From 2689697c1619566d1b40fc42cc26e8e844c9ef4491ac13682636872573eb658d Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 28 Oct 2010 13:42:11 +0000 Subject: [PATCH 1/2] Updating link to change in openSUSE:Factory/krb5 revision 59.0 OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=99775f32e971be7d3221f3e36316db2c --- krb5-doc.spec | 2 +- krb5-mini.spec | 4 ++-- krb5.spec | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/krb5-doc.spec b/krb5-doc.spec index f19eeea..3573a4d 100644 --- a/krb5-doc.spec +++ b/krb5-doc.spec @@ -21,7 +21,7 @@ Name: krb5-doc BuildRequires: ghostscript-library latex2html texlive Version: 1.8.3 -Release: 1 +Release: 2 %define srcRoot krb5-1.8.3 Summary: MIT Kerberos5 Implementation--Documentation License: MIT License (or similar) diff --git a/krb5-mini.spec b/krb5-mini.spec index c3074ab..66ae0eb 100644 --- a/krb5-mini.spec +++ b/krb5-mini.spec @@ -1,5 +1,5 @@ # -# spec file for package krb5 (Version 1.8.3) +# spec file for package krb5-mini (Version 1.8.3) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -28,7 +28,7 @@ Url: http://web.mit.edu/kerberos/www/ BuildRequires: bison libcom_err-devel ncurses-devel BuildRequires: keyutils keyutils-devel Version: 1.8.3 -Release: 1 +Release: 2 %if ! 0%{?build_mini} BuildRequires: libopenssl-devel openldap2-devel # bug437293 diff --git a/krb5.spec b/krb5.spec index 8a727f8..614d45c 100644 --- a/krb5.spec +++ b/krb5.spec @@ -28,7 +28,7 @@ Url: http://web.mit.edu/kerberos/www/ BuildRequires: bison libcom_err-devel ncurses-devel BuildRequires: keyutils keyutils-devel Version: 1.8.3 -Release: 1 +Release: 2 %if ! 0%{?build_mini} BuildRequires: libopenssl-devel openldap2-devel # bug437293 From 248552dcc515f2d5da44dfe16b5742a4fb9ff09964a988da71e21390b2223f25 Mon Sep 17 00:00:00 2001 From: Michael Calmer Date: Wed, 1 Dec 2010 10:45:18 +0000 Subject: [PATCH 2/2] - Fix multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007, bnc#650650) CVE-2010-1324 * krb5 GSS-API applications may accept unkeyed checksums * krb5 application services may accept unkeyed PAC checksums * krb5 KDC may accept low-entropy KrbFastArmoredReq checksums CVE-2010-1323 * krb5 clients may accept unkeyed SAM-2 challenge checksums * krb5 may accept KRB-SAFE checksums with low-entropy derived keys CVE-2010-4020 * krb5 may accept authdata checksums with low-entropy derived keys CVE-2010-4021 * krb5 KDC may issue unrequested tickets due to KrbFastReq forgery OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=37 --- MITKRB5-SA-2010-007-1.8.dif | 204 ++++++++++++++++++++++++++++++++++++ krb5-mini.changes | 17 +++ krb5-mini.spec | 4 +- krb5.changes | 17 +++ krb5.spec | 2 + 5 files changed, 243 insertions(+), 1 deletion(-) create mode 100644 MITKRB5-SA-2010-007-1.8.dif diff --git a/MITKRB5-SA-2010-007-1.8.dif b/MITKRB5-SA-2010-007-1.8.dif new file mode 100644 index 0000000..401bb6b --- /dev/null +++ b/MITKRB5-SA-2010-007-1.8.dif @@ -0,0 +1,204 @@ +Index: krb5-1.8/src/plugins/preauth/pkinit/pkinit_srv.c +=================================================================== +--- krb5-1.8/src/plugins/preauth/pkinit/pkinit_srv.c (revision 24455) ++++ krb5-1.8/src/plugins/preauth/pkinit/pkinit_srv.c (working copy) +@@ -691,8 +691,7 @@ + krb5_reply_key_pack *key_pack = NULL; + krb5_reply_key_pack_draft9 *key_pack9 = NULL; + krb5_data *encoded_key_pack = NULL; +- unsigned int num_types; +- krb5_cksumtype *cksum_types = NULL; ++ krb5_cksumtype cksum_type; + + pkinit_kdc_context plgctx; + pkinit_kdc_req_context reqctx; +@@ -882,14 +881,25 @@ + retval = ENOMEM; + goto cleanup; + } +- /* retrieve checksums for a given enctype of the reply key */ +- retval = krb5_c_keyed_checksum_types(context, +- encrypting_key->enctype, &num_types, &cksum_types); +- if (retval) +- goto cleanup; + +- /* pick the first of acceptable enctypes for the checksum */ +- retval = krb5_c_make_checksum(context, cksum_types[0], ++ switch (encrypting_key->enctype) { ++ case ENCTYPE_DES_CBC_MD4: ++ cksum_type = CKSUMTYPE_RSA_MD4_DES; ++ break; ++ case ENCTYPE_DES_CBC_MD5: ++ case ENCTYPE_DES_CBC_CRC: ++ cksum_type = CKSUMTYPE_RSA_MD5_DES; ++ break; ++ default: ++ retval = krb5int_c_mandatory_cksumtype(context, ++ encrypting_key->enctype, ++ &cksum_type); ++ if (retval) ++ goto cleanup; ++ break; ++ } ++ ++ retval = krb5_c_make_checksum(context, cksum_type, + encrypting_key, KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM, + req_pkt, &key_pack->asChecksum); + if (retval) { +@@ -1033,7 +1043,6 @@ + krb5_free_data(context, encoded_key_pack); + free(dh_pubkey); + free(server_key); +- free(cksum_types); + + switch ((int)padata->pa_type) { + case KRB5_PADATA_PK_AS_REQ: +Index: krb5-1.8/src/lib/crypto/krb/cksumtypes.c +=================================================================== +--- krb5-1.8/src/lib/crypto/krb/cksumtypes.c (revision 24455) ++++ krb5-1.8/src/lib/crypto/krb/cksumtypes.c (working copy) +@@ -101,7 +101,7 @@ + + { CKSUMTYPE_MD5_HMAC_ARCFOUR, + "md5-hmac-rc4", { 0 }, "Microsoft MD5 HMAC", +- NULL, &krb5int_hash_md5, ++ &krb5int_enc_arcfour, &krb5int_hash_md5, + krb5int_hmacmd5_checksum, NULL, + 16, 16, 0 }, + }; +Index: krb5-1.8/src/lib/crypto/krb/keyed_checksum_types.c +=================================================================== +--- krb5-1.8/src/lib/crypto/krb/keyed_checksum_types.c (revision 24455) ++++ krb5-1.8/src/lib/crypto/krb/keyed_checksum_types.c (working copy) +@@ -35,6 +35,13 @@ + { + if (ctp->flags & CKSUM_UNKEYED) + return FALSE; ++ /* Stream ciphers do not play well with RFC 3961 key derivation, so be ++ * conservative with RC4. */ ++ if ((ktp->etype == ENCTYPE_ARCFOUR_HMAC || ++ ktp->etype == ENCTYPE_ARCFOUR_HMAC_EXP) && ++ ctp->ctype != CKSUMTYPE_HMAC_MD5_ARCFOUR && ++ ctp->ctype != CKSUMTYPE_MD5_HMAC_ARCFOUR) ++ return FALSE; + return (!ctp->enc || ktp->enc == ctp->enc); + } + +Index: krb5-1.8/src/lib/crypto/krb/dk/derive.c +=================================================================== +--- krb5-1.8/src/lib/crypto/krb/dk/derive.c (revision 24455) ++++ krb5-1.8/src/lib/crypto/krb/dk/derive.c (working copy) +@@ -91,6 +91,8 @@ + blocksize = enc->block_size; + keybytes = enc->keybytes; + ++ if (blocksize == 1) ++ return KRB5_BAD_ENCTYPE; + if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes) + return KRB5_CRYPTO_INTERNAL; + +Index: krb5-1.8/src/lib/gssapi/krb5/util_crypt.c +=================================================================== +--- krb5-1.8/src/lib/gssapi/krb5/util_crypt.c (revision 24455) ++++ krb5-1.8/src/lib/gssapi/krb5/util_crypt.c (working copy) +@@ -119,10 +119,22 @@ + if (code != 0) + return code; + +- code = (*kaccess.mandatory_cksumtype)(context, subkey->keyblock.enctype, +- cksumtype); +- if (code != 0) +- return code; ++ switch (subkey->keyblock.enctype) { ++ case ENCTYPE_DES_CBC_MD4: ++ *cksumtype = CKSUMTYPE_RSA_MD4_DES; ++ break; ++ case ENCTYPE_DES_CBC_MD5: ++ case ENCTYPE_DES_CBC_CRC: ++ *cksumtype = CKSUMTYPE_RSA_MD5_DES; ++ break; ++ default: ++ code = (*kaccess.mandatory_cksumtype)(context, ++ subkey->keyblock.enctype, ++ cksumtype); ++ if (code != 0) ++ return code; ++ break; ++ } + + switch (subkey->keyblock.enctype) { + case ENCTYPE_DES_CBC_MD5: +Index: krb5-1.8/src/lib/krb5/krb/pac.c +=================================================================== +--- krb5-1.8/src/lib/krb5/krb/pac.c (revision 24455) ++++ krb5-1.8/src/lib/krb5/krb/pac.c (working copy) +@@ -582,6 +582,8 @@ + checksum.checksum_type = load_32_le(p); + checksum.length = checksum_data.length - PAC_SIGNATURE_DATA_LENGTH; + checksum.contents = p + PAC_SIGNATURE_DATA_LENGTH; ++ if (!krb5_c_is_keyed_cksum(checksum.checksum_type)) ++ return KRB5KRB_AP_ERR_INAPP_CKSUM; + + pac_data.length = pac->data.length; + pac_data.data = malloc(pac->data.length); +Index: krb5-1.8/src/lib/krb5/krb/preauth2.c +=================================================================== +--- krb5-1.8/src/lib/krb5/krb/preauth2.c (revision 24455) ++++ krb5-1.8/src/lib/krb5/krb/preauth2.c (working copy) +@@ -1578,7 +1578,9 @@ + + cksum = sc2->sam_cksum; + +- while (*cksum) { ++ for (; *cksum; cksum++) { ++ if (!krb5_c_is_keyed_cksum((*cksum)->checksum_type)) ++ continue; + /* Check this cksum */ + retval = krb5_c_verify_checksum(context, as_key, + KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM, +@@ -1592,7 +1594,6 @@ + } + if (valid_cksum) + break; +- cksum++; + } + + if (!valid_cksum) { +Index: krb5-1.8/src/lib/krb5/krb/mk_safe.c +=================================================================== +--- krb5-1.8/src/lib/krb5/krb/mk_safe.c (revision 24455) ++++ krb5-1.8/src/lib/krb5/krb/mk_safe.c (working copy) +@@ -215,10 +215,28 @@ + for (i = 0; i < nsumtypes; i++) + if (auth_context->safe_cksumtype == sumtypes[i]) + break; +- if (i == nsumtypes) +- i = 0; +- sumtype = sumtypes[i]; + krb5_free_cksumtypes (context, sumtypes); ++ if (i < nsumtypes) ++ sumtype = auth_context->safe_cksumtype; ++ else { ++ switch (enctype) { ++ case ENCTYPE_DES_CBC_MD4: ++ sumtype = CKSUMTYPE_RSA_MD4_DES; ++ break; ++ case ENCTYPE_DES_CBC_MD5: ++ case ENCTYPE_DES_CBC_CRC: ++ sumtype = CKSUMTYPE_RSA_MD5_DES; ++ break; ++ default: ++ retval = krb5int_c_mandatory_cksumtype(context, enctype, ++ &sumtype); ++ if (retval) { ++ CLEANUP_DONE(); ++ goto error; ++ } ++ break; ++ } ++ } + } + if ((retval = krb5_mk_safe_basic(context, userdata, key, &replaydata, + plocal_fulladdr, premote_fulladdr, + + diff --git a/krb5-mini.changes b/krb5-mini.changes index 049f52f..c3aa32b 100644 --- a/krb5-mini.changes +++ b/krb5-mini.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Wed Dec 1 11:44:15 CET 2010 - mc@suse.de + +- Fix multiple checksum handling vulnerabilities + (MITKRB5-SA-2010-007, bnc#650650) + CVE-2010-1324 + * krb5 GSS-API applications may accept unkeyed checksums + * krb5 application services may accept unkeyed PAC checksums + * krb5 KDC may accept low-entropy KrbFastArmoredReq checksums + CVE-2010-1323 + * krb5 clients may accept unkeyed SAM-2 challenge checksums + * krb5 may accept KRB-SAFE checksums with low-entropy derived keys + CVE-2010-4020 + * krb5 may accept authdata checksums with low-entropy derived keys + CVE-2010-4021 + * krb5 KDC may issue unrequested tickets due to KrbFastReq forgery + ------------------------------------------------------------------- Thu Oct 28 12:53:13 CEST 2010 - mc@suse.de diff --git a/krb5-mini.spec b/krb5-mini.spec index 66ae0eb..580463c 100644 --- a/krb5-mini.spec +++ b/krb5-mini.spec @@ -1,5 +1,5 @@ # -# spec file for package krb5-mini (Version 1.8.3) +# spec file for package krb5 (Version 1.8.3) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -56,6 +56,7 @@ Patch6: krb5-1.6.3-kpasswd_tcp.patch Patch7: krb5-1.6.3-ktutil-manpage.dif Patch8: krb5-1.6.3-fix-ipv6-query.dif Patch12: krb5-1.8-MITKRB5-SA-2010-006.dif +Patch13: MITKRB5-SA-2010-007-1.8.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils PreReq: %insserv_prereq %fillup_prereq @@ -204,6 +205,7 @@ Authors: %patch7 -p1 %patch8 -p1 %patch12 -p1 +%patch13 -p1 # Rename the man pages so that they'll get generated correctly. pushd src cat %{SOURCE10} | while read manpage ; do diff --git a/krb5.changes b/krb5.changes index 049f52f..c3aa32b 100644 --- a/krb5.changes +++ b/krb5.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Wed Dec 1 11:44:15 CET 2010 - mc@suse.de + +- Fix multiple checksum handling vulnerabilities + (MITKRB5-SA-2010-007, bnc#650650) + CVE-2010-1324 + * krb5 GSS-API applications may accept unkeyed checksums + * krb5 application services may accept unkeyed PAC checksums + * krb5 KDC may accept low-entropy KrbFastArmoredReq checksums + CVE-2010-1323 + * krb5 clients may accept unkeyed SAM-2 challenge checksums + * krb5 may accept KRB-SAFE checksums with low-entropy derived keys + CVE-2010-4020 + * krb5 may accept authdata checksums with low-entropy derived keys + CVE-2010-4021 + * krb5 KDC may issue unrequested tickets due to KrbFastReq forgery + ------------------------------------------------------------------- Thu Oct 28 12:53:13 CEST 2010 - mc@suse.de diff --git a/krb5.spec b/krb5.spec index 614d45c..d364445 100644 --- a/krb5.spec +++ b/krb5.spec @@ -56,6 +56,7 @@ Patch6: krb5-1.6.3-kpasswd_tcp.patch Patch7: krb5-1.6.3-ktutil-manpage.dif Patch8: krb5-1.6.3-fix-ipv6-query.dif Patch12: krb5-1.8-MITKRB5-SA-2010-006.dif +Patch13: MITKRB5-SA-2010-007-1.8.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils PreReq: %insserv_prereq %fillup_prereq @@ -204,6 +205,7 @@ Authors: %patch7 -p1 %patch8 -p1 %patch12 -p1 +%patch13 -p1 # Rename the man pages so that they'll get generated correctly. pushd src cat %{SOURCE10} | while read manpage ; do