← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2007-6755

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
active/CVE-2007-6755
1
 
Candidate: CVE-2007-6755
2
 
PublicDate: 2013-10-11
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6755
5
 
 https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
6
 
 http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect
7
 
 http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/
8
 
 http://rump2007.cr.yp.to/15-shumow.pdf
9
 
 http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html
10
 
 http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html
11
 
 http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/
12
 
Description:
13
 
 The NIST SP 800-90A default statement of the Dual Elliptic Curve
14
 
 Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point
15
 
 Q constants with a possible relationship to certain "skeleton key" values,
16
 
 which might allow context-dependent attackers to defeat cryptographic
17
 
 protection mechanisms by leveraging knowledge of those values.  NOTE: this
18
 
 is a preliminary CVE for Dual_EC_DRBG; future research may provide
19
 
 additional details about point Q and associated attacks, and could
20
 
 potentially lead to a RECAST or REJECT of this CVE.
21
 
Ubuntu-Description:
22
 
Notes:
23
 
 sarnold> Dual_EC_DRBG has been under suspicion long enough that I suspect
24
 
  none of our libraries use it by default, though some may make it available
25
 
  for legacy compatability. It might be worthwhile to remove it entirely, so
26
 
  that unsafe mechanisms aren't available to provide a false sense of safety.
27
 
 mdeslaur> openssl only seems to have Dual_EC_DRBG in the fips module, not
28
 
 mdeslaur> in the regular source.
29
 
Bugs:
30
 
Priority: low
31
 
Discovered-by:
32
 
Assigned-to:
33
 
 
34
 
Patches_openssl:
35
 
 upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a4870de5aaef562c0947494b410a2387f3a6d04d (1.0.1)
36
 
upstream_openssl: needs-triage
37
 
lucid_openssl: not-affected
38
 
precise_openssl: not-affected
39
 
precise/esm_openssl: not-affected
40
 
quantal_openssl: not-affected
41
 
raring_openssl: not-affected
42
 
saucy_openssl: not-affected
43
 
trusty_openssl: not-affected
44
 
utopic_openssl: not-affected
45
 
vivid_openssl: not-affected
46
 
vivid/stable-phone-overlay_openssl: not-affected
47
 
vivid/ubuntu-core_openssl: not-affected
48
 
wily_openssl: not-affected
49
 
xenial_openssl: not-affected
50
 
yakkety_openssl: not-affected
51
 
zesty_openssl: not-affected
52
 
artful_openssl: not-affected
53
 
bionic_openssl: not-affected
54
 
devel_openssl: not-affected
55
 
 
56
 
Patches_openssl098:
57
 
upstream_openssl098: needs-triage
58
 
lucid_openssl098: DNE
59
 
precise_openssl098: not-affected
60
 
precise/esm_openssl098: DNE (precise was not-affected)
61
 
quantal_openssl098: not-affected
62
 
raring_openssl098: not-affected
63
 
saucy_openssl098: not-affected
64
 
trusty_openssl098: not-affected
65
 
utopic_openssl098: not-affected
66
 
vivid_openssl098: not-affected
67
 
vivid/stable-phone-overlay_openssl098: DNE
68
 
vivid/ubuntu-core_openssl098: DNE
69
 
wily_openssl098: DNE
70
 
xenial_openssl098: DNE
71
 
yakkety_openssl098: DNE
72
 
zesty_openssl098: DNE
73
 
artful_openssl098: DNE
74
 
bionic_openssl098: DNE
75
 
devel_openssl098: DNE
76
 
 
77
 
Patches_polarssl:
78
 
upstream_polarssl: needs-triage
79
 
lucid_polarssl: ignored (reached end-of-life)
80
 
precise_polarssl: ignored (reached end-of-life)
81
 
precise/esm_polarssl: DNE (precise was needs-triage)
82
 
quantal_polarssl: ignored (reached end-of-life)
83
 
raring_polarssl: ignored (reached end-of-life)
84
 
saucy_polarssl: ignored (reached end-of-life)
85
 
trusty_polarssl: needs-triage
86
 
utopic_polarssl: ignored (reached end-of-life)
87
 
vivid_polarssl: ignored (reached end-of-life)
88
 
vivid/stable-phone-overlay_polarssl: DNE
89
 
vivid/ubuntu-core_polarssl: DNE
90
 
wily_polarssl: ignored (reached end-of-life)
91
 
xenial_polarssl: DNE
92
 
yakkety_polarssl: DNE
93
 
zesty_polarssl: DNE
94
 
artful_polarssl: DNE
95
 
bionic_polarssl: DNE
96
 
devel_polarssl: DNE
97
 
 
98
 
Patches_mbedtls:
99
 
upstream_mbedtls: needs-triage
100
 
precise_mbedtls: DNE
101
 
precise/esm_mbedtls: DNE
102
 
trusty_mbedtls: DNE
103
 
vivid_mbedtls: ignored (reached end-of-life)
104
 
vivid/stable-phone-overlay_mbedtls: DNE
105
 
vivid/ubuntu-core_mbedtls: DNE
106
 
wily_mbedtls: DNE
107
 
xenial_mbedtls: needs-triage
108
 
yakkety_mbedtls: ignored (reached end-of-life)
109
 
zesty_mbedtls: ignored (reached end-of-life)
110
 
artful_mbedtls: needs-triage
111
 
bionic_mbedtls: needs-triage
112
 
devel_mbedtls: needs-triage
113
 
 
114
 
Patches_nss:
115
 
upstream_nss: needs-triage
116
 
lucid_nss: not-affected
117
 
precise_nss: not-affected
118
 
precise/esm_nss: not-affected
119
 
quantal_nss: not-affected
120
 
raring_nss: not-affected
121
 
saucy_nss: not-affected
122
 
trusty_nss: not-affected
123
 
utopic_nss: not-affected
124
 
vivid_nss: not-affected
125
 
vivid/stable-phone-overlay_nss: not-affected
126
 
vivid/ubuntu-core_nss: DNE
127
 
wily_nss: not-affected
128
 
xenial_nss: not-affected
129
 
yakkety_nss: not-affected
130
 
zesty_nss: not-affected
131
 
artful_nss: not-affected
132
 
bionic_nss: not-affected
133
 
devel_nss: not-affected
134
 
 
135
 
Patches_gnutls28:
136
 
upstream_gnutls28: needs-triage
137
 
lucid_gnutls28: DNE
138
 
precise_gnutls28: not-affected
139
 
precise/esm_gnutls28: DNE (precise was not-affected)
140
 
quantal_gnutls28: not-affected
141
 
raring_gnutls28: not-affected
142
 
saucy_gnutls28: not-affected
143
 
trusty_gnutls28: not-affected
144
 
utopic_gnutls28: not-affected
145
 
vivid_gnutls28: not-affected
146
 
vivid/stable-phone-overlay_gnutls28: not-affected
147
 
vivid/ubuntu-core_gnutls28: not-affected
148
 
wily_gnutls28: not-affected
149
 
xenial_gnutls28: not-affected
150
 
yakkety_gnutls28: not-affected
151
 
zesty_gnutls28: not-affected
152
 
artful_gnutls28: not-affected
153
 
bionic_gnutls28: not-affected
154
 
devel_gnutls28: not-affected
155
 
 
156
 
Patches_gnutls26:
157
 
upstream_gnutls26: needs-triage
158
 
lucid_gnutls26: not-affected
159
 
precise_gnutls26: not-affected
160
 
precise/esm_gnutls26: not-affected
161
 
quantal_gnutls26: not-affected
162
 
raring_gnutls26: not-affected
163
 
saucy_gnutls26: not-affected
164
 
trusty_gnutls26: not-affected
165
 
utopic_gnutls26: not-affected
166
 
vivid_gnutls26: DNE
167
 
vivid/stable-phone-overlay_gnutls26: DNE
168
 
vivid/ubuntu-core_gnutls26: DNE
169
 
wily_gnutls26: DNE
170
 
xenial_gnutls26: DNE
171
 
yakkety_gnutls26: DNE
172
 
zesty_gnutls26: DNE
173
 
artful_gnutls26: DNE
174
 
bionic_gnutls26: DNE
175
 
devel_gnutls26: DNE
176
 
 
177
 
Patches_libgcrypt11:
178
 
upstream_libgcrypt11: needs-triage
179
 
lucid_libgcrypt11: not-affected
180
 
precise_libgcrypt11: not-affected
181
 
precise/esm_libgcrypt11: not-affected
182
 
quantal_libgcrypt11: ignored (reached end-of-life)
183
 
raring_libgcrypt11: ignored (reached end-of-life)
184
 
saucy_libgcrypt11: ignored (reached end-of-life)
185
 
trusty_libgcrypt11: not-affected
186
 
utopic_libgcrypt11: not-affected
187
 
vivid_libgcrypt11: DNE
188
 
vivid/stable-phone-overlay_libgcrypt11: DNE
189
 
vivid/ubuntu-core_libgcrypt11: DNE
190
 
wily_libgcrypt11: DNE
191
 
xenial_libgcrypt11: DNE
192
 
yakkety_libgcrypt11: DNE
193
 
zesty_libgcrypt11: DNE
194
 
artful_libgcrypt11: DNE
195
 
bionic_libgcrypt11: DNE
196
 
devel_libgcrypt11: DNE
197
 
 
198
 
Patches_bouncycastle:
199
 
upstream_bouncycastle: needs-triage
200
 
lucid_bouncycastle: ignored (reached end-of-life)
201
 
precise_bouncycastle: ignored (reached end-of-life)
202
 
precise/esm_bouncycastle: DNE (precise was needs-triage)
203
 
quantal_bouncycastle: ignored (reached end-of-life)
204
 
raring_bouncycastle: ignored (reached end-of-life)
205
 
saucy_bouncycastle: ignored (reached end-of-life)
206
 
trusty_bouncycastle: not-affected (code not present)
207
 
utopic_bouncycastle: ignored (reached end-of-life)
208
 
vivid_bouncycastle: ignored (reached end-of-life)
209
 
vivid/stable-phone-overlay_bouncycastle: DNE
210
 
vivid/ubuntu-core_bouncycastle: DNE
211
 
wily_bouncycastle: ignored (reached end-of-life)
212
 
xenial_bouncycastle: not-affected (code not present)
213
 
yakkety_bouncycastle: ignored (reached end-of-life)
214
 
zesty_bouncycastle: not-affected (code not present)
215
 
artful_bouncycastle: not-affected (code not present)
216
 
bionic_bouncycastle: not-affected (code not present)
217
 
devel_bouncycastle: not-affected (code not present)
218
 
 
219
 
Patches_python-crypto:
220
 
upstream_python-crypto: not-affected
221
 
lucid_python-crypto: ignored (reached end-of-life)
222
 
precise_python-crypto: not-affected
223
 
precise/esm_python-crypto: not-affected
224
 
quantal_python-crypto: ignored (reached end-of-life)
225
 
raring_python-crypto: ignored (reached end-of-life)
226
 
saucy_python-crypto: ignored (reached end-of-life)
227
 
trusty_python-crypto: not-affected
228
 
utopic_python-crypto: ignored (reached end-of-life)
229
 
vivid_python-crypto: ignored (reached end-of-life)
230
 
vivid/stable-phone-overlay_python-crypto: not-affected
231
 
vivid/ubuntu-core_python-crypto: not-affected
232
 
wily_python-crypto: ignored (reached end-of-life)
233
 
xenial_python-crypto: not-affected
234
 
yakkety_python-crypto: not-affected
235
 
zesty_python-crypto: not-affected
236
 
artful_python-crypto: not-affected
237
 
bionic_python-crypto: not-affected
238
 
devel_python-crypto: not-affected