[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: GnuTLS 2.8.2
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: GnuTLS 2.8.2 |
Date: |
Wed, 12 Aug 2009 10:54:34 +0200 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.1.50 (gnu/linux) |
Jeff Cai <address@hidden> writes:
>> What's New
>> ==========
>>
>> ** libgnutls: Fix problem with NUL bytes in X.509 CN and SAN fields.
>> By using a NUL byte in CN/SAN fields, it was possible to fool GnuTLS
>> into 1) not printing the entire CN/SAN field value when printing a
>> certificate and 2) cause incorrect positive matches when matching a
>> hostname against a certificate. Some CAs apparently have poor
>> checking of CN/SAN values and issue these (arguable invalid)
>> certificates. Combined, this can be used by attackers to become a
>> MITM on server-authenticated TLS sessions. The problem is mitigated
>> since attackers needs to get one certificate per site they want to
>> attack, and the attacker reveals his tracks by applying for a
>> certificate at the CA. It does not apply to client authenticated TLS
>> sessions. Research presented independently by Dan Kaminsky and Moxie
>> Marlinspike at BlackHat09. Thanks to Tomas Hoger <address@hidden>
>> for providing one part of the patch. [GNUTLS-SA-2009-4].
>
> How is it affecting old versions of gnutls like 2.6 and 2.4? Do they
> also need a patch applied if not upgrading them?
Yes. I believe all earlier versions are affected.
/Simon