[Pkg-privacy-maintainers] Fwd: [anti-censorship-team] obfs4proxy-0.0.12 (2021-12-31) fixes the Elligator2 bug

meskio meskio at sindominio.net
Fri Jan 14 11:14:07 GMT 2022 

Hello,

There has being a security issue discovered in obfs4proxy, see details on the 
forwarded email. What will be the process to update the package? Can we update 
it in stable as a security update? Can I help somehow with the process?

Thank you.

Forwarded message from David Fifield (2022-01-14 03:27:09):
> The upstream obfs4 repository has a fix to the Elligator2 public key
> representative leak (https://github.com/agl/ed25519/issues/27).
> 
> https://gitlab.com/yawning/obfs4/-/commit/393aca86cc3b1a5263018c10f87ece09ac3fd5ed
> 
>         All releases prior to this commit are trivially distinguishable
>         with simple math, so upgrading is strongly recommended. The
>         upgrade is fully backward-compatible with existing
>         implementations, however the non-upgraded side will emit traffic
>         that is trivially distinguishable from random.
> 
> The file internal/README.md elaborates:
> 
>         All existing versions prior to the migration to the new code
>         (anything that uses agl's code) are fatally broken, and trivial
>         to distinguish via some simple math. For more details see Loup
>         Vaillant's writings on the subject. Any bugs in the
>         implementation are mine, and not his.
> 
>         Representatives created by this implementation will correctly be
>         decoded by existing implementations. Public keys created by this
>         implementation be it via the modified scalar basepoint multiply
>         or via decoding a representative will be somewhat non-standard,
>         but will interoperate with a standard X25519 scalar-multiply.
> 
>         As the obfs4 handshake does not include the decoded
>         representative in any of it's authenticated handshake digest
>         calculations, this change is fully-backward compatible (though
>         the non-upgraded side of the connection will still be trivially
>         distinguishable from random).
> _______________________________________________
> anti-censorship-team mailing list
> anti-censorship-team at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/anti-censorship-team

-- 
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-maintainers/attachments/20220114/b229aba6/attachment.sig>

More information about the Pkg-privacy-maintainers mailing list