[Secure-testing-team] Bug#789686: putty: Security fix may get optimized away by compiler
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Jun 23 12:02:44 UTC 2015
Package: putty
Version: 0.62-9+deb7u2
Severity: normal
Tags: security
-- System Information:
Debian Release: jessie/sid
APT prefers vivid-updates
APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 'vivid-proposed'), (500, 'vivid'), (100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.19.0-22-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
The wheezy security update backport for CVE-2015-2157 replaced calls to
smemclr() with memset() in private-key-not-wiped-2.patch. This may result
in the security fix being optimized away by the compiler.
In addition, it appears there are other cases in the codebase where a memset
is being used to clear out sensitive information. The following commit
should probably be backported:
https://github.com/Yasushi/putty/commit/aa5bae89
More information about the Secure-testing-team
mailing list