Version in base suite: 3.6.7-4+deb10u2 Base version: gnutls28_3.6.7-4+deb10u2 Target version: gnutls28_3.6.7-4+deb10u3 Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/gnutls28/gnutls28_3.6.7-4+deb10u2.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/g/gnutls28/gnutls28_3.6.7-4+deb10u3.dsc changelog | 12 +++ patches/43_rel3.6.13_01-dtls-client-hello-fix-zeroed-random-fixes-960.patch | 31 ++++++++++ patches/series | 1 3 files changed, 44 insertions(+) diff -Nru gnutls28-3.6.7/debian/changelog gnutls28-3.6.7/debian/changelog --- gnutls28-3.6.7/debian/changelog 2020-01-19 13:03:08.000000000 +0000 +++ gnutls28-3.6.7/debian/changelog 2020-04-03 19:31:50.000000000 +0000 @@ -1,3 +1,15 @@ +gnutls28 (3.6.7-4+deb10u3) buster-security; urgency=high + + * Non-maintainer upload by the Security Team. + * GNUTLS-SA-2020-03-31: dtls client hello: fix zeroed random + (CVE-2020-11501) + Fix a DTLS-protocol regression (caused by TLS1.3 support), since + 3.6.3. The DTLS client would not contribute any randomness to the + DTLS negotiation, breaking the security guarantees of the DTLS + protocol. (Closes: #955556) + + -- Salvatore Bonaccorso Fri, 03 Apr 2020 21:31:50 +0200 + gnutls28 (3.6.7-4+deb10u2) buster; urgency=medium * Fix parsing of certificates using RegisteredID Closes: #949293 diff -Nru gnutls28-3.6.7/debian/patches/43_rel3.6.13_01-dtls-client-hello-fix-zeroed-random-fixes-960.patch gnutls28-3.6.7/debian/patches/43_rel3.6.13_01-dtls-client-hello-fix-zeroed-random-fixes-960.patch --- gnutls28-3.6.7/debian/patches/43_rel3.6.13_01-dtls-client-hello-fix-zeroed-random-fixes-960.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnutls28-3.6.7/debian/patches/43_rel3.6.13_01-dtls-client-hello-fix-zeroed-random-fixes-960.patch 2020-04-03 19:31:50.000000000 +0000 @@ -0,0 +1,31 @@ +From: =?UTF-8?q?Stefan=20B=C3=BChler?= +Date: Fri, 27 Mar 2020 17:17:57 +0100 +Subject: dtls client hello: fix zeroed random (fixes #960) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +https://gitlab.com/gnutls/gnutls/-/commit/c01011c2d8533dbbbe754e49e256c109cb848d0d +Bug: https://gitlab.com/gnutls/gnutls/-/issues/960 +Bug-Debian: https://bugs.debian.org/955556 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2020-11501 +Bug: https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-03-31 + +This broke with bcf4de03 "handshake: treat reply to HRR as a reply to +hello verify request", which failed to "De Morgan" properly. + +Signed-off-by: Stefan Bühler +--- + lib/handshake.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/lib/handshake.c ++++ b/lib/handshake.c +@@ -2221,7 +2221,7 @@ static int send_client_hello(gnutls_sess + /* Generate random data + */ + if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) && +- !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests == 0)) { ++ !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests != 0)) { + ret = _gnutls_gen_client_random(session); + if (ret < 0) { + gnutls_assert(); diff -Nru gnutls28-3.6.7/debian/patches/series gnutls28-3.6.7/debian/patches/series --- gnutls28-3.6.7/debian/patches/series 2020-01-19 12:21:22.000000000 +0000 +++ gnutls28-3.6.7/debian/patches/series 2020-04-03 19:31:50.000000000 +0000 @@ -7,3 +7,4 @@ 40_rel3.6.8_20-pubkey-remove-deprecated-TLS1_RSA-flag-check.patch 41_rel3.6.9_01-Support-for-Generalname-registeredID-from-RFC-5280-i.patch 42_rel3.6.10_01-gnutls_epoch_set_keys-do-not-forbid-random-padding.patch +43_rel3.6.13_01-dtls-client-hello-fix-zeroed-random-fixes-960.patch