Mozilla community member Watson Ladd reported that the implementation of Elliptical Curve Cryptography (ECC) multiplication for Elliptic Curve Digital Signature Algorithm (ECDSA) signature validation in Network Security Services (NSS) did not handle exceptional cases correctly. This could potentially allow for signature forgery. This issue was fixed in NSS version 3.19.1. External Reference: http://www.mozilla.org/security/announce/2015/mfsa2015-64.html Acknowledgements: Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Watson Ladd as the original reporter.
Upstream commits: https://hg.mozilla.org/projects/nss/rev/2c05e861ce07 https://hg.mozilla.org/projects/nss/rev/fc6870938172 This issue was fixed in NSS version 3.19.1.
This issue was fixed in Red Hat Enterprise Linux 6 and 7 via the following advisory: https://rhn.redhat.com/errata/RHSA-2015-1185.html
Statement: (none)
Created attachment 1057176 [details] Check for P == Q or P == -Q before adding P and Q. Identical to https://hg.mozilla.org/projects/nss/rev/2c05e861ce07
Created attachment 1057177 [details] Mark ec_GFp_pt_dbl_jm and ec_GFp_pt_add_jm_aff as static Identical to https://hg.mozilla.org/projects/nss/rev/fc6870938172
Created attachment 1057190 [details] spec file changes - in patch format
scratch build: https://brewweb.devel.redhat.com/taskinfo?taskID=9601846
Comment on attachment 1057177 [details] Mark ec_GFp_pt_dbl_jm and ec_GFp_pt_add_jm_aff as static r- just drop this patch. it's not part of CVE, it's just cleanup.
Comment on attachment 1057176 [details] Check for P == Q or P == -Q before adding P and Q. r+
Comment on attachment 1057190 [details] spec file changes - in patch format drop patch 101.
Created attachment 1057375 [details] spec file changes - V2 - in patch format This version drops unneeded Patch101 per review request.
Comment on attachment 1057375 [details] spec file changes - V2 - in patch format In the change log I should replace "Backport two upstreram patches ..." with "Pick up upstream patch ...".
Comment on attachment 1057375 [details] spec file changes - V2 - in patch format This patch isn't any different, I think you attached the wrong file;(.
Created attachment 1057379 [details] spec file changes - V3 - in patch format You are right, wrong copy. Let's hope 3 is the lucky one.
Comment on attachment 1057379 [details] spec file changes - V3 - in patch format This isn't the spec patch...
Comment on attachment 1057379 [details] spec file changes - V3 - in patch format r+ OK, this is both the spec file and the real patch combined.
Created attachment 1057382 [details] spec file changes - V4 - in patch format
Nitpick: V4 changes "Backport" to "Pickup up" in the change log entry as I had intended.
Bob, hold on to the review for a short while, I just saw your email reminding me that I should "... include a check list of the things you checked before doing the rebase. The imporant ones are: 1) make sure you revert any upstream default changes between the current RHEL-5 and your 3.19.1. Your RHEL-6 should help with that. 2) make sure you pick up Martin's fix for the client auth regression caused in 3.19.1 (caused, in fact by the very fix you are trying to pick up). Upstream bug is: https://bugzilla.mozilla.org/show_bug.cgi?id=1173413" Let me do that.
Created attachment 1060043 [details] Check for P == Q or P ==-Q before adding P and Q For nss-softokn on rhel-7as requested. Same as upstream and for rhel-5-11.
Created attachment 1060044 [details] Mark two functions as static For nss-softokn on rhel-7 as requested, same as upstream.
Created attachment 1060045 [details] changes to nss-softon.spec (rhel-7.2) - in patch format
https://brewweb.devel.redhat.com/taskinfo?taskID=9654871 is a scratch build with those changes applied.
Comment on attachment 1060043 [details] Check for P == Q or P ==-Q before adding P and Q r+ rrelyea
Comment on attachment 1060044 [details] Mark two functions as static r- drop this patch. It's not part of the security fix.
Comment on attachment 1060045 [details] changes to nss-softon.spec (rhel-7.2) - in patch format r- drop patch 103. bob
(In reply to Huzaifa S. Sidhpurwala from comment #2) > This issue was fixed in Red Hat Enterprise Linux 6 and 7 via the following > advisory: > > https://rhn.redhat.com/errata/RHSA-2015-1185.html Upon further investigation, it seems the above statement is incorrect. The rebase was only applied to the nss package. Where as the upstream commits (mentioned in comment #1) affect the part of code which is packaged as nss-softokn (In Red Hat Enterprise Linux 6 and 7).
In comment 35, the tracking bugs have Component: nss. That should be changed to be Component: nss-softokn.
(In reply to Elio Maldonado Batiz from comment #38) Changed all to Component: nss-softokn.
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:1664 https://rhn.redhat.com/errata/RHSA-2015-1664.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2015:1699 https://rhn.redhat.com/errata/RHSA-2015-1699.html