[Secure-testing-team] Bug#776246: MD4 collision/preimage attacks (CVE-2014-8242)
Josh Triplett
josh at joshtriplett.org
Sun Jan 25 21:24:00 UTC 2015
Package: librsync1
Version: 0.9.7-10
Severity: grave
Tags: security upstream
See https://github.com/librsync/librsync/issues/5 . librsync uses MD4
as part of syncing; given the low strength and size of MD4, and the
relative ease of computing collisions/preimages, that makes librsync
unsafe to use on untrusted data, such as when running a duplicity
backup.
The upstream fix involves changing the signature format to use a strong
hash. The new version of librsync supports reading the old signature
format, but always writes the new one. So, fixing this has some of the
same implications as Berkeley DB upgrades. In particular, any
applications using librsync and its data format across multiple systems
will require upgrading any readers along with writers. I'd suggest
coordinating this with the reverse dependencies of librsync1.
- Josh Triplett
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.18.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages librsync1 depends on:
ii libc6 2.19-13
ii multiarch-support 2.19-13
librsync1 recommends no packages.
librsync1 suggests no packages.
-- no debconf information
More information about the Secure-testing-team
mailing list