From 5bc54052c8ca8a1aee4eaebe3f8433f35cfa3098 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Mon, 8 Oct 2018 16:15:33 +0200 Subject: [PATCH] Toggle doesn't work, just refer to the security page. --- download.mdwn | 4 ++-- news/release-1.0.35-and-1.1pre17.mdwn | 12 +----------- security.mdwn | 6 +++--- 3 files changed, 6 insertions(+), 16 deletions(-) diff --git a/download.mdwn b/download.mdwn index 3e136ad..c6e1279 100644 --- a/download.mdwn +++ b/download.mdwn @@ -12,7 +12,7 @@ packages you should contact its maintainer. ### Latest stable release -[[!inline pages="news/release-1.0.35" template=newsitemnoheader feeds="no"]] +[[!inline pages="news/release-1.0.35-and-1.1pre17" template=newsitemnoheader feeds="no"]]
**Version**1.0.35 @@ -25,7 +25,7 @@ packages you should contact its maintainer. ### Latest pre-release from the 1.1 branch -[[!inline pages="news/release-1.1pre17" template=newsitemnoheader feeds="no"]] +[[!inline pages="news/release-1.0.35-and-1.1pre17" template=newsitemnoheader feeds="no"]]
**Version**1.1pre17 diff --git a/news/release-1.0.35-and-1.1pre17.mdwn b/news/release-1.0.35-and-1.1pre17.mdwn index b363543..9a5f0b0 100644 --- a/news/release-1.0.35-and-1.1pre17.mdwn +++ b/news/release-1.0.35-and-1.1pre17.mdwn @@ -6,14 +6,4 @@ Versions 1.0.35 and 1.1pre17 released. * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738). * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758). -Thanks to Michael Yonli for auditing tinc and reporting these vulnerabilities. - -[[!toggle id="fulltext" text="Show full text."]] - -[[!toggleable id="fulltext" text=""" -Michael Yonli discovered two security flaws. The first is an issue with the implementation of the authentication protocol used in tinc 1.0, which allows a remote attacker to establish an authenticated connection with a node in the VPN, and send messages one-way. In tinc 1.0.29 and earlier, this is unfortunately trivial to exploit. In tinc 1.0.30 to 1.0.34, the mitigations implemented for the Sweet32 attack also make this attack much harder, but in principle still possible. This is fixed in tinc 1.0.35. - -The second issue allows a man-in-the-middle that has intercepted the TCP connection between two nodes, to potentially force one of the nodes to start sending unencrypted UDP packets. This is also fixed in tinc 1.0.35. - -The new protocol used in tinc 1.1 is not affected by these vulnerabilities. However, since it is backwards compatible with tinc 1.0, it uses the legacy protocol when communicating with tinc 1.0 nodes. Tinc 1.1pre17 fixes the first issue, and it wasn't vulnerable to the second issue to begin with. -"""]] +Thanks to Michael Yonli for auditing tinc and reporting these vulnerabilities. For more information, see the [[security]] page. diff --git a/security.mdwn b/security.mdwn index ce4a416..f08ba83 100644 --- a/security.mdwn +++ b/security.mdwn @@ -9,7 +9,7 @@ We will then try to get a CVE number assigned, and coordinate a bugfix release w The following list contains advisories for security issues in tinc in old versions: - [CVE-2018-16758](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16758): - Tinc 1.0.34 and earlier allow a [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) + Michael Yonli discovered that tinc 1.0.34 and earlier allow a [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) that, even if the MITM cannot decrypt the traffic sent between the two endpoints, when the MITM can correctly predict when an ephemeral key exchange message is sent in a TCP connection between two nodes, allows the MITM to @@ -17,7 +17,7 @@ The following list contains advisories for security issues in tinc in old versio The tinc 1.1pre versions are not affected by this. - [CVE-2018-16738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16738): - Tinc versions 1.0.30 to 1.0.34 allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack), + Michael Yonli discoverd that tinc versions 1.0.30 to 1.0.34 allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack), similar to CVE-2018-16737, but due to the mitigations put in place for the Sweet32 attack in tinc 1.0.30, it now requires a [timing attack](https://en.wikipedia.org/wiki/Timing_attack) that has only a limited time to complete. @@ -25,7 +25,7 @@ The following list contains advisories for security issues in tinc in old versio VPN that still use the legacy protocol from tinc version 1.0.x. - [CVE-2018-16737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16737): - Tinc 1.0.29 and earlier allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack) + Michael Yonly discovered that tinc 1.0.29 and earlier allow an [oracle attack](https://en.wikipedia.org/wiki/Oracle_attack) that could allow a remote attacker to establish one-way communication with a tinc node, allowing it to send fake control messages and inject packets into the VPN. The attack takes only a few seconds to complete. -- 2.20.1