Feature #8123

Investigate what to do for Tails 1.2.1 about the POODLE vulnerability

Added by intrigeri 2014-10-15 04:55:22 . Updated 2014-11-06 12:31:26 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2014-10-15
Due date:
% Done:

100%

Feature Branch:
Type of work:
Research
Blueprint:

Starter:
Affected tool:
Deliverable for:


Subtasks


History

#1 Updated by intrigeri 2014-10-15 05:45:29

Affected:

  • system-wide NSS
  • TB’s NSS
  • system-wide OpenSSL
  • system-wide GnuTLS

Debian updates: https://security-tracker.debian.org/tracker/CVE-2014-3566

#2 Updated by anonym 2014-10-16 08:11:23

  • Target version changed from Tails_1.2 to Tails_1.2.1

#3 Updated by intrigeri 2014-10-17 05:42:28

  • Subject changed from Investigate what to do for Tails 1.2 about the POODLE vulnerability to Investigate what to do for Tails 1.2.1 about the POODLE vulnerability
  • Assignee set to intrigeri
  • Target version deleted (Tails_1.2.1)

#4 Updated by intrigeri 2014-10-20 09:29:51

  • Target version set to Tails_1.2.1

#5 Updated by intrigeri 2014-10-31 16:07:47

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 20

Current status:

  • Tor Browser’s NSS: fixed already by disabling SSLv3
  • Pidgin: not fixed (upstream ticket, but should not be vulnerable unless it implements the downgrade dance itself
  • Claws Mail: uses GnuTLS; 3.11.0, that disables SSLv3 altogether, should reach testing in two days, and then it can be backported (beware, the backport changelog says scary things like “This makes the complete certificate chain not available”); maybe the backport would be less buggy than the Wheezy package. No idea if the version in Wheezy implements any kind of crazy downgrade dance. Alternatively, we could cherry-pick the upstream commit that disables SSLv3; this might be an appropriate change for wheezy-security.
  • system-wide NSS (used e.g. by openjdk-7-jre, that is I2P, LibreOffice and others): still supports SSLv3, so can be used inappropriately by applications if they implement some crazy downgrade dance
  • system-wide OpenSSL: still supports SSLv3, so can be used inappropriately by applications if they implement some crazy downgrade dance; fixed in sid by disabling SSLv3; we can cherry-pick the commit that disables SSLv3
  • system-wide GnuTLS 2.6: still supports SSLv3, so can be used inappropriately by applications if they implement some crazy downgrade dance

#6 Updated by intrigeri 2014-10-31 17:04:17

  • Assignee changed from intrigeri to anonym

My opinion on what we should do: nothing, let’s hope that Tor Browser was the only application we ship that does a crazy downgrade dance. Anything else requires locally patching Debian packages, and would make our stuff more painful to maintain, which we don’t need.

If/once a Claws Mail 3.11 backport appears, we can still reconsider shipping it for other reasons. We’ll want to double-check that it doesn’t weaken certificate verification, though.

anonym (and others), what do you think?

#7 Updated by anonym 2014-11-06 12:31:26

  • Status changed from In Progress to Resolved
  • Assignee deleted (anonym)
  • % Done changed from 20 to 100

Agreed. I’ve looked around and all I’ve gathered indicates that the POODLE vulnerability pretty much requires a modern web browser context to be exploitable. Closing this ticket.