First Last Prev Next    This bug is not in your last search results.
Bug 1095722 - (CVE-2016-1000338) VUL-0: CVE-2016-1000338: bouncycastle: In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fullyvalidate ASN.1 encoding of signature on verification. It is possible to injectextra elements in the sequence making up the signature and
(CVE-2016-1000338)
VUL-0: CVE-2016-1000338: bouncycastle: In Bouncy Castle JCE Provider version ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/207028/
CVSSv2:NVD:CVE-2016-1000338:5.0:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-06-04 06:25 UTC by Marcus Meissner
Modified: 2020-04-23 15:31 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-06-04 06:25:06 UTC 
CVE-2016-1000338

In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully
validate ASN.1 encoding of signature on verification. It is possible to inject
extra elements in the sequence making up the signature and still have it
validate, which in some cases may allow the introduction of 'invisible' data
into a signed structure.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1000338
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1000338.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000338
https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
Comment 1 Marcus Meissner 2018-06-04 06:27:49 UTC 
(this is probably indirectly embedded during build of apache-ivy and apache-pdfbox)
Comment 2 Swamp Workflow Management 2018-06-06 10:30:11 UTC 
This is an autogenerated message for OBS integration:
This bug (1095722) was mentioned in
https://build.opensuse.org/request/show/614511 42.3 / bouncycastle
Comment 3 Swamp Workflow Management 2018-06-14 10:08:14 UTC 
openSUSE-SU-2018:1689-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1072697,1095722,1095849,1095850,1095852,1095853,1095854,1096022,1096024,1096025,1096026
CVE References: CVE-2016-1000338,CVE-2016-1000339,CVE-2016-1000340,CVE-2016-1000341,CVE-2016-1000342,CVE-2016-1000343,CVE-2016-1000344,CVE-2016-1000345,CVE-2016-1000346,CVE-2016-1000352,CVE-2017-13098
Sources used:
openSUSE Leap 42.3 (src):    bouncycastle-1.59-23.3.1
Comment 4 Swamp Workflow Management 2018-07-19 11:10:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1095722) was mentioned in
https://build.opensuse.org/request/show/624022 Factory / bouncycastle
Comment 5 Swamp Workflow Management 2018-09-14 15:30:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1095722) was mentioned in
https://build.opensuse.org/request/show/635779 15.0 / bouncycastle
Comment 6 Alexandros Toptsoglou 2020-04-23 15:31:01 UTC 
Leap 15.1 is not affected
First Last Prev Next    This bug is not in your last search results.