Bug 2072045 (CVE-2022-28352)

Summary: CVE-2022-28352 weechat: allows man-in-the-middle attackers to spoof a TLS chat server
Product: [Other] Security Response Reporter: Marian Rehak <mrehak>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: gchamoul, i, karlthered, michel, niveusluna, peter.borsa
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: weechat 3.4.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2072046    
Bug Blocks:    

Description Marian Rehak 2022-04-05 13:42:59 UTC 
WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify the TLS certificate of the server, after certain GnuTLS options are changed, which allows man-in-the-middle attackers to spoof a TLS chat server via an arbitrary certificate. NOTE: this only affects situations where weechat.network.gnutls_ca_system or weechat.network.gnutls_ca_user is changed without a WeeChat restart.

Reference:

https://weechat.org/doc/security/WSA-2022-1/
https://github.com/weechat/weechat/issues/1763
Comment 1 Marian Rehak 2022-04-05 13:43:15 UTC 
Created weechat tracking bugs for this issue:

Affects: epel-7 [bug 2072046]