[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 28 Sep 2011 13:07:58 +0200
From: yersinia <yersinia.spiros@...il.com>
To: oss-security@...ts.openwall.com, taviso@...xchg8b.com
Subject: Re: rpm/librpm/rpm-python memory corruption pre-verification
On Tue, Sep 27, 2011 at 8:52 PM, Tavis Ormandy <taviso@...xchg8b.com> wrote:
>
> Hey, after the scary flaws Georgi spotted in apt-get, I had a quick look at
> rpm signature verification. Some trivial bitflipping found a few memory
> corruption issues.
>
> Originally I didn't think yum used rpm, but i was wrong, rpm-python is a
> native module wrapper that exports librpm to python. I'll step through the
> signature verification logic when I get a chance.
>
> Obviously we need the sections of rpm code touched before signature
> verification to be bulletproof, as most distributions rely on public mirror
> services that may or may not be trusted. Any volunteers who know crypto
> better than me appreciated, I'll be primarily looking for memory
> corruption.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=741606
> https://bugzilla.redhat.com/show_bug.cgi?id=741612
>
> These bugs don't affect IMHO rpm5 : i have updated the bugzilla with these
infos. Best Regards
> Tavis.
>
> --
> -------------------------------------
> taviso@...xchg8b.com | pgp encrypted mail preferred
> -------------------------------------------------------
>
>
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
