Hi everyone,
sequoia-openpgp and buffered-reader contain several bugs, which an attacker can exploit to cause the libraries to panic.
The bugs are all parsing errors. Attacker-controlled input can cause different parsers to access an array using an out-of-range array index. Because, Rust detects the use of out-of-range indices, and panics, these bugs can be exploited by an attacker to cause a program that uses an affected version of sequoia-openpgp or buffered-reader to crash, but they are not able to read from or write to the process's address space. Consequently, we have classified these issues as low severity.
With one exception, the issues are all present in sequoia-openpgp and buffered-reader since their initial 1.0 releases. We recommend upgrading.
The errors are:
- buffered-reader: Fix returning partial reads ending in errors.
Found independently by Justus Winter and kpcyrd, patched by Justus Winter.
1.2.0: https://gitlab.com/sequoia-pgp/sequoia/-/commit/f6307652fb2cbf4e0fbd3f897b1e... 1.1.5: https://gitlab.com/sequoia-pgp/sequoia/-/commit/7507807dce6b87e7a1397a6414b8... 1.0.2: https://gitlab.com/sequoia-pgp/sequoia/-/commit/4b02ccc1d1dcd5a105d4bb6fd32e...
- openpgp: Fix crash in the packet parser.
Found independently by Paul Schaub (vanitasvitae) and Alexander Kjäll (capitol), patched by Justus Winter.
1.16.0: https://gitlab.com/sequoia-pgp/sequoia/-/commit/b9badbdd2e9bd996fa6afd8187ff... 1.8.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/e6ea6cbe12598ec50a07af4bf192... 1.1.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/17e7c8c5f5960ea05b68cbbbc27c...
- openpgp: Fix a crash related to stray signatures.
Found by Justus Winter, patched by Justus Winter.
1.16.0: https://gitlab.com/sequoia-pgp/sequoia/-/commit/cce50ad4f3645011b5f8b473f6e8... 1.8.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/c6cc5f4bfb6bfb55def8bce4ffea... 1.1.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/789b0d0698d65b6372c563c36d70...
- openpgp: Fix a crash in the Cleartext Signature Framework.
This error was introduced in 1.11.0.
Found by Justus Winter, patched by Justus Winter.
1.16.0: https://gitlab.com/sequoia-pgp/sequoia/-/commit/586bde682c0525175c03f9eb8470... 1.8.1: Not impacted. 1.1.1: Not impacted.
- openpgp: Fix a crash in the Cleartext Signature Framework.
Found by Justus Winter, patched by Justus Winter.
1.16.0: https://gitlab.com/sequoia-pgp/sequoia/-/commit/c82beb9b30ec77b6edc291516bb8... 1.8.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/976695ea2be6b6772b41adb72aa5... 1.1.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/93b16c32e50b69962fef23803428...
- openpgp: Fix mapping of synthetic packets.
Found by Justus Winter, patched by Justus Winter.
1.16.0: https://gitlab.com/sequoia-pgp/sequoia/-/commit/b6388f0906315d2de7164bae36fb... 1.8.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/da12da88fb9d27d11b0b347ab5a0... 1.1.1: https://gitlab.com/sequoia-pgp/sequoia/-/commit/43532470f25d1df39f5ca704cd99...
The backstory of these issues is that the first issue was found by Paul Schaub (vanitasvitae). Independently, Justus Winter, Alexander Kjäll (capitol), and kpcyrd fuzzed the sequoia-openpgp library, and discovered additional issues.
The sequoia-openpgp related issues are fixed in sequoia-openpgp 1.16.0, which I published on crates.io:
https://crates.io/crates/sequoia-openpgp
You can also fetch version 1.16.0 using the openpgp/v1.16.0 tag:
https://gitlab.com/sequoia-pgp/sequoia/-/tags/openpgp/v1.16.0
which I signed:
$ git verify-tag openpgp/v1.16.0 gpg: Signature made Tue May 16 12:46:41 2023 +02:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield neal@walfield.org" [ultimate] gpg: "Neal H. Walfield neal@gnupg.org" gpg: "Neal H. Walfield neal@pep-project.org" gpg: "Neal H. Walfield neal@pep.foundation" gpg: "Neal H. Walfield neal@sequoia-pgp.org"
I've backported these fixes to 1.1.0, which is the version that is shipped by Debian stable, and released it as version 1.1.1.
I've published version 1.1.1 on crates.io, and you can fetch it using the openpgp/v1.1.1 tag:
https://gitlab.com/sequoia-pgp/sequoia/-/tags/openpgp/v1.1.1
which I signed:
$ git verify-tag openpgp/v1.1.1 gpg: Signature made Tue May 16 15:08:46 2023 +02:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield neal@walfield.org" [ultimate] gpg: "Neal H. Walfield neal@gnupg.org" gpg: "Neal H. Walfield neal@pep-project.org" gpg: "Neal H. Walfield neal@pep.foundation" gpg: "Neal H. Walfield neal@sequoia-pgp.org"
I also backported these fixes to 1.8.0, which is the version that is in Debian Testing, and will go into the next version of Debian Stable. I released it as version 1.8.1
I've published version 1.8.1 on crates.io, and you can fetch it using the openpgp/v1.8.1 tag:
https://gitlab.com/sequoia-pgp/sequoia/-/tags/openpgp/v1.8.1
which I signed:
$ git verify-tag openpgp/v1.8.1 gpg: Signature made Wed May 17 10:19:35 2023 +02:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield neal@walfield.org" [ultimate] gpg: "Neal H. Walfield neal@gnupg.org" gpg: "Neal H. Walfield neal@pep-project.org" gpg: "Neal H. Walfield neal@pep.foundation" gpg: "Neal H. Walfield neal@sequoia-pgp.org"
The buffered-reader related issue is fixed in buffered-reader 1.2.0, which I published on crates.io:
https://crates.io/crates/buffered-reader
You can also fetch version 1.2.0 using the buffered-reader/v1.2.0 tag:
https://gitlab.com/sequoia-pgp/sequoia/-/tags/buffered-reader/v1.2.0
which I signed:
$ git verify-tag buffered-reader/v1.2.0 gpg: Signature made Wed May 17 13:34:13 2023 +02:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield neal@walfield.org" [ultimate] gpg: "Neal H. Walfield neal@gnupg.org" gpg: "Neal H. Walfield neal@pep-project.org" gpg: "Neal H. Walfield neal@pep.foundation" gpg: "Neal H. Walfield neal@sequoia-pgp.org"
I also backported these fixes to 1.0.1, which is the version that is in Debian Stable. I released it as version 1.0.2.
I've published version 1.0.2 on crates.io, and you can fetch it using the buffered-reader/v1.0.2 tag:
https://gitlab.com/sequoia-pgp/sequoia/-/tags/buffered-reader/v1.0.2
which I signed:
$ git verify-tag buffered-reader/v1.0.2 gpg: Signature made Fri May 19 15:33:25 2023 +02:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield neal@walfield.org" [ultimate] gpg: "Neal H. Walfield neal@gnupg.org" gpg: "Neal H. Walfield neal@pep-project.org" gpg: "Neal H. Walfield neal@pep.foundation" gpg: "Neal H. Walfield neal@sequoia-pgp.org"
I also backported these fixes to 1.1.4, which is the version that is in Debian Testing, and will go into the next version of Debian Stable. I released it as version 1.1.5.
I've published version 1.1.5 on crates.io, and you can fetch it using the buffered-reader/v1.1.5 tag:
https://gitlab.com/sequoia-pgp/sequoia/-/tags/buffered-reader/v1.1.5
which I signed:
$ git verify-tag buffered-reader/v1.1.5 gpg: Signature made Fri May 19 14:26:17 2023 +02:00 gpg: using RSA key C03FA6411B03AE12576461187223B56678E02528 gpg: Good signature from "Neal H. Walfield neal@walfield.org" [ultimate] gpg: "Neal H. Walfield neal@gnupg.org" gpg: "Neal H. Walfield neal@pep-project.org" gpg: "Neal H. Walfield neal@pep.foundation" gpg: "Neal H. Walfield neal@sequoia-pgp.org"
Neal on behalf of the whole Sequoia PGP team
announce@lists.sequoia-pgp.org