Brian May <br...@linuxpenguins.xyz> writes: > My attempts to run the reproducer program have not been successful, as > *none* of the signatures validate. Not even the known good case.
I worked it out. The source had: -----BEGIN PGP PUBLIC KEY BLOCK----- mQENBFyeB6MBCAC+X0+7sQkrpg4zjQGj9NQSwPvDV5JjWxIXpf1n+mtrZewO8RvR But we really need a newline between these two lines. I created a reproducer for this for various Debian versions using Docker: https://salsa.debian.org/bam/cve-2019-11841 As per the note in the security tracker: https://go.googlesource.com/crypto/+/c05e17bb3b2dca130fc919668a96b4bec9eb9442 Patch fixes the second part of the CVE ("prepend arbitrary text") but not the first ("ignores the value of [the Hash] header"), as hinted at reporter's 2019-05-09 note: https://packetstormsecurity.com/files/152840/Go-Cryptography-Libraries-Cleartext-Message-Spoofing.html When I run my script I get the following output: === cut === Testing debian:stretch Sending build context to Docker daemon 78.85kB Step 1/6 : ARG IMAGE Step 2/6 : FROM ${IMAGE:-debian:bullseye} ---> 6d935b41319b Step 3/6 : RUN apt-get update && apt-get install -y golang golang-golang-x-crypto-dev && rm -rf /var/lib/apt/lists/* ---> Using cache ---> 59138999d865 Step 4/6 : WORKDIR /opt ---> Using cache ---> 0d3cd2502ca0 Step 5/6 : COPY sig_spoof.go . ---> Using cache ---> fca2fb7cdbb9 Step 6/6 : CMD GOPATH=/usr/share/gocode/ go run sig_spoof.go ---> Using cache ---> d1abe6a096eb Successfully built d1abe6a096eb Successfully tagged cve-2019-11841:debian_stretch Verifying not tampered... Signature accepted! Verifying spoofed hash... Signature accepted! Verifying spoofed cleartext... Signature accepted! Testing debian:buster Sending build context to Docker daemon 78.85kB Step 1/6 : ARG IMAGE Step 2/6 : FROM ${IMAGE:-debian:bullseye} ---> ee11c54e6bb7 Step 3/6 : RUN apt-get update && apt-get install -y golang golang-golang-x-crypto-dev && rm -rf /var/lib/apt/lists/* ---> Using cache ---> 58c133d72716 Step 4/6 : WORKDIR /opt ---> Using cache ---> 4d0b655f72c4 Step 5/6 : COPY sig_spoof.go . ---> Using cache ---> 58ddeb727942 Step 6/6 : CMD GOPATH=/usr/share/gocode/ go run sig_spoof.go ---> Using cache ---> c08127a525a3 Successfully built c08127a525a3 Successfully tagged cve-2019-11841:debian_buster Verifying not tampered... Signature accepted! Verifying spoofed hash... Signature accepted! Verifying spoofed cleartext... Signature accepted! Testing debian:bullseye Sending build context to Docker daemon 78.85kB Step 1/6 : ARG IMAGE Step 2/6 : FROM ${IMAGE:-debian:bullseye} ---> 0622e5011273 Step 3/6 : RUN apt-get update && apt-get install -y golang golang-golang-x-crypto-dev && rm -rf /var/lib/apt/lists/* ---> Using cache ---> 62064fd7dc75 Step 4/6 : WORKDIR /opt ---> Using cache ---> 62ad4e1fc354 Step 5/6 : COPY sig_spoof.go . ---> Using cache ---> 57f8ae6b45ef Step 6/6 : CMD GOPATH=/usr/share/gocode/ go run sig_spoof.go ---> Using cache ---> 7297eba7a4b6 Successfully built 7297eba7a4b6 Successfully tagged cve-2019-11841:debian_bullseye Verifying not tampered... Signature accepted! Verifying spoofed hash... Signature accepted! Verifying spoofed cleartext... No clearsign text found Done === cut === All of the distributions fail (as in the last two tests pass when they should now), but bullseye at least fixes one of the failures. So it looks like this was incorrectly marked as fixed (note bulleye and sid have the same version of this package). -- Brian May <b...@debian.org>
