Fwd: [ PRIVACY Forum ] Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

[mpalmer at hezmatt.org (Matt Palmer)]

On Tue, Mar 04, 2014 at 10:07:56PM -0500, Jay Ashworth wrote:
> Oh hell.
> 
> Is this the *same* bug that just broke in Apple code last week?

I'd be surprised if Apple used GnuTLS, on licencing grounds...

> > widely used cryptographic code library. The bug in the GnuTLS library

On the other hand, the DSA does sound *awfully* familiar:

    http://www.debian.org/security/2014/dsa-2869

Looking at the patch included in the sid version referenced in that DSA
(also available at
https://www.gitorious.org/gnutls/gnutls/commit/6aa26f78150ccbdf0aec1878a41c17c41d358a3b),
the general class of logic error involved is somewhat similar to the Apple
case.  Thankfully, we can see the full revision history of GnuTLS, and it
looks like Nikos both fixed the bug *and* introduced it (at least, the 'goto
cleanup' tests were introduced in 0fba2d90, way back in October 2003 -- it
may have been safe then and someone else mucked up the cleanup code to break
it; I haven't looked that deeply).

Fun times indeed.  "Once is happenstance, twice is coincidence..."

- Matt