-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 29 Mar 2025 03:13:08 +0100 Source: fort-validator Binary: fort-validator fort-validator-dbgsym Architecture: i386 Version: 1.5.4-1+deb12u1 Distribution: bookworm Urgency: medium Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Daniel Leidert Description: fort-validator - RPKI validator and RTR server Changes: fort-validator (1.5.4-1+deb12u1) bookworm; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * d/control (Build-Depends): Add rsync for running tests. * d/patches/CVE-2024-45234.patch: Add patch to fix CVE-2024-45234. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics when faced with data not encoded in DER. Because Fort is an RPKI Relying Party, a panic can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45235.patch: Add patch to fix CVE-2024-45235. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field. Fort references this pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45236.patch: Add patch to fix CVE-2024-45236. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45237.patch: Add patch to fix CVE-2024-45237. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without properly sanitizing its length, leading to a buffer overflow. * d/patches/CVE-2024-45238.patch: Add patch to fix CVE-2024-45238. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsing, and when compiled with OpenSSL libcrypto versions below 3, Fort recklessly dereferences the pointer. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45239.patch: Add patch to fix CVE-2024-45239. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-48943.patch: Add patch to fix CVE-2024-48943. - A malicious RPKI rsync repository can prevent Fort from finishing its validation run by drip-feeding its content. This can lead to delayed validation and a stale or unavailable Route Origin Validation. (thanks to Jochen Sprickerhof for helping backporting the test case) Checksums-Sha1: 27fefd3cc872cafb7019f703c57b8ded7ee8ae84 547704 fort-validator-dbgsym_1.5.4-1+deb12u1_i386.deb 08fdfaccc374f10042ee71f214f362c66e1b9233 7209 fort-validator_1.5.4-1+deb12u1_i386-buildd.buildinfo f2eb0609b3526942cc58bccc34a04cdd7333c327 222544 fort-validator_1.5.4-1+deb12u1_i386.deb Checksums-Sha256: 373dbdf44c641c9c1ee2b9795e0ce54bee8133a3c22c66eeb4a7a86c84160ebb 547704 fort-validator-dbgsym_1.5.4-1+deb12u1_i386.deb 552832dcad990e01d4824316c16861195dea8caa183a9fda128ce8c2523d53a7 7209 fort-validator_1.5.4-1+deb12u1_i386-buildd.buildinfo 8be7cdb7892c78e5f8a126570388f09b5482eea1bd93f130668ef8c09944684d 222544 fort-validator_1.5.4-1+deb12u1_i386.deb Files: eef545e8640585a2c8e8d70019b16357 547704 debug optional fort-validator-dbgsym_1.5.4-1+deb12u1_i386.deb 4cef4047df1527c4e9e5a625d49a2f3c 7209 net optional fort-validator_1.5.4-1+deb12u1_i386-buildd.buildinfo 4e256e54c1eb626da5a8392d02d64442 222544 net optional fort-validator_1.5.4-1+deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEv2qEY4xQXyY/2dWIvGw9w6VrLCcFAmhpUzsACgkQvGw9w6Vr LCdvfhAAggMg4tYM1N652hG/4Zgl05wbqviyK1WAQeJFsg42nCkrfzpDRty/qnGx VXFoXMj8SFDrRrJO581bNE/jLjUjbFKNQ9uMSavvsMwKPaABLzu5uG0MPWgWRECC 9wZSRpOTneQKXq61fDjLraaVzD4xzICwOjQiDF58ZSD/r1KaPfEBZnMlgV00zuAj rkOFT8nVxRYSKQNjUrzRVyFxSFnXD/ZtunKgz0i8J1m7Yj4Srrq1gBJixPoON+QR EKBi/AeSAJIuYLS6uniQgPBMh3lK6kULkCuGDAxu1ByNV3DvQyjzyhCBHYaxDWc/ H/ijyk123HkCPW3Nep684ezUtqzwtDEx6oE8KrFxkeEN3RxOFt4Ri7YA9qt0h3tA 99BKD7+rxQEmNRfTtL/FBp6c73q5YmJYR7ZdxQwFvJi/BfaVu37wh7/IlPlQMNvs 7ifkXjmVydLvyVCvTzwCr2kPfPmo0viyRvD+vWzFu4W/ktkMUi7QguHSnisnsgqX SmUqjp41ikangLTaCgFUZzbVkT9HA/I4VZqlUwfHRsK4J2TIBvQWdcvDiw7JzdY8 e77XqmkfD60w8LZ+4xgDTiDUF1pnh7ox9OnIrLJTRXcjiQJN7pUuxJWCArVntXG4 gV3OC3dlQUc95MlRUISBFP+IsXtd9/Lfxx7aEopaXDftfrN4lHM= =mzWD -----END PGP SIGNATURE-----