* [dunfell 0/2] dunfell patch review @ 2020-07-17 15:20 akuster 2020-07-17 15:20 ` [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" akuster 2020-07-17 15:20 ` [dunfell 2/2] nss: Fix CVE-2020-12399 akuster 0 siblings, 2 replies; 10+ messages in thread From: akuster @ 2020-07-17 15:20 UTC (permalink / raw) To: openembedded-devel Two additional for reveiw. This include reverting the jsoncpp update that may have introduced an abi change. The following changes since commit 3add820b373564478591e244226704371c1d34d1: wireshark: Update to 3.2.5 (2020-07-12 19:20:59 -0700) are available in the Git repository at: git://git.openembedded.org/meta-openembedded-contrib stable/dunfell-nut http://cgit.openembedded.org/meta-openembedded-contrib/log/?h=stable/dunfell-nut Armin Kuster (1): Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" Ovidiu Panait (1): nss: Fix CVE-2020-12399 .../{jsoncpp_1.9.3.bb => jsoncpp_1.9.2.bb} | 2 +- ...e-a-fixed-length-for-DSA-exponentiat.patch | 110 ++++++++++++++++++ meta-oe/recipes-support/nss/nss_3.51.1.bb | 1 + 3 files changed, 112 insertions(+), 1 deletion(-) rename meta-oe/recipes-devtools/jsoncpp/{jsoncpp_1.9.3.bb => jsoncpp_1.9.2.bb} (93%) create mode 100644 meta-oe/recipes-support/nss/nss/0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch -- 2.17.1 ^ permalink raw reply [flat|nested] 10+ messages in thread
* [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-17 15:20 [dunfell 0/2] dunfell patch review akuster @ 2020-07-17 15:20 ` akuster 2020-07-17 17:24 ` [oe] " Adrian Bunk 2020-07-17 15:20 ` [dunfell 2/2] nss: Fix CVE-2020-12399 akuster 1 sibling, 1 reply; 10+ messages in thread From: akuster @ 2020-07-17 15:20 UTC (permalink / raw) To: openembedded-devel This reverts commit 2b384c59733c437027f9b14cc32da19251efd97b. It appears that there was a change in soname not noted in the changelog. https://github.com/open-source-parsers/jsoncpp/commit/8b7ea09b8055df01866a5ce4142b12ed8f9f13eb ABI change appears to have occured. https://abi-laboratory.pro/index.php?view=timeline&l=jsoncpp Signed-off-by: Armin Kuster <akuster808@gmail.com> --- .../jsoncpp/{jsoncpp_1.9.3.bb => jsoncpp_1.9.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/jsoncpp/{jsoncpp_1.9.3.bb => jsoncpp_1.9.2.bb} (93%) diff --git a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb similarity index 93% rename from meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb rename to meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb index 97c6361ad8..a88410f2ff 100644 --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb @@ -11,7 +11,7 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=fa2a23dd1dc6c139f35105379d76df2b" -SRCREV = "6aba23f4a8628d599a9ef7fa4811c4ff6e4070e2" +SRCREV = "d2e6a971f4544c55b8e3b25cf96db266971b778f" SRC_URI = "git://github.com/open-source-parsers/jsoncpp" S = "${WORKDIR}/git" -- 2.17.1 ^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [oe] [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-17 15:20 ` [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" akuster @ 2020-07-17 17:24 ` Adrian Bunk 2020-07-17 19:16 ` akuster 2020-07-20 7:33 ` Mikko Rapeli 0 siblings, 2 replies; 10+ messages in thread From: Adrian Bunk @ 2020-07-17 17:24 UTC (permalink / raw) To: akuster; +Cc: openembedded-devel On Fri, Jul 17, 2020 at 08:20:54AM -0700, akuster wrote: >... > --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb > +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb >... This would make the version going backwards, please add PV = "1.9.3+really1.9.2" cu Adrian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [oe] [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-17 17:24 ` [oe] " Adrian Bunk @ 2020-07-17 19:16 ` akuster 2020-07-17 19:53 ` Adrian Bunk 2020-07-20 7:33 ` Mikko Rapeli 1 sibling, 1 reply; 10+ messages in thread From: akuster @ 2020-07-17 19:16 UTC (permalink / raw) To: Adrian Bunk; +Cc: openembedded-devel On 7/17/20 10:24 AM, Adrian Bunk wrote: > On Fri, Jul 17, 2020 at 08:20:54AM -0700, akuster wrote: >> ... >> --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb >> +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb >> ... > This would make the version going backwards, please add > PV = "1.9.3+really1.9.2" right. Wouldn't EP = "1" do the same? > > cu > Adrian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [oe] [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-17 19:16 ` akuster @ 2020-07-17 19:53 ` Adrian Bunk 2020-07-17 20:57 ` akuster 0 siblings, 1 reply; 10+ messages in thread From: Adrian Bunk @ 2020-07-17 19:53 UTC (permalink / raw) To: akuster808; +Cc: openembedded-devel On Fri, Jul 17, 2020 at 12:16:10PM -0700, akuster808 wrote: > > > On 7/17/20 10:24 AM, Adrian Bunk wrote: > > On Fri, Jul 17, 2020 at 08:20:54AM -0700, akuster wrote: > >> ... > >> --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb > >> +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb > >> ... > > This would make the version going backwards, please add > > PV = "1.9.3+really1.9.2" > > right. Wouldn't EP = "1" do the same? PE (not EP) would also solve this. The problem with an epoch is that it is permanent while a +really version will go away with 1.9.4. cu Adrian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [oe] [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-17 19:53 ` Adrian Bunk @ 2020-07-17 20:57 ` akuster 2020-07-18 6:15 ` Adrian Bunk 0 siblings, 1 reply; 10+ messages in thread From: akuster @ 2020-07-17 20:57 UTC (permalink / raw) To: Adrian Bunk; +Cc: openembedded-devel On 7/17/20 12:53 PM, Adrian Bunk wrote: > On Fri, Jul 17, 2020 at 12:16:10PM -0700, akuster808 wrote: >> >> On 7/17/20 10:24 AM, Adrian Bunk wrote: >>> On Fri, Jul 17, 2020 at 08:20:54AM -0700, akuster wrote: >>>> ... >>>> --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb >>>> +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb >>>> ... >>> This would make the version going backwards, please add >>> PV = "1.9.3+really1.9.2" >> right. Wouldn't EP = "1" do the same? > PE (not EP) would also solve this. right. > > The problem with an epoch is that it is permanent while > a +really version will go away with 1.9.4. I don't expect to every update to 1.9.4 as .3 may have introduced ABI changes otherwise I would not have reverted this to begin with. -armin > > cu > Adrian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [oe] [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-17 20:57 ` akuster @ 2020-07-18 6:15 ` Adrian Bunk 2020-07-18 14:28 ` akuster 0 siblings, 1 reply; 10+ messages in thread From: Adrian Bunk @ 2020-07-18 6:15 UTC (permalink / raw) To: akuster808; +Cc: openembedded-devel On Fri, Jul 17, 2020 at 01:57:24PM -0700, akuster808 wrote: > > > On 7/17/20 12:53 PM, Adrian Bunk wrote: > > On Fri, Jul 17, 2020 at 12:16:10PM -0700, akuster808 wrote: > >> > >> On 7/17/20 10:24 AM, Adrian Bunk wrote: > >>> On Fri, Jul 17, 2020 at 08:20:54AM -0700, akuster wrote: > >>>> ... > >>>> --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb > >>>> +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb > >>>> ... > >>> This would make the version going backwards, please add > >>> PV = "1.9.3+really1.9.2" > >> right. Wouldn't EP = "1" do the same? > > PE (not EP) would also solve this. > right. > > > > The problem with an epoch is that it is permanent while > > a +really version will go away with 1.9.4. > I don't expect to every update to 1.9.4 as .3 may have introduced ABI > changes otherwise I would not have reverted this to begin with. Not in dunfell. PE would have to stay forever in master. cu Adrian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [oe] [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-18 6:15 ` Adrian Bunk @ 2020-07-18 14:28 ` akuster 0 siblings, 0 replies; 10+ messages in thread From: akuster @ 2020-07-18 14:28 UTC (permalink / raw) To: Adrian Bunk; +Cc: openembedded-devel On 7/17/20 11:15 PM, Adrian Bunk wrote: > On Fri, Jul 17, 2020 at 01:57:24PM -0700, akuster808 wrote: >> >> On 7/17/20 12:53 PM, Adrian Bunk wrote: >>> On Fri, Jul 17, 2020 at 12:16:10PM -0700, akuster808 wrote: >>>> On 7/17/20 10:24 AM, Adrian Bunk wrote: >>>>> On Fri, Jul 17, 2020 at 08:20:54AM -0700, akuster wrote: >>>>>> ... >>>>>> --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb >>>>>> +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb >>>>>> ... >>>>> This would make the version going backwards, please add >>>>> PV = "1.9.3+really1.9.2" >>>> right. Wouldn't EP = "1" do the same? >>> PE (not EP) would also solve this. >> right. >>> The problem with an epoch is that it is permanent while >>> a +really version will go away with 1.9.4. >> I don't expect to every update to 1.9.4 as .3 may have introduced ABI >> changes otherwise I would not have reverted this to begin with. > Not in dunfell. > > PE would have to stay forever in master. Master did not change. Dunfell changed. > > cu > Adrian ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [oe] [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" 2020-07-17 17:24 ` [oe] " Adrian Bunk 2020-07-17 19:16 ` akuster @ 2020-07-20 7:33 ` Mikko Rapeli 1 sibling, 0 replies; 10+ messages in thread From: Mikko Rapeli @ 2020-07-20 7:33 UTC (permalink / raw) To: bunk; +Cc: akuster808, openembedded-devel Hi, On Fri, Jul 17, 2020 at 08:24:58PM +0300, Adrian Bunk wrote: > On Fri, Jul 17, 2020 at 08:20:54AM -0700, akuster wrote: > >... > > --- a/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.3.bb > > +++ b/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb > >... > > This would make the version going backwards, please add > PV = "1.9.3+really1.9.2" This will break CVE version checks unless CVE_VERSION is set to 1.9.2. Please increment PE instead. Cheers, -Mikko > cu > Adrian > ^ permalink raw reply [flat|nested] 10+ messages in thread
* [dunfell 2/2] nss: Fix CVE-2020-12399 2020-07-17 15:20 [dunfell 0/2] dunfell patch review akuster 2020-07-17 15:20 ` [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" akuster @ 2020-07-17 15:20 ` akuster 1 sibling, 0 replies; 10+ messages in thread From: akuster @ 2020-07-17 15:20 UTC (permalink / raw) To: openembedded-devel From: Ovidiu Panait <ovidiu.panait@windriver.com> Master (nss version 3.54) is not affected by this issue. This is a backport from nss version 3.54. NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. Upstream patch: https://hg.mozilla.org/projects/nss/rev/daa823a4a29bcef0fec33a379ec83857429aea2e Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> --- ...e-a-fixed-length-for-DSA-exponentiat.patch | 110 ++++++++++++++++++ meta-oe/recipes-support/nss/nss_3.51.1.bb | 1 + 2 files changed, 111 insertions(+) create mode 100644 meta-oe/recipes-support/nss/nss/0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch diff --git a/meta-oe/recipes-support/nss/nss/0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch b/meta-oe/recipes-support/nss/nss/0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch new file mode 100644 index 0000000000..517c277ae0 --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch @@ -0,0 +1,110 @@ +From 5942c26888ba12ad5e0d92fb62f23d7cde6dc159 Mon Sep 17 00:00:00 2001 +From: Ovidiu Panait <ovidiu.panait@windriver.com> +Date: Mon, 13 Jul 2020 06:25:56 +0000 +Subject: [PATCH] Bug 1631576 - Force a fixed length for DSA exponentiation + r=pereida,bbrumley + +Differential Revision: https://phabricator.services.mozilla.com/D72011 + +Upstream-Status: Backport [https://hg.mozilla.org/projects/nss/rev/daa823a4a29bcef0fec33a379ec83857429aea2e] + +Authored-by: Robert Relyea <rrelyea@redhat.com> +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + nss/lib/freebl/dsa.c | 45 ++++++++++++++++++++++++++++++++++---------- + 1 file changed, 35 insertions(+), 10 deletions(-) + +diff --git a/nss/lib/freebl/dsa.c b/nss/lib/freebl/dsa.c +index aef3539..389c9de 100644 +--- a/nss/lib/freebl/dsa.c ++++ b/nss/lib/freebl/dsa.c +@@ -313,13 +313,14 @@ DSA_NewKeyFromSeed(const PQGParams *params, + + static SECStatus + dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, +- const unsigned char *kb) ++ const unsigned char *kbytes) + { + mp_int p, q, g; /* PQG parameters */ + mp_int x, k; /* private key & pseudo-random integer */ + mp_int r, s; /* tuple (r, s) is signature) */ + mp_int t; /* holding tmp values */ + mp_int ar; /* holding blinding values */ ++ mp_digit fuzz; /* blinding multiplier for q */ + mp_err err = MP_OKAY; + SECStatus rv = SECSuccess; + unsigned int dsa_subprime_len, dsa_signature_len, offset; +@@ -373,6 +374,7 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, + CHECK_MPI_OK(mp_init(&s)); + CHECK_MPI_OK(mp_init(&t)); + CHECK_MPI_OK(mp_init(&ar)); ++ + /* + ** Convert stored PQG and private key into MPI integers. + */ +@@ -380,14 +382,28 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, + SECITEM_TO_MPINT(key->params.subPrime, &q); + SECITEM_TO_MPINT(key->params.base, &g); + SECITEM_TO_MPINT(key->privateValue, &x); +- OCTETS_TO_MPINT(kb, &k, dsa_subprime_len); ++ OCTETS_TO_MPINT(kbytes, &k, dsa_subprime_len); ++ ++ /* k blinding create a single value that has the high bit set in ++ * the mp_digit*/ ++ if (RNG_GenerateGlobalRandomBytes(&fuzz, sizeof(mp_digit)) != SECSuccess) { ++ PORT_SetError(SEC_ERROR_NEED_RANDOM); ++ rv = SECFailure; ++ goto cleanup; ++ } ++ fuzz |= 1ULL << ((sizeof(mp_digit) * PR_BITS_PER_BYTE - 1)); + /* + ** FIPS 186-1, Section 5, Step 1 + ** + ** r = (g**k mod p) mod q + */ +- CHECK_MPI_OK(mp_exptmod(&g, &k, &p, &r)); /* r = g**k mod p */ +- CHECK_MPI_OK(mp_mod(&r, &q, &r)); /* r = r mod q */ ++ CHECK_MPI_OK(mp_mul_d(&q, fuzz, &t)); /* t = q*fuzz */ ++ CHECK_MPI_OK(mp_add(&k, &t, &t)); /* t = k+q*fuzz */ ++ /* length of t is now fixed, bits in k have been blinded */ ++ CHECK_MPI_OK(mp_exptmod(&g, &t, &p, &r)); /* r = g**t mod p */ ++ /* r is now g**(k+q*fuzz) == g**k mod p */ ++ CHECK_MPI_OK(mp_mod(&r, &q, &r)); /* r = r mod q */ ++ + /* + ** FIPS 186-1, Section 5, Step 2 + ** +@@ -411,15 +427,24 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, + /* Using mp_invmod on k directly would leak bits from k. */ + CHECK_MPI_OK(mp_mul(&k, &ar, &k)); /* k = k * ar */ + CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */ +- CHECK_MPI_OK(mp_invmod(&k, &q, &k)); /* k = k**-1 mod q */ ++ /* k is now k*t*ar */ ++ CHECK_MPI_OK(mp_invmod(&k, &q, &k)); /* k = k**-1 mod q */ ++ /* k is now (k*t*ar)**-1 */ + CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */ +- SECITEM_TO_MPINT(localDigest, &s); /* s = HASH(M) */ ++ /* k is now (k*ar)**-1 */ ++ SECITEM_TO_MPINT(localDigest, &s); /* s = HASH(M) */ + /* To avoid leaking secret bits here the addition is blinded. */ +- CHECK_MPI_OK(mp_mul(&x, &ar, &x)); /* x = x * ar */ +- CHECK_MPI_OK(mp_mulmod(&x, &r, &q, &x)); /* x = x * r mod q */ ++ CHECK_MPI_OK(mp_mul(&x, &ar, &x)); /* x = x * ar */ ++ /* x is now x*ar */ ++ CHECK_MPI_OK(mp_mulmod(&x, &r, &q, &x)); /* x = x * r mod q */ ++ /* x is now x*r*ar */ + CHECK_MPI_OK(mp_mulmod(&s, &ar, &q, &t)); /* t = s * ar mod q */ +- CHECK_MPI_OK(mp_add(&t, &x, &s)); /* s = t + x */ +- CHECK_MPI_OK(mp_mulmod(&s, &k, &q, &s)); /* s = s * k mod q */ ++ /* t is now hash(M)*ar */ ++ CHECK_MPI_OK(mp_add(&t, &x, &s)); /* s = t + x */ ++ /* s is now (HASH(M)+x*r)*ar */ ++ CHECK_MPI_OK(mp_mulmod(&s, &k, &q, &s)); /* s = s * k mod q */ ++ /* s is now (HASH(M)+x*r)*ar*(k*ar)**-1 = (k**-1)*(HASH(M)+x*r) */ ++ + /* + ** verify r != 0 and s != 0 + ** mentioned as optional in FIPS 186-1. +-- +2.18.1 + diff --git a/meta-oe/recipes-support/nss/nss_3.51.1.bb b/meta-oe/recipes-support/nss/nss_3.51.1.bb index 36e6cd8fc5..c00bd34cb2 100644 --- a/meta-oe/recipes-support/nss/nss_3.51.1.bb +++ b/meta-oe/recipes-support/nss/nss_3.51.1.bb @@ -34,6 +34,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \ file://riscv.patch \ file://0001-Enable-uint128-on-mips64.patch \ + file://0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch \ " SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233" -- 2.17.1 ^ permalink raw reply related [flat|nested] 10+ messages in thread
end of thread, other threads:[~2020-07-20 7:33 UTC | newest] Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-07-17 15:20 [dunfell 0/2] dunfell patch review akuster 2020-07-17 15:20 ` [dunfell 1/2] Revert "jsoncpp: upgrade 1.9.2 -> 1.9.3" akuster 2020-07-17 17:24 ` [oe] " Adrian Bunk 2020-07-17 19:16 ` akuster 2020-07-17 19:53 ` Adrian Bunk 2020-07-17 20:57 ` akuster 2020-07-18 6:15 ` Adrian Bunk 2020-07-18 14:28 ` akuster 2020-07-20 7:33 ` Mikko Rapeli 2020-07-17 15:20 ` [dunfell 2/2] nss: Fix CVE-2020-12399 akuster
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.