[Pkg-erlang-commits] r1986 - in erlang/branches/jessie/debian: . patches

sgolovan at alioth.debian.org sgolovan at alioth.debian.org
Thu Dec 7 08:10:13 UTC 2017 

Author: sgolovan
Date: 2017-12-07 08:10:13 +0000 (Thu, 07 Dec 2017)
New Revision: 1986

Added:
   erlang/branches/jessie/debian/patches/cve-2017-1000385.patch
Modified:
   erlang/branches/jessie/debian/changelog
   erlang/branches/jessie/debian/patches/series
Log:
[erlang-jessie]
  * Applied a patch from the upstream which fixes CVE-2017-1000385
    vulnerability (TLS server vunlerable to Adaptive Chosen Ciphertext attack
    allowing plaintext recovery ot MITM attack).


Modified: erlang/branches/jessie/debian/changelog
===================================================================
--- erlang/branches/jessie/debian/changelog	2017-12-07 08:07:59 UTC (rev 1985)
+++ erlang/branches/jessie/debian/changelog	2017-12-07 08:10:13 UTC (rev 1986)
@@ -1,8 +1,10 @@
-erlang (1:17.3-dfsg-4+deb8u2) UNRELEASED; urgency=medium
+erlang (1:17.3-dfsg-4+deb8u2) jessie-security; urgency=high
 
-  * NOT RELEASED YET
+  * Applied a patch from the upstream which fixes CVE-2017-1000385
+    vulnerability (TLS server vunlerable to Adaptive Chosen Ciphertext attack
+    allowing plaintext recovery ot MITM attack).
 
- -- Sergei Golovan <sgolovan at debian.org>  Mon, 24 Apr 2017 09:48:01 +0300
+ -- Sergei Golovan <sgolovan at debian.org>  Wed, 06 Dec 2017 09:50:47 +0300
 
 erlang (1:17.3-dfsg-4+deb8u1) stable-proposed-updates; urgency=medium
 

Added: erlang/branches/jessie/debian/patches/cve-2017-1000385.patch
===================================================================
--- erlang/branches/jessie/debian/patches/cve-2017-1000385.patch	                        (rev 0)
+++ erlang/branches/jessie/debian/patches/cve-2017-1000385.patch	2017-12-07 08:10:13 UTC (rev 1986)
@@ -0,0 +1,67 @@
+From de3b9cdb8521d7edd524b4e17d1e3f883f832ec0 Mon Sep 17 00:00:00 2001
+From: Ingela Anderton Andin <ingela at erlang.org>
+Date: Tue, 7 Nov 2017 18:34:34 +0100
+Subject: [PATCH] ssl: Countermeasurements for Bleichenbacher attack
+
+--- a/lib/ssl/src/dtls_connection.erl
++++ b/lib/ssl/src/dtls_connection.erl
+@@ -213,6 +213,7 @@
+             ssl_connection:hello({common_client_hello, Type, ServerHelloExt, HashSign},
+ 				 State#state{connection_states  = ConnectionStates,
+ 					     negotiated_version = Version,
++                                             client_hello_version = ClientVersion,
+ 					     session = Session,
+ 					     client_ecc = {EllipticCurves, EcPointFormats}}, ?MODULE);
+         #alert{} = Alert ->
+--- a/lib/ssl/src/ssl_connection.erl
++++ b/lib/ssl/src/ssl_connection.erl
+@@ -1135,8 +1135,25 @@
+     request_client_cert(State2, Connection).
+ 
+ certify_client_key_exchange(#encrypted_premaster_secret{premaster_secret= EncPMS},
+-			    #state{private_key = Key} = State, Connection) ->
+-    PremasterSecret = ssl_handshake:premaster_secret(EncPMS, Key),
++			    #state{private_key = Key, client_hello_version = {Major, Minor} = Version} = State, Connection) ->
++
++    %% Countermeasure for Bleichenbacher attack always provide some kind of premaster secret
++    %% and fail handshake later.RFC 5246 section 7.4.7.1.
++    PremasterSecret =
++        try ssl_handshake:premaster_secret(EncPMS, Key) of
++            Secret when erlang:byte_size(Secret) == ?NUM_OF_PREMASTERSECRET_BYTES ->
++                case Secret of
++                    <<?BYTE(Major), ?BYTE(Minor), _/binary>> -> %% Correct
++                        Secret;
++                    <<?BYTE(_), ?BYTE(_), Rest/binary>> -> %% Version mismatch
++                        <<?BYTE(Major), ?BYTE(Minor), Rest/binary>>
++                end;
++            _ -> %% erlang:byte_size(Secret) =/= ?NUM_OF_PREMASTERSECRET_BYTES
++                make_premaster_secret(Version, rsa)
++        catch 
++            #alert{description = ?DECRYPT_ERROR} ->
++                make_premaster_secret(Version, rsa)     
++        end,        
+     calculate_master_secret(PremasterSecret, State, Connection, certify, cipher);
+ 
+ certify_client_key_exchange(#client_diffie_hellman_public{dh_public = ClientPublicDhKey},
+--- a/lib/ssl/src/ssl_connection.hrl
++++ b/lib/ssl/src/ssl_connection.hrl
+@@ -53,7 +53,8 @@
+           session               :: #session{},
+ 	  session_cache         :: db_handle(),
+ 	  session_cache_cb      :: atom(),
+-          negotiated_version    :: ssl_record:ssl_version(),
++          negotiated_version    :: ssl_record:ssl_version() | 'undefined',
++          client_hello_version  :: ssl_record:ssl_version() | 'undefined',
+           client_certificate_requested = false :: boolean(),
+ 	  key_algorithm         :: ssl_cipher:key_algo(),
+ 	  hashsign_algorithm = {undefined, undefined},
+--- a/lib/ssl/src/tls_connection.erl
++++ b/lib/ssl/src/tls_connection.erl
+@@ -197,6 +197,7 @@
+             ssl_connection:hello({common_client_hello, Type, ServerHelloExt, HashSign},
+ 				 State#state{connection_states  = ConnectionStates,
+ 					     negotiated_version = Version,
++                                             client_hello_version = ClientVersion,
+ 					     session = Session,
+ 					     client_ecc = {EllipticCurves, EcPointFormats}}, ?MODULE);
+         #alert{} = Alert ->

Modified: erlang/branches/jessie/debian/patches/series
===================================================================
--- erlang/branches/jessie/debian/patches/series	2017-12-07 08:07:59 UTC (rev 1985)
+++ erlang/branches/jessie/debian/patches/series	2017-12-07 08:10:13 UTC (rev 1986)
@@ -14,3 +14,4 @@
 ssltlspoodle.patch
 beamload.patch
 cve-2016-10253.patch
+cve-2017-1000385.patch

More information about the Pkg-erlang-commits mailing list