Gentoo Archives: gentoo-security

From: Robert Buchholz <rbu@g.o>
To: gentoo-security@l.g.o
Cc: Peter Schneider-Kamp <psk@××××××××××××××××××××××.de>
Subject: Re: [gentoo-security] ssl weak key generation (supposed to effect only debian)
Date: Sat, 17 May 2008 11:15:51
Message-Id: 200805171315.07254.rbu@gentoo.org
In Reply to: [gentoo-security] ssl weak key generation (supposed to effect only debian) by Peter Schneider-Kamp
1 Hi Peter,
2
3 On Saturday, 17. May 2008, Peter Schneider-Kamp wrote:
4 > the recently publicized SSL weak key generation for debian-based systems
5 > (c.f. http://www.debian.org/security/key-rollover/)
6 > has lead our university computing center to retract our
7 > Gentoo-generated SSL keys based on an advisory from the German
8 > DFN cert :-(
9
10 I could not find where these advisories are published on their site, I
11 guess they are not publicly distributed.
12
13
14 > I have not found any information about whether this might also
15 > affect Gentoo systems. A test with the Perl script from
16 > http://security.debian.org/project/extra/dowkd/dowkd.pl.gz
17 > does not show vulnerability:
18 > ~ summary: keys found: 2, weak keys: 0
19 >
20 > So I guess that Gentoo-generated keys are not affected.
21 > Still it would be nice to have an official statement
22 > to prevent official certification bodies from retracting
23 > valid Gentoo-generated keys.
24
25 The Gentoo Security Team internally reviewed patches to
26 our "dev-libs/openssl" package right when we heard about the issue via a
27 private channel. We could confirm that the patch is not included in our
28 distribution. Furthermore, additional tests showed that there is no
29 dependence only on PID when generating keys, and that some Gentoo produced
30 keys are not included in the blacklist (which you also confirmed).
31
32 We issued no formal statement*, because Debian was so clear about the scope
33 of the vulnerability. To think that any distribution is affected, simply
34 because they do not publicly state they are not, is a bad habit. Other
35 CERTs usually contact us for vendor statements when they think we are
36 affected by one vulnerability.
37
38 The only thing compromising DSA keys generated on Gentoo is the usage of
39 the private key on an affected Debian, but even that was covered in both
40 the Debian and Ubuntu advisories.
41
42 Regards,
43 Robert // Gentoo Security
44
45
46 * I would not consider my blog entry on http://planet.gentoo.org a
47 formal statement.

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-security] ssl weak key generation (supposed to effect only debian) Byron <negentropy@×××××××.net>