|Reported by:||Fernando de Oliveira||Owned by:||Fernando de Oliveira|
Severity: ServerKeyExchange signature issue Karthikeyan Bhargavan reported that a ServerKeyExchange signature sent by the server is not verified to be in the acceptable by the client set of algorithms. That has the effect of allowing MD5 signatures (which are disabled by default) in the ServerKeyExchange message. It is not believed that this bug can be exploited because a fraudulent signature has to be generated in real-time which is not known to be possible. However, since attacks can only get better it is recommended to update to a GnuTLS version which addresses the issue. Recommendation: Upgrade to GnuTLS 3.4.1, or 3.3.15
* Version 3.4.1 (released 2015-05-03) ** libgnutls: gnutls_certificate_get_ours: will return the certificate even if a callback was used to send it. ** libgnutls: Check for invalid length in the X.509 version field. Without the check certificates with invalid length would be detected as having an arbitrary version. Reported by Hanno Böck. ** libgnutls: Handle DNS name constraints with a leading dot. Patch by Fotis Loukos. ** libgnutls: Updated system-keys support for windows to compile in more versions of mingw. Patch by Tim Kosse. ** libgnutls: Fix for MD5 downgrade in TLS 1.2 signatures. Reported by Karthikeyan Bhargavan [GNUTLS-SA-2015-2]. ** libgnutls: Reverted: The gnutls_handshake() process will enforce a timeout by default. That caused issues with non-blocking programs. ** certtool: It can generate SHA256 key IDs. ** gnutls-cli: fixed crash in --benchmark-ciphers. Reported by James Cloos. ** configure: re-enabled the --enable-local-libopts flag ** API and ABI modifications: gnutls_x509_crt_get_pk_ecc_raw: Added
Change History (2)
Note: See TracTickets for help on using tickets.