Bug 1053725 (CVE-2013-1740)
Summary: | CVE-2013-1740 nss: false start PR_Recv information disclosure security issue | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Ratul Gupta <ratulg> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | emaldona, hkario, jkurik, kdudka, kengert, pfrields, rrelyea |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | nss 3.15.4 | Doc Type: | Bug Fix |
Doc Text: |
A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2014-09-18 03:03:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1032472, 1054456, 1054457, 1101846, 1113849, 1113853 | ||
Bug Blocks: | 1054104, 1063682 |
Description
Ratul Gupta
2014-01-15 17:02:25 UTC
By default, NSS ships with false start disabled, for which the above patch works and was implemented in NSS 3.15.3. The upstream bug noted actually has fixes from another upstream bug [1] which notes the actual upstream commit [2], however the next noted commit [3] may also be required. [1] https://bugzilla.mozilla.org/show_bug.cgi?id=713933 [2] https://hg.mozilla.org/projects/nss/rev/1b9c43d28713 [3] https://hg.mozilla.org/projects/nss/rev/f28426e944ae According to this document, False Start has been implemented in NSS since 3.12.9: https://technotes.googlecode.com/git/falsestart.html I'm unable to find any corresponding note or changelog for nss to back it up, however. Created nss tracking bugs for this issue: Affects: fedora-all [bug 1054456] (In reply to Vincent Danen from comment #5) > According to this document, False Start has been implemented in NSS since > 3.12.9: > > https://technotes.googlecode.com/git/falsestart.html > > I'm unable to find any corresponding note or changelog for nss to back it > up, however. Vincent, Looking at old cvs history (nss switched from cvs to mercurial last year) I see this commit ---------------------------- revision 1.39 date: 2010/07/30 03:00:16; author: wtc%google.com; state: Exp; lines: +12 -1 Bug 525092: Support TLS false start. The patch is contributed by Adam Langley of Google <agl>. r=wtc. Modified Files: cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3gthr.c lib/ssl/sslimpl.h lib/ssl/sslsecur.c lib/ssl/sslsock.c tests/ssl/sslstress.txt ---------------- See https://bugzilla.mozilla.org/show_bug.cgi?id=525092 This may be what you are looking for. -Elio (In reply to Elio Maldonado Batiz from comment #8) ... > See https://bugzilla.mozilla.org/show_bug.cgi?id=525092 > This may be what you are looking for. Thanks, Elio. That's exactly it. Last comment in that bug is: "Patch checked in on the NSS trunk (NSS 3.13) and NSS_3_12_BRANCH (NSS 3.12.8)." which is pretty close to the 3.12.9 version I had indicated. Thanks for that confirmation. nss-3.15.4-1.fc20, nss-softokn-3.15.4-1.fc20, nss-util-3.15.4-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. nss-3.15.4-1.fc19, nss-softokn-3.15.4-1.fc19, nss-util-3.15.4-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. Statement: (none) This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0917 https://rhn.redhat.com/errata/RHSA-2014-0917.html IssueDescription: A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2014:1246 https://rhn.redhat.com/errata/RHSA-2014-1246.html |