[Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)
Jean-David Beyer
jeandavid8 at verizon.net
Sun Jun 10 22:50:23 CEST 2018
On 06/10/2018 01:25 PM, Juergen Bruckner wrote:
> Hello Werner,
>
> i Use Linux Mint 18.3 with GnuPG 2.1.11; which is the easiest way to
> Update it to 2.2.8?
>
>
> I'm pretty new to the Linux-World, but as far i know i have NOT included
> a "own" GnuPG Repo in my Repo-List.
>
> best regards
> Juergen
>
> Am 2018-06-08 um 15:40 schrieb Werner Koch:
>> Hello!
>>
>> We are pleased to announce the availability of a new GnuPG release:
>> version 2.2.8. This version fixes a critical security bug and comes
>> with some other minor changes.
>>
>>
>> Impact
>> ======
>>
>> All current GnuPG versions are affected on all platforms.
>>
>> All mail clients and other applications which make use of GPG but are
>> not utilizing the GPGME library might be affected.
>>
>> The OpenPGP protocol allows to include the file name of the original
>> input file into a signed or encrypted message. During decryption and
>> verification the GPG tool can display a notice with that file name. The
>> displayed file name is not sanitized and as such may include line feeds
>> or other control characters. This can be used inject terminal control
>> sequences into the out and, worse, to fake the so-called status
>> messages. These status messages are parsed by programs to get
>> information from gpg about the validity of a signature and an other
>> parameters. Status messages are created with the option "--status-fd N"
>> where N is a file descriptor. Now if N is 2 the status messages and the
>> regular diagnostic messages share the stderr output channel. By using a
>> made up file name in the message it is possible to fake status messages.
>> Using this technique it is for example possible to fake the verification
>> status of a signed mail.
>>
>> Although GnuPG takes great care to sanitize all diagnostic and status
>> output, the case at hand was missed but finally found and reported by
>> Marcus Brinkmann. CVE-2018-12020 was assigned to this bug; GnuPG tracks
>> it at <https://dev/gnupg.org/T4012>.
>>
>>
>> Solution
>> ========
>>
>> If your application uses GPGME your application is safe. Fortunately
>> most modern mail readers use GPGME, including GpgOL and KMail. Mutt
>> users should make sure to use "set crypt_use_gpgme".
>>
>> If you are parsing GnuPG status output and you use a dedicated file
>> descriptor with --status-fd you are safe. A dedicated file descriptor
>> is one that is not shared with the log output. The log output defaults
>> to stderr (2) but may be a different if the option --logger-fd is used.
>>
>> If you are not using --verbose you are safe. But take care: --verbose
>> might be specified in the config file. As a short term mitigation or if
>> you can't immediately upgrade to the latest versions, you can add
>> --no-verbose to the invocation of gpg.
>>
>> Another short term mitigation is to redirect the log output to a
>> different file: For example "--log-file /dev/null".
>>
>> The suggested solution is to update to GnuPG 2.2.8 or a vendor provided
>> update of their GnuPG version.
>>
>> To check whether the bug has been fixed you may use the simple test at
>> the end of this mail [1].
>>
>>
>> About GnuPG
>> ===========
>>
>> The GNU Privacy Guard (GnuPG) is a complete and free implementation
>> of the OpenPGP standard which is commonly abbreviated as PGP.
>>
>> GnuPG allows to encrypt and sign data and communication, features a
>> versatile key management system as well as access modules for public key
>> directories. GnuPG itself is a command line tool with features for easy
>> integration with other applications. A wealth of frontend applications
>> and libraries making use of GnuPG are available. As an Universal Crypto
>> Engine GnuPG provides support for S/MIME and Secure Shell in addition to
>> OpenPGP.
>>
>> GnuPG is Free Software (meaning that it respects your freedom). It can
>> be freely used, modified and distributed under the terms of the GNU
>> General Public License.
>>
>>
>> Noteworthy changes in version 2.2.8
>> ===================================
>>
>> * gpg: Decryption of messages not using the MDC mode will now lead
>> to a hard failure even if a legacy cipher algorithm was used. The
>> option --ignore-mdc-error can be used to turn this failure into a
>> warning. Take care: Never use that option unconditionally or
>> without a prior warning.
>>
>> * gpg: The MDC encryption mode is now always used regardless of the
>> cipher algorithm or any preferences. For testing --rfc2440 can be
>> used to create a message without an MDC.
>>
>> * gpg: Sanitize the diagnostic output of the original file name in
>> verbose mode. [#4012,CVE-2018-12020]
>>
>> * gpg: Detect suspicious multiple plaintext packets in a more
>> reliable way. [#4000]
>>
>> * gpg: Fix the duplicate key signature detection code. [#3994]
>>
>> * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
>> --disable-mdc and --no-disable-mdc have no more effect.
>>
>> * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
>> list of startup environment variables. [#3947]
>>
>>
>> Getting the Software
>> ====================
>>
>> Please follow the instructions found at <https://gnupg.org/download/> or
>> read on:
>>
>> GnuPG 2.2.8 may be downloaded from one of the GnuPG mirror sites or
>> direct from its primary FTP server. The list of mirrors can be found at
>> <https://gnupg.org/download/mirrors.html>. Note that GnuPG is not
>> available at ftp.gnu.org.
>>
>> The GnuPG source code compressed using BZIP2 and its OpenPGP signature
>> are available here:
>>
>> https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.8.tar.bz2 (6477k)
>> https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.8.tar.bz2.sig
>>
>> An installer for Windows without any graphical frontend except for a
>> very minimal Pinentry tool is available here:
>>
>> https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.2.8_20180608.exe (3916k)
>> https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.2.8_20180608.exe.sig
>>
>> The source used to build the Windows installer can be found in the same
>> directory with a ".tar.xz" suffix. A new Gpg4win installer featuring
>> this version of GnuPG will be available soon.
>>
>>
>> Checking the Integrity
>> ======================
>>
>> In order to check that the version of GnuPG which you are going to
>> install is an original and unmodified one, you can do it in one of
>> the following ways:
>>
>> * If you already have a version of GnuPG installed, you can simply
>> verify the supplied signature. For example to verify the signature
>> of the file gnupg-2.2.8.tar.bz2 you would use this command:
>>
>> gpg --verify gnupg-2.2.8.tar.bz2.sig gnupg-2.2.8.tar.bz2
>>
>> This checks whether the signature file matches the source file.
>> You should see a message indicating that the signature is good and
>> made by one or more of the release signing keys. Make sure that
>> this is a valid key, either by matching the shown fingerprint
>> against a trustworthy list of valid release signing keys or by
>> checking that the key has been signed by trustworthy other keys.
>> See the end of this mail for information on the signing keys.
>>
>> * If you are not able to use an existing version of GnuPG, you have
>> to verify the SHA-1 checksum. On Unix systems the command to do
>> this is either "sha1sum" or "shasum". Assuming you downloaded the
>> file gnupg-2.2.8.tar.bz2, you run the command like this:
>>
>> sha1sum gnupg-2.2.8.tar.bz2
>>
>> and check that the output matches the next line:
>>
>> d87553a125832ea90e8aeb3ceeecf24f88de56fb gnupg-2.2.8.tar.bz2
>> 3126ec2b7005063cbff95792208796dfa42c2a22 gnupg-w32-2.2.8_20180608.tar.xz
>> 231b29631647328934a35f8c6baa483e7594e26a gnupg-w32-2.2.8_20180608.exe
>>
>>
>> Internationalization
>> ====================
>>
>> This version of GnuPG has support for 26 languages with Chinese, Czech,
>> French, German, Japanese, Norwegian, Russian, and Ukrainian being almost
>> completely translated.
>>
>>
>> Documentation and Support
>> =========================
>>
>> If you used GnuPG in the past you should read the description of
>> changes and new features at doc/whats-new-in-2.1.txt or online at
>>
>> https://gnupg.org/faq/whats-new-in-2.1.html
>>
>> The file gnupg.info has the complete reference manual of the system.
>> Separate man pages are included as well but they miss some of the
>> details availabale only in thee manual. The manual is also available
>> online at
>>
>> https://gnupg.org/documentation/manuals/gnupg/
>>
>> or can be downloaded as PDF at
>>
>> https://gnupg.org/documentation/manuals/gnupg.pdf .
>>
>> The chapters on gpg-agent, gpg and gpgsm include information on how to
>> set up the whole thing. You may also want to search the GnuPG mailing
>> list archives or ask on the gnupg-users mailing list for advise on how
>> to solve problems. Most of the new features are around for several
>> years and thus enough public experience is available.
>>
>> Please consult the archive of the gnupg-users mailing list before
>> reporting a bug: <https://gnupg.org/documentation/mailing-lists.html>.
>> We suggest to send bug reports for a new release to this list in favor
>> of filing a bug at <https://bugs.gnupg.org>. If you need commercial
>> support check out <https://gnupg.org/service.html>.
>>
>> If you are a developer and you need a certain feature for your project,
>> please do not hesitate to bring it to the gnupg-devel mailing list for
>> discussion.
>>
>>
>> Thanks
>> ======
>>
>> Maintenance and development of GnuPG is mostly financed by donations.
>> The GnuPG project currently employs one full-time developer and one
>> contractor. Both work exclusively on GnuPG and closely related software
>> like Libgcrypt, GPGME, and GPA. We are planning to extend our team
>> again and to help developers to improve integration of crypto in their
>> applications.
>>
>> We have to thank all the people who helped the GnuPG project, be it
>> testing, coding, translating, suggesting, auditing, administering the
>> servers, spreading the word, and answering questions on the mailing
>> lists.
>>
>> Many thanks to our numerous financial supporters, both corporate and
>> individuals. Without you it would not be possible to keep GnuPG in a
>> good shape and address all the small and larger requests made by our
>> users. Thanks.
>>
>>
>> Happy hacking,
>>
>> Your GnuPG hackers
>>
>>
>>
>> p.s.
>> This is an announcement only mailing list. Please send replies only to
>> the gnupg-users'at'gnupg.org mailing list.
>>
>> p.p.s
>> List of Release Signing Keys:
>>
>> To guarantee that a downloaded GnuPG version has not been tampered by
>> malicious entities we provide signature files for all tarballs and
>> binary versions. The keys are also signed by the long term keys of
>> their respective owners. Current releases are signed by one or more
>> of these four keys:
>>
>> rsa2048 2011-01-12 [expires: 2019-12-31]
>> Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6
>> Werner Koch (dist sig)
>>
>> rsa2048 2014-10-29 [expires: 2019-12-31]
>> Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959
>> David Shaw (GnuPG Release Signing Key) <dshaw 'at' jabberwocky.com>
>>
>> rsa2048 2014-10-29 [expires: 2020-10-30]
>> Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06
>> NIIBE Yutaka (GnuPG Release Key) <gniibe 'at' fsij.org>
>>
>> rsa3072 2017-03-17 [expires: 2027-03-15]
>> Key fingerprint = 5B80 C575 4298 F0CB 55D8 ED6A BCEF 7E29 4B09 2E28
>> Andre Heinecke (Release Signing Key)
>>
>> The keys are available at <https://gnupg.org/signature_key.html> and
>> in any recently released GnuPG tarball in the file g10/distsigkey.gpg .
>> Note that this mail has been signed by a different key.
>> ===========
>>
>> [1] If you want to test whether you are affected by this bug, remove the
>> indentation from the following block
>>
>> -----BEGIN PGP MESSAGE-----
>>
>> jA0EBwMC1pW2pqoYvbXl0p4Bo5z/v7PXy7T1BY/KQxWaE9uTBRbf4no64/+5YYzX
>> +BVNqP+82aBFYXEsD9x1vGuYwofQ4m/q/WcQDEPXhRyzU+4yiT3EOuG7sTTaQR3b
>> 8xAn2Qtpyq5tO7k9CN6dasaXKSduXVmFUqzgU+W9WaTLOKNDFw6FYV3lnOoPtFcX
>> rzhh2opkX9Oh/5DUkZ6YmUIX3j/A0z+59/qNO1i2hQ==
>> =zswl
>> -----END PGP MESSAGE-----
>>
>> and pass to this pipeline
>>
>> gpg --no-options -vd 2>&1 | grep '^\[GNUPG:] INJECTED'
>>
>> If you get some output you are using a non-fixed version.
>>
>>
>>
>> _______________________________________________
>> Gnupg-announce mailing list
>> Gnupg-announce at gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-announce
>>
>>
>>
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users at gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
It says part of your message to me was encrypted and prompted me for my
passphrase, but it must not have been encrypted with my public key.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521.
/( )\ Shrewsbury, New Jersey http://linuxcounter.net
^^-^^ 16:45:01 up 19 days, 21:28, 2 users, load average: 6.09, 5.31, 4.80
More information about the Gnupg-users
mailing list