] 20160829202552.GA1568@inguza.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : gnupg
Version        : 1.4.12-7+deb7u8
CVE ID         : CVE-2016-6313
Debian Bug     : 834893


CVE-2016-6313

    Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of
    Technology discovered a flaw in the mixing functions of GnuPG's
    random number generator. An attacker who obtains 4640 bits from the RNG
    can trivially predict the next 160 bits of output.

    A first analysis on the impact of this bug for GnuPG shows that
    existing RSA keys are not weakened. For DSA and Elgamal keys it is also
    unlikely that the private key can be predicted from other public
    information.

Bypassing GnuPG key checking:

    Weaknesses have been found in GnuPG signature validation that
    attackers could exploit thanks to especially forged public keys and
    under specific hardware-software conditions. While the underlying
    problem cannot be solved only by software, GnuPG has been
    strengthened, avoiding to rely on keyring signature caches when
    verifying keys. Potential specific attacks are not valid any more
    with the patch of GnuPG


Bypassing GnuPG key checking:

    Vrije Universiteit Amsterdam and Katholieke Universteit Leuven
    researchers discovered an attack method, known as Flip Feng Shui,
    that concerns flaws in GnuPG. Researchers found that under specific
    hardware-software conditions, attackers could bypass the GnuPG
    signature validation by using forged public keys. While the
    underlying problem cannot be solved only by software, GnuPG has been
    made more robust to avoid relying on keyring signature caches when
    verifying keys.


For Debian 7 "Wheezy", these issues have been addressed in version
1.4.12-7+deb7u8.

We recommend that you upgrade your gnupg packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJXxJpQAAoJEF6Q3PqUJodvlj8P/0Zr1mgqt3dSLl9UMDziu/ui
sIuiZjI06MD4A9hH80GP84T4dRGFn8TO9JsvPzuQoNVBcvXJbG1KPa+L7To/HJzl
ip3mFDn8xihgs6NMh0tSD+NZFcfM2v17LFa2y4OhTmkCW9JGOYuP1n6TCp0pi6kF
yhGw8DrA0tjiebkmeDWa3sWUqeiqV/U8nRP9yCLI2Ym5sHE7OOI9W3Hi5Ifr8f17
bs8N4fxqWWM/EOaERECWnbcVEEde9DhWaqRWIvYYCLTJFKLRayFro0CJZiEwjI3/
pkaWWbyV3pYkwTqqc39jbbLbY2dGR+A3t5vRhzgMniCtwQZIPqj/ZhOK3u2KN/Sp
j2ONWBRDMyc6gGkA7TugwJKWzV1mv7D+F8ZBAiqT1Uyd4eYL8/jDOZQheqsoE5KR
wdiyXNoHd5ZqlEo5EBDBZ1r4Vi6EzJFBvaZ0Bsk13hC/qLtBtUzmcD3OrZmxKenp
aBLAXo9G5xD0k4HgXs7LXNzb5UIIBsBwAxvwCVUHhuFVQheemy7kX/QfMgKnUkNK
QidPT8bhwoibMIkLEn7xlYaRGXskU4FsCr7VVdR+FCBzRzZTika1WB9Q3Q7ZaOAT
Qjedp0z8yk8JkUqxbaVnU1VsyoMUJB6llGumxDEVhv7t7P/fWWRrf/SGvKTs4Ksk
rH+c9thjjiHXwV2/NEid
=vIdw
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 605-1] eog security update
Next by Date: [SECURITY] [DLA 606-1] tiff security update
Previous by thread: [SECURITY] [DLA 605-1] eog security update
Next by thread: [SECURITY] [DLA 606-1] tiff security update
Index(es):
- Date
- Thread