OPENSUSE-SU-2019:1951-1
Vulnerability from csaf_opensuse - Published: 2019-08-19 11:36 - Updated: 2019-08-19 11:36Summary
Recommended update for dkgpg, libTMCG
Notes
Title of the patch
Recommended update for dkgpg, libTMCG
Description of the patch
This update for dkgpg, libTMCG fixes the following issues:
libTMCG was updated to version 1.3.18
* This release is two-fold: first, it fixes some bugs (e.g. iterated S2K)
of the OpenPGP interface, and second, it adds functionality for handling
v5 keys and signatures (see RFC 4880bis-07).
Update to version 1.3.17
* VTMF,ASTC,DKG,VRHE,EOTP,COM,VSS: make CheckGroup() more robust
* VSSHE: security bugfix for Verify_[non]interactive_[_publiccoin]
* mpz_spowm: added check for correct base in fast exponentiation
* mpz_sqrtm: remove unused parameter in tmcg_mpz_qrmn_p()
* configure.ac: added compiler option '-Wextra'
* mpz_sprime: added tmcg_mpz_smprime() with increased B = 80000
* RFC4880: changed type of tmcg_openpgp_mem_alloc to unsigned long
Update to version 1.3.16
* changed constant TMCG_MAX_CARDS (decreased by factor 2)
* changed formulas for TMCG_MAX_VALUE_CHARS and TMCG_MAX_KEY_CHARS
* RFC4880: added support of Preferred AEAD Algorithms [RFC 4880bis]
* RFC4880: added output for key usage 'timestamping' [RFC 4880bis]
* RFC4880: changed tmcg_openpgp_byte_t: unsigned char -> uint8_t
* RFC4880: added PacketAeadEncode() [RFC 4880bis]
* RFC4880: added SymmetricDecryptAEAD() and SymmetricEncryptAEAD()
* changed formula for TMCG_MAX_KEYBITS (increased by factor 2)
* mpz_srandom: bugfix in Botan code branch of mpz_grandomb()
Update to version 1.3.15:
* This is a maintenance release that fixes some bugs, e.g. in the Botan
support of functions from module mpz_srandom. Moreover, some interfaces
of the OpenPGP implemenation have been added and removed. For some
modules of LibTMCG a basic exception handling has been introduced.
Update to version 1.3.14:
* With this release three additional parameters for the control of secure
memory allocation have been added to init_libTMCG(). They are explained
in the reference manual. Moreover, the OpenPGP interface has been
enhanced in several way, e.g., ECDH, ECDSA and EdDSA are supported now.
Update to 1.3.13:
* Lots of major improvements for undocumented OpenPGP interface
* PRNG from Botan is used as additional source of randomness
* SHA3 is emulated if runtime version of libgcrypt is too old
dkgpg was updated to version 1.1.3:
* This is a bugfix release that includes only three minor improvements: a
direct-key signature (0x1f) for the primary key is added by default such
that restricting key servers (e.g. keys.openpgp.org) can deliver a
cryptographically checkable key without verification of any included
user ID or without appended subkey. The command line interface of
dkg-decrypt has been improved in order to give users an easy access to
the symmetric-key decryption mode. An additional option ('-5') for
dkg-sign allows to generate V5 signatures (cf. draft RFC 4880bis).
Update to version 1.1.2:
* This release adds a lot of features to some programs: two new options
('-K' and '-f') allow dkg-keysign to read the certification key from a
keyring instead of a single key block file. Moreover, with option '-a'
an interactive confirmation by the user is required for each signature.
Passive support of V5 keys (cf. draft RFC 4880bis) has been added for
all programs, however, dkg-generate still generates V4 keys only,
because this new feature of the draft is not widely spread. There is
also a new encryption capability: an empty KEYSPEC tells dkg-encrypt to
create a symmetric-key encrypted session key, i.e., the user has to
supply a passphrase for encryption and decryption without any public-key
cryptography involved. Last but not least, two bugs have been fixed:
First, dkg-decrypt failed on many ZIP-compressed OpenPGP messages with
'ZLIB ERROR: -3 invalid block type' due to a bug in decompression logic.
Second, dkg-decrypt failed in a special case of symmetric-key encrypted
session keys. Finally, the non-installing program dkg-fuzzer (generates
fuzzy samples of somehow corrupted OpenPGP stuctures) has been added.
Update to version 1.1.1:
* Some small improvements have been applied for dkg-generate: Two new
options ('-u' and '-N') allow providing the initial user ID and to
disable the passphrase at command line. Moreover, since this release
dkg-timestamp and dkg-timestamp-verify require a special key usage flag
from recent RFC 4880bis draft to select so-called timestamping keys.
Finally, the synchronization time of the internally used broadcast
protocol was reduced to a more reasonable amount and in dkg-decrypt the
detection of end of data for message and decryption shares was changed.
Update to version 1.1.0:
* This release supports Authenticated Encryption with Associated Data (AEAD)
in accordance to RFC 4880bis (draft); this can be enforced with the new
added option '-a' when dkg-(d)encrypt is used. For using domain parameters,
as described in RFC 7919, one should specify the new option '-r', when
dkg-gencrs is used. Last, for key generation (dkg-generate) the timestamp
option was added ( '--timestamping') which sets a key usage flag.
- Update to version 1.0.9
This release improves the possibilities of DKGPG further. With the new
programs dkg-adduid and dkg-revuid an user ID can be added and revoked,
respectively. The program dkg-revoke now supports a human-readable
reason for revocation (by option '-R') and dkg-decrypt verifies an
included signature according to a given key ring (option '-k'). Last
but not least, by the program dkg-addrevoker an external revocation
key can be specified.
Update to version 1.0.8:
* First of all, passive support for ECDSA, ECDH, and EdDSA (cf. RFC 6637
and Werner Koch's draft RFC 4880bis) has been added by relying on the
most recent version of LibTMCG. The threshold signature scheme and the
threshold encryption are still limited to finite field cryptography
(i.e. DSA and ElGamal). Moreover, the programs generate and recognize
a few other new OpenPGP features (e.g. issuer fingerprint subpackets)
from RFC 4880bis. Compressed messages are now decompressed by the
program dkg-decrypt using zlib Compression Library (and optionally by
library routines from libbzip2). This completes DKGPG's compatibility
with other OpenPGP software, however, the prefered compression algorithm
(i.e. 'no compression') in self-signatures of generated keys is kept
for now. Support for symmetric-key decryption by dkg-decrypt has been
added too. The program dkg-verify now reads the signature from a file,
if option '-s' is used. To keep track of later protocol changes, all
interactive programs include a version identifier in their common ID of
the reliable broadcast channel. Thus programs from previous releases
will not communicate with those of this release. With the new programs
dkg-timestamp and dkg-timestamp-verify a OpenPGP timestamp signature
can be generated and verified, respectively. Last but not least, by the
new option '-y' some programs (dkg-generate, dkg-decrypt, dkg-sign,
dkg-keysign, and dkg-timestamp) will work with regular OpenPGP keys too.
The README file contains a configuration sample showing how to replace
classic PGP by DKGPG in the famous mail user agent mutt based on this
option. Please note that this feature is experimental and semantics
may be changed later.
Update to 1.0.7:
* Small improvments due to the new OpenPGP structures from libTMCG
* '-k' option has been added to further programs
* OpenPGP cleartext signatures can be generated with the '-t' option
* Output of potentially malicious user IDs has been sanitized in
dkg-keycheck, dkg-keyinfo, and dkg-keysign
Patchnames
openSUSE-2019-1951
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for dkgpg, libTMCG",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n \nThis update for dkgpg, libTMCG fixes the following issues:\n\nlibTMCG was updated to version 1.3.18\n\n* This release is two-fold: first, it fixes some bugs (e.g. iterated S2K)\n of the OpenPGP interface, and second, it adds functionality for handling\n v5 keys and signatures (see RFC 4880bis-07).\n\nUpdate to version 1.3.17\n\n* VTMF,ASTC,DKG,VRHE,EOTP,COM,VSS: make CheckGroup() more robust\n* VSSHE: security bugfix for Verify_[non]interactive_[_publiccoin]\n* mpz_spowm: added check for correct base in fast exponentiation\n* mpz_sqrtm: remove unused parameter in tmcg_mpz_qrmn_p()\n* configure.ac: added compiler option \u0027-Wextra\u0027\n* mpz_sprime: added tmcg_mpz_smprime() with increased B = 80000\n* RFC4880: changed type of tmcg_openpgp_mem_alloc to unsigned long\n\nUpdate to version 1.3.16\n\n* changed constant TMCG_MAX_CARDS (decreased by factor 2)\n* changed formulas for TMCG_MAX_VALUE_CHARS and TMCG_MAX_KEY_CHARS\n* RFC4880: added support of Preferred AEAD Algorithms [RFC 4880bis]\n* RFC4880: added output for key usage \u0027timestamping\u0027 [RFC 4880bis]\n* RFC4880: changed tmcg_openpgp_byte_t: unsigned char -\u003e uint8_t\n* RFC4880: added PacketAeadEncode() [RFC 4880bis]\n* RFC4880: added SymmetricDecryptAEAD() and SymmetricEncryptAEAD()\n* changed formula for TMCG_MAX_KEYBITS (increased by factor 2)\n* mpz_srandom: bugfix in Botan code branch of mpz_grandomb()\n\nUpdate to version 1.3.15:\n\n* This is a maintenance release that fixes some bugs, e.g. in the Botan\n support of functions from module mpz_srandom. Moreover, some interfaces\n of the OpenPGP implemenation have been added and removed. For some\n modules of LibTMCG a basic exception handling has been introduced.\n\nUpdate to version 1.3.14:\n\n* With this release three additional parameters for the control of secure\n memory allocation have been added to init_libTMCG(). They are explained\n in the reference manual. Moreover, the OpenPGP interface has been\n enhanced in several way, e.g., ECDH, ECDSA and EdDSA are supported now.\n\nUpdate to 1.3.13:\n\n* Lots of major improvements for undocumented OpenPGP interface\n* PRNG from Botan is used as additional source of randomness\n* SHA3 is emulated if runtime version of libgcrypt is too old\n\ndkgpg was updated to version 1.1.3: \n\n* This is a bugfix release that includes only three minor improvements: a\n direct-key signature (0x1f) for the primary key is added by default such\n that restricting key servers (e.g. keys.openpgp.org) can deliver a\n cryptographically checkable key without verification of any included\n user ID or without appended subkey. The command line interface of\n dkg-decrypt has been improved in order to give users an easy access to\n the symmetric-key decryption mode. An additional option (\u0027-5\u0027) for\n dkg-sign allows to generate V5 signatures (cf. draft RFC 4880bis).\n\nUpdate to version 1.1.2:\n\n* This release adds a lot of features to some programs: two new options\n (\u0027-K\u0027 and \u0027-f\u0027) allow dkg-keysign to read the certification key from a\n keyring instead of a single key block file. Moreover, with option \u0027-a\u0027\n an interactive confirmation by the user is required for each signature.\n Passive support of V5 keys (cf. draft RFC 4880bis) has been added for\n all programs, however, dkg-generate still generates V4 keys only,\n because this new feature of the draft is not widely spread. There is\n also a new encryption capability: an empty KEYSPEC tells dkg-encrypt to\n create a symmetric-key encrypted session key, i.e., the user has to\n supply a passphrase for encryption and decryption without any public-key\n cryptography involved. Last but not least, two bugs have been fixed:\n First, dkg-decrypt failed on many ZIP-compressed OpenPGP messages with \n \u0027ZLIB ERROR: -3 invalid block type\u0027 due to a bug in decompression logic.\n Second, dkg-decrypt failed in a special case of symmetric-key encrypted\n session keys. Finally, the non-installing program dkg-fuzzer (generates\n fuzzy samples of somehow corrupted OpenPGP stuctures) has been added.\n\nUpdate to version 1.1.1:\n\n* Some small improvements have been applied for dkg-generate: Two new\n options (\u0027-u\u0027 and \u0027-N\u0027) allow providing the initial user ID and to\n disable the passphrase at command line. Moreover, since this release\n dkg-timestamp and dkg-timestamp-verify require a special key usage flag\n from recent RFC 4880bis draft to select so-called timestamping keys.\n Finally, the synchronization time of the internally used broadcast\n protocol was reduced to a more reasonable amount and in dkg-decrypt the\n detection of end of data for message and decryption shares was changed.\n\nUpdate to version 1.1.0:\n\n* This release supports Authenticated Encryption with Associated Data (AEAD)\n in accordance to RFC 4880bis (draft); this can be enforced with the new\n added option \u0027-a\u0027 when dkg-(d)encrypt is used. For using domain parameters,\n as described in RFC 7919, one should specify the new option \u0027-r\u0027, when\n dkg-gencrs is used. Last, for key generation (dkg-generate) the timestamp\n option was added ( \u0027--timestamping\u0027) which sets a key usage flag.\n\n- Update to version 1.0.9\n This release improves the possibilities of DKGPG further. With the new\n programs dkg-adduid and dkg-revuid an user ID can be added and revoked,\n respectively. The program dkg-revoke now supports a human-readable\n reason for revocation (by option \u0027-R\u0027) and dkg-decrypt verifies an\n included signature according to a given key ring (option \u0027-k\u0027). Last\n but not least, by the program dkg-addrevoker an external revocation\n key can be specified.\n\nUpdate to version 1.0.8:\n\n* First of all, passive support for ECDSA, ECDH, and EdDSA (cf. RFC 6637\n and Werner Koch\u0027s draft RFC 4880bis) has been added by relying on the\n most recent version of LibTMCG. The threshold signature scheme and the\n threshold encryption are still limited to finite field cryptography\n (i.e. DSA and ElGamal). Moreover, the programs generate and recognize\n a few other new OpenPGP features (e.g. issuer fingerprint subpackets)\n from RFC 4880bis. Compressed messages are now decompressed by the\n program dkg-decrypt using zlib Compression Library (and optionally by\n library routines from libbzip2). This completes DKGPG\u0027s compatibility\n with other OpenPGP software, however, the prefered compression algorithm\n (i.e. \u0027no compression\u0027) in self-signatures of generated keys is kept\n for now. Support for symmetric-key decryption by dkg-decrypt has been\n added too. The program dkg-verify now reads the signature from a file,\n if option \u0027-s\u0027 is used. To keep track of later protocol changes, all\n interactive programs include a version identifier in their common ID of\n the reliable broadcast channel. Thus programs from previous releases\n will not communicate with those of this release. With the new programs\n dkg-timestamp and dkg-timestamp-verify a OpenPGP timestamp signature\n can be generated and verified, respectively. Last but not least, by the\n new option \u0027-y\u0027 some programs (dkg-generate, dkg-decrypt, dkg-sign,\n dkg-keysign, and dkg-timestamp) will work with regular OpenPGP keys too.\n The README file contains a configuration sample showing how to replace\n classic PGP by DKGPG in the famous mail user agent mutt based on this\n option. Please note that this feature is experimental and semantics\n may be changed later.\n\nUpdate to 1.0.7:\n\n* Small improvments due to the new OpenPGP structures from libTMCG\n* \u0027-k\u0027 option has been added to further programs\n* OpenPGP cleartext signatures can be generated with the \u0027-t\u0027 option\n* Output of potentially malicious user IDs has been sanitized in\n dkg-keycheck, dkg-keyinfo, and dkg-keysign\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-1951",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1951-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:1951-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IADAFI3WTBKCENTSS6TLI6FHVSH6IGFY/#IADAFI3WTBKCENTSS6TLI6FHVSH6IGFY"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:1951-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IADAFI3WTBKCENTSS6TLI6FHVSH6IGFY/#IADAFI3WTBKCENTSS6TLI6FHVSH6IGFY"
}
],
"title": "Recommended update for dkgpg, libTMCG",
"tracking": {
"current_release_date": "2019-08-19T11:36:27Z",
"generator": {
"date": "2019-08-19T11:36:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:1951-1",
"initial_release_date": "2019-08-19T11:36:27Z",
"revision_history": [
{
"date": "2019-08-19T11:36:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dkgpg-1.1.3-lp151.3.3.1.x86_64",
"product": {
"name": "dkgpg-1.1.3-lp151.3.3.1.x86_64",
"product_id": "dkgpg-1.1.3-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libTMCG-devel-1.3.18-lp151.3.3.1.x86_64",
"product": {
"name": "libTMCG-devel-1.3.18-lp151.3.3.1.x86_64",
"product_id": "libTMCG-devel-1.3.18-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libTMCG18-1.3.18-lp151.3.3.1.x86_64",
"product": {
"name": "libTMCG18-1.3.18-lp151.3.3.1.x86_64",
"product_id": "libTMCG18-1.3.18-lp151.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dkgpg-1.1.3-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:dkgpg-1.1.3-lp151.3.3.1.x86_64"
},
"product_reference": "dkgpg-1.1.3-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libTMCG-devel-1.3.18-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libTMCG-devel-1.3.18-lp151.3.3.1.x86_64"
},
"product_reference": "libTMCG-devel-1.3.18-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libTMCG18-1.3.18-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libTMCG18-1.3.18-lp151.3.3.1.x86_64"
},
"product_reference": "libTMCG18-1.3.18-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dkgpg-1.1.3-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:dkgpg-1.1.3-lp151.3.3.1.x86_64"
},
"product_reference": "dkgpg-1.1.3-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libTMCG-devel-1.3.18-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libTMCG-devel-1.3.18-lp151.3.3.1.x86_64"
},
"product_reference": "libTMCG-devel-1.3.18-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libTMCG18-1.3.18-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libTMCG18-1.3.18-lp151.3.3.1.x86_64"
},
"product_reference": "libTMCG18-1.3.18-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…