FEDORA-EPEL-2018-2150941371

security update in Fedora EPEL 7 for mbedtls

Status: stable 7 months ago

How to install

sudo dnf upgrade --advisory=FEDORA-EPEL-2018-2150941371

Comments 10

This update has been submitted for testing by mstevens.

hello mstevens,

the vulnerability CVE-2018-1000520 is documented in issue #1561 on github: https://github.com/ARMmbed/mbedtls/issues/1561 This vulnerability is about accepting a certificate which should not be accepted and is still open.

However regarding the release notes of ARM mbedTLS https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.7.6 the security fix is: Fixed an issue in the X.509 module which could lead to a buffer overread during certificate extensions parsing. A read of one byte beyond the limit of the input buffer was made, when the extensions length field was zero. Found by Nathan Crandall.

This is clearly something different, so my question is which vulnerabilities have been fixed in this security update? Is it just CVE-2018-1000520 or the one from the release notes without CVE identifier or both?

Hello muench,

You're right. Referring to https://github.com/ARMmbed/mbedtls/issues/1561 indicates that the issue hasn't been fixed with the latest 2.7.6 release. Anyway, it's not exploitable. (see https://github.com/ARMmbed/mbedtls/issues/1561#issuecomment-421098364) I will remove CVE-2018-1000520 from this update. For CVE-2018-1000520, we have to wait for an upstream fix.

The current (2.7.6) update contains only a fix for the security issue documented in the release notes.

mstevens edited this update.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by mstevens.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 8 months ago
in testing 8 months ago
in stable 7 months ago
modified 8 months ago

Automated Test Results