-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 29 Mar 2025 03:13:08 +0100 Source: fort-validator Binary: fort-validator fort-validator-dbgsym Architecture: ppc64el Version: 1.5.4-1+deb12u1 Distribution: bookworm Urgency: medium Maintainer: ppc64el Build Daemon (ppc64el-conova-01) Changed-By: Daniel Leidert Description: fort-validator - RPKI validator and RTR server Changes: fort-validator (1.5.4-1+deb12u1) bookworm; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * d/control (Build-Depends): Add rsync for running tests. * d/patches/CVE-2024-45234.patch: Add patch to fix CVE-2024-45234. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics when faced with data not encoded in DER. Because Fort is an RPKI Relying Party, a panic can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45235.patch: Add patch to fix CVE-2024-45235. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing an Authority Key Identifier extension that lacks the keyIdentifier field. Fort references this pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45236.patch: Add patch to fix CVE-2024-45236. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a signed object containing an empty signedAttributes field. Fort accesses the set's elements without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45237.patch: Add patch to fix CVE-2024-45237. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without properly sanitizing its length, leading to a buffer overflow. * d/patches/CVE-2024-45238.patch: Add patch to fix CVE-2024-45238. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsing, and when compiled with OpenSSL libcrypto versions below 3, Fort recklessly dereferences the pointer. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-45239.patch: Add patch to fix CVE-2024-45239. - A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a null eContent field. Fort dereferences the pointer without sanitizing it first. Because Fort is an RPKI Relying Party, a crash can lead to Route Origin Validation unavailability, which can lead to compromised routing. * d/patches/CVE-2024-48943.patch: Add patch to fix CVE-2024-48943. - A malicious RPKI rsync repository can prevent Fort from finishing its validation run by drip-feeding its content. This can lead to delayed validation and a stale or unavailable Route Origin Validation. (thanks to Jochen Sprickerhof for helping backporting the test case) Checksums-Sha1: 22a547de7cc1a402900fb25f01544dcf83346c3e 635564 fort-validator-dbgsym_1.5.4-1+deb12u1_ppc64el.deb 99bda916c090067f1de705f3950b672fe3abdf92 7265 fort-validator_1.5.4-1+deb12u1_ppc64el-buildd.buildinfo eb607518140849cd3d1e0a5a270de05155a118ac 226136 fort-validator_1.5.4-1+deb12u1_ppc64el.deb Checksums-Sha256: 9088c0f7f2e48f08875ccc90566a72e0d94465497a7e69bff90d493b2fc0fbee 635564 fort-validator-dbgsym_1.5.4-1+deb12u1_ppc64el.deb f705072898c4d60457c246c4a953e039aa4168b9a1082cf76ea7f0c7f1d9dc3b 7265 fort-validator_1.5.4-1+deb12u1_ppc64el-buildd.buildinfo 36b06035ac409cdb0410a1539f461c7245dfca5df385b519a445b2f33dab80f0 226136 fort-validator_1.5.4-1+deb12u1_ppc64el.deb Files: 51595c2098d0be3f3fe34afafffb7a50 635564 debug optional fort-validator-dbgsym_1.5.4-1+deb12u1_ppc64el.deb 1bbe3bd24edd0cabe859613da3f0bccb 7265 net optional fort-validator_1.5.4-1+deb12u1_ppc64el-buildd.buildinfo 9c3e0da9d968243e876ea52598d7558c 226136 net optional fort-validator_1.5.4-1+deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvNkWZvjZkiWgJGRETMSrGPLkYxUFAmhpU1cACgkQTMSrGPLk YxV34hAAqJtCjoLspEw24uj9NiO/9zLLjb/2/T15tqI2oeUitCrjSENoJwiLyz2C 007qP86MKuG4+8kFP6rpnhL9SPBO7A7CXbDKFJAGP5ZhDm4AuwsB2ZrxUepN1vYQ Bv4ptUN/IhZh/KvcRgTqX7OeL3XJmYXvTZFmu/3xqNg6JyADV+Qa7YA70yq0HVH7 tVyTlqwaeq+mEb2z37cLNAepQgr6u3+ZZZqecuGZ1INp6mqsGBMlF7/S87tzIzXd zMq568jVd2XYCY6/Km428sCGUO1b6+BpCUpnXmBR5+r4/WE0SH+keaX+uYXKkXYu UYKNiRx+OHcDBdBFPoqxiAYMACLJd/UDOUxpSzTuInqOqhvS+oxYiWNVeAoAj9Uj 3SeHWSNMFwa8tILnQS1OMi08B9LdUAOG82gAD7N2PEBjVrOAmXAdAMbVSeGi/fAN 5gm0LVu5hqmB2S7g8L5+EXP/VKPb5A7aeBVr9ogS3ZrwR8waUe6PJr0CbIm4lnmz PGdNI0PNzMX7Hg2s8WbV8XFhWt1c082Ed9MBbsHcA0K0dTRkHtB+HJBzZ/1X/lpz UAV1ywLBOQcStNopGnuqVBLOacoqC+T70kQVvfZDQpZpcv8j/oNmWuzbrTX91SVC WI1jntoiMtIdN2eh0onRvbjMdYg85XEt4RfN3SMq9o7b9QaHveU= =SHY+ -----END PGP SIGNATURE-----