[php-maint] Bug#632675: php5: NEWS item for CVE-2011-2483 could be clearer

Jonathan Nieder jrnieder at gmail.com
Mon Jul 4 19:08:10 UTC 2011 

Package: php5
Version: 5.3.6-13
Severity: minor

Hi,

>From today's upgrade:

  * Updated blowfish crypt() algorithm fixes the 8-bit character handling
    vulnerability (CVE-2011-2483) and adds more self-tests.  Unfortunately
    this change is incompatible with some old (wrong) generated hashes for
    passwords containing 8-bit characters.  Therefore the new salt prefix
    '$2x$' was introduced which can be used as a replacement for '$2a$'
    salt prefix in the password database in case the incompatibility is
    found.

Some minor nitpicks:

 - the asterisk is not needed :)
 - the above seems to take for granted that the reader already knows
   about CVE-2011-2483.  When discussing the resulting incompatibility,
   it would be friendlier to explain what prompted it.
 - it doesn't actually say what the '$2x$' salt prefix means, or where
   one should put it (keeping in mind that some sysadmins may not be
   PHP developers).

I'd suggest stealing as much text as sensible from
http://seclists.org/oss-sec/2011/q2/632 and going from there.  E.g.

  The implementation of the blowfish crypt() algorithm had an
  inadvertent sign extension bug since 1998 (and maybe even 1997),
  which this update fixes.

  The majority of hashes (but not all of them) for passwords containing
  characters with the 8th bit set were incompatible with OpenBSD's (really
  nasty, but no security impact here).

  What's worse, approximately 3 in 16 passwords containing a single
  character with the 8th bit set had 1 to 3 characters immediately
  preceding the 8-bit character ignored.  With more than one character
  with the 8th bit set, things may be even worse.

  Thus, those passwords may have been much easier to crack than expected.
  By correcting the algorithm, this update causes such passwords to be
  disabled.

  If you wish to avoid service disruption for everyone (even if that
  means potentially staying with weaker passwords than what some users
  have been expected; maybe password changes would then be recommended
  or forced over time) then please replace "$2a$" with "$2x$" in existing
  hashes on the system.  Alternatively, say, a custom web app can make
  this replacement for crypt() calls only, on hashes created before the
  upgrade date.

More information about the pkg-php-maint mailing list