[Pkg-gnupg-maint] Bug#771992: gnupg: gpg --verify FILE is insecure for detached sigs

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Dec 4 07:10:38 UTC 2014 

Package: gnupg
Version: 1.4.12-7+deb7u6
Severity: important
Tags: patch upstream

OpenPGP signatures come in two forms: detached (where the signature is
in a separate file from the data being signed) and bundled (where one
file contains both the signed message and the signature).

GnuPG is used to verify both detached and bundled OpenPGP signatures.

The canonical way to verify a bundled OpenPGP signature is:

 gpg --verify message.txt

The canonical way to verify a detached OpenPGP signature is:

 gpg --verify message.txt.sig message.txt

GnuPG has traditionally offered a "convenience" mode for verifying
detached OpenPGP signatures:

 gpg --verify message.txt.sig

(in this case, gpg automatically guesses to look for message.txt for
the signed text).

Unfortunately, this convenience mode can be exploited by an attacker
who ships a bundled signature as though it were a detached signature,
tricking the user into believing that any arbitrary file with the
right name is actually signed.

To avoid this threat, detached signatures should always be verified
by:

 gpg --verify SIG FILE

This was noted publicly on gnupg-users about a month ago:

http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051333.html

And upstream is moving to rapidly deprecate the unsafe convenience mode.

The attached patch is how upstream fixes the problem after GnuPG
1.4.18.

	--dkg


-- System Information:
Debian Release: 7.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages gnupg depends on:
ii  dpkg          1.16.15
ii  gpgv          1.4.12-7+deb7u6
ii  install-info  4.13a.dfsg.1-10
ii  libbz2-1.0    1.0.6-4
ii  libc6         2.13-38+deb7u6
ii  libreadline6  6.2+dfsg-0.1
ii  libusb-0.1-4  2:0.1.12-20+nmu1
ii  zlib1g        1:1.2.7.dfsg-13

Versions of packages gnupg recommends:
pn  gnupg-curl     <none>
ii  libldap-2.4-2  2.4.31-1+nmu2

Versions of packages gnupg suggests:
pn  gnupg-doc                       <none>
pn  libpcsclite1                    <none>
pn  xloadimage | imagemagick | eog  <none>

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch
Type: text/x-diff
Size: 11690 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20141204/b7d834f9/attachment.patch>

More information about the Pkg-gnupg-maint mailing list