Page MenuHome GnuPG

WoT forgeries using SHA-1
Closed, ResolvedPublic

Description

CVE-2019-14855 is about Web of Trust forgeries using collisions in SHA-1 signatures. Given the required effort and the dimishing use of SHA-1 the impact is not very high. Nevertheless we will default in master to not accept SHA-1 key signature and in 2.2 we will not accept any new key signatures. Note that this renders dsa1024 keys useless for the Web-of-Trust.

Details

Event Timeline

Hello,

I am currently investigating the issue known as CVE-2019-14855 for Debian's LTS version Debian 8 "Jessie" and even Debian 7 "Wheezy".

Could you tell us more about the impact and if earlier versions of gnupg are affected? It appears no backports were made for < 2.2.x as the 1.4 series.

The change appears to change previous default behavior of gnupg. Does it make even sense to attempt a backport of the fixes?

What commits do exactly fix CVE-2019-14855? We currently believe that

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c4f2d9e3e1d77d2f1f168764fcdfed32f7d1dfc4
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=7d9aad63c4f1aefe97da61baf5acd96c12c0278e
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=7d9aad63c4f1aefe97da61baf5acd96c12c0278e

are related but we are not sure if there are more commits which are required to fix CVE-2019-14855.

Thanks for all your work on GnuPG

Markus Koschany

werner set External Link to https://sha-mbles.github.io/.Jan 8 2020, 10:34 AM

FWIW, the second listed commit is the right one. You should only look at the STABLE-STABLE-2-2 branch. master and that branch differ; in particular we do not have a cut-off date in master (to be 2.3).