On Wed, Jan 04, 2017 at 01:14:19PM +0100, Sebastian Ramacher wrote:
> On 2017-01-03 13:07:38, Zed Pobre wrote:
> > Despite that, I think I agree that paramiko needs to change. The
> > problem is that this is a stable distribution, and the patch that
> > causes this problem, used to fix #849495, is really just attempting to
> > prevent bad usage by other programs, not inherently fixing a security
> > flaw. In addition, the CTR component isn't actually dangerous, just
> > "confusing".
> >
> > I propose that you remove the following from src/block_template.c:
> >
> > ++ if (IVlen != 0 && mode == MODE_CTR)
> > ++ {
> > ++ PyErr_Format(PyExc_ValueError,
> > ++ "CTR mode needs counter parameter, not IV");
> > ++ return NULL;
> > ++ }
>
> No, dropping thas would open up the vulnerability again. For jessie the
> exception was downgraded to a warning and IVlen set to 0.
>
> For wheezy LTS I sent the updated patch to Chris Lamb (CCed). I'd expect an
> update there soon.
Unfortunately, python-crypto 2.6-4+deb7u5 does not fix the problem. I
would like to reiterate that as far as CTR is concerned *there is no
vulnerability* according to all the discussion I have read on it thus
far -- at worst, it could be considered "confusing" and lead to
third-party misuse of the library, no examples of which in the wild
have yet been presented.
The main threat came from ECB. Removing the MODE_CTR IVlen check will
not affect that.
Unless the deb7u5 release is found to have incorrectly applied the
'downgraded to warning' patch and can be easily fixed, please
reconsider reverting just the MODE_CTR component to prevent
regression, especially considering that the alternative that most
sites will have to take is to run:
apt-get install python-crypto=2.6-4+deb7u3
echo "python-crypto hold" | dpkg --set-selections
and go about their business, which is even worse from a security
standpoint (now they don't even get protection from ECB misuse).
Regards,
Zed
