[debian-mysql] Bug#699886: Bug#699886: TLS timing attack in yaSSL (Lucky 13)

Clint Byrum spamaps at debian.org
Wed Mar 27 13:28:00 UTC 2013 


Thanks Michael! I suspect that we will see 2.2.2d in one of the upcoming releases from Oracle. While I would prefer to ship wheezy with no known security bugs, I don't have much time to build and test a new package. If someone else wants to do that I will gladly sponsor it.

-----Original Message-----
From: Michael Stapelberg <stapelberg at debian.org>
To: Thijs Kinkhorst <thijs at debian.org>, 699886 at bugs.debian.org, control at bugs.debian.org
Sent: Wed, 27 Mar 2013 3:09
Subject: [debian-mysql] Bug#699886: TLS timing attack in yaSSL (Lucky 13)

Control: tags -1 +patch

Hi Thijs,

Thijs Kinkhorst <thijs at debian.org> writes:
> Nadhem Alfardan and Kenny Paterson have discovered a weakness in the handling
> of CBC ciphersuites in SSL, TLS and DTLS. Their attack exploits timing
> differences arising during MAC processing. Details of this attack can be
> found at: http://www.isg.rhul.ac.uk/tls/
>
> The issue has been fixed in upstream yaSSL 2.5.0:
> http://www.yassl.com/yaSSL/Docs-cyassl-changelog.html
Currently, MySQL uses yaSSL 2.2.2. yaSSL has released version 2.2.2d
which addresses this problem.

I downloaded yassl-2.2.2.zip from
http://fossies.org/unix/privat/yassl-2.2.2.zip and yassl-2.2.2d.zip from
http://yassl.com/yaSSL/download

I then created a git repo in 2.2.2 and copied over the files from
2.2.2d. The following files differ:

$ git status | grep 'modified' | grep -v '\.in$' | grep -v '\(INSTALL\|README\|aclocal.m4\|config.guess\|config.sub\|configure\|depcomp\|install-sh\|ltmain.sh\|missing\|mkinstalldirs\)'
#	modified:   include/openssl/ssl.h
#	modified:   include/yassl_error.hpp
#	modified:   include/yassl_types.hpp
#	modified:   src/handshake.cpp
#	modified:   src/yassl_error.cpp
#	modified:   src/yassl_imp.cpp
#	modified:   taocrypt/include/asn.hpp
#	modified:   taocrypt/include/sha.hpp
#	modified:   taocrypt/src/asn.cpp

I then created a patch and modified it so that it (somewhat) applies to
the MySQL source:

git diff include/openssl/ssl.h include/yassl_error.hpp include/yassl_types.hpp src/handshake.cpp src/yassl_error.cpp src/yassl_imp.cpp taocrypt/include/asn.hpp taocrypt/include/sha.hpp taocrypt/src/asn.cpp > yassl.patch
sed -i 's,\([iw]\)/,\1/extra/yassl/,g' yassl.patch
dos2unix yassl.patch

Then, I used quilt to get the patch in shape:

cd /tmp/mysql-5.5-5.5.30+dfsg
export QUILT_PATCHES=debian/patches
quilt import ../yassl-2.2.2/yassl.patch
quilt push -f
# apply 4 hunks of the patch manually
quilt refresh

I attached the result to this email, hopefully that helps.
Note that I didn’t compile and test MySQL.

-- 
Best regards,
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20130327/bfbb7053/attachment.html>

More information about the pkg-mysql-maint mailing list