Guus Sliepen
2018-Oct-08 14:08 UTC
[Announcement] Tinc version 1.0.35 and 1.1pre17 released
Because of security vulnerabilities in tinc that have recently been
discovered, we hereby release tinc versions 1.0.35 and 1.1pre17. Here is a
summary of
the changes in tinc 1.0.35:
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
Here is a summery of the changes in tinc 1.1pre17:
* Prevent oracle attacks in the legacy protocol (CVE-2018-16737,
CVE-2018-16738).
* AutoConnect is now enabled by default.
* Per-node network traffic statistics are now shown in the output of
"info" and "dump nodes" commands.
Thanks to Michael Yonli for auditing tinc and reporting the
vulnerabilities. Thanks to volth and Rafael Sadowski for their
contributions to version 1.1pre17 of tinc.
Michael Yonli discovered two security flaws. The first is an issue with
the implementation of the authentication protocol used in tinc 1.0,
which allows a remote attacker to establish an authenticated connection
with a node in the VPN, and send messages one-way. In tinc 1.0.29 and
earlier, this is unfortunately trivial to exploit. In tinc 1.0.30 to
1.0.34, the mitigations implemented for the Sweet32 attack also make
this attack much harder, but in principle still possible. This is fixed
in tinc 1.0.35.
The second issue allows a man-in-the-middle that has intercepted the TCP
connection between two nodes, to potentially force one of the nodes to
start sending unencrypted UDP packets. This is also fixed in tinc
1.0.35.
The new protocol used in tinc 1.1 is not affected by these
vulnerabilities. However, since it is backwards compatible with tinc
1.0, it uses the legacy protocol when communicating with tinc 1.0 nodes.
Tinc 1.1pre17 fixes the first issue, and it wasn't vulnerable to the
second issue to begin with.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20181008/2ba7c237/attachment.sig>
Saverio Proto
2018-Oct-09 21:31 UTC
[Announcement] Tinc version 1.0.35 and 1.1pre17 released
OpenWrt master has been updated now. I am travelling, I will not be able to push patches to stable branches until next saturday. Cheers, Saverio Il giorno lun 8 ott 2018 alle ore 10:15 Guus Sliepen <guus at tinc-vpn.org> ha scritto:> > Because of security vulnerabilities in tinc that have recently been > discovered, we hereby release tinc versions 1.0.35 and 1.1pre17. Here is a summary of > the changes in tinc 1.0.35: > > * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738). > * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758). > > Here is a summery of the changes in tinc 1.1pre17: > > * Prevent oracle attacks in the legacy protocol (CVE-2018-16737, > CVE-2018-16738). > * AutoConnect is now enabled by default. > * Per-node network traffic statistics are now shown in the output of > "info" and "dump nodes" commands. > > Thanks to Michael Yonli for auditing tinc and reporting the > vulnerabilities. Thanks to volth and Rafael Sadowski for their > contributions to version 1.1pre17 of tinc. > > Michael Yonli discovered two security flaws. The first is an issue with > the implementation of the authentication protocol used in tinc 1.0, > which allows a remote attacker to establish an authenticated connection > with a node in the VPN, and send messages one-way. In tinc 1.0.29 and > earlier, this is unfortunately trivial to exploit. In tinc 1.0.30 to > 1.0.34, the mitigations implemented for the Sweet32 attack also make > this attack much harder, but in principle still possible. This is fixed > in tinc 1.0.35. > > The second issue allows a man-in-the-middle that has intercepted the TCP > connection between two nodes, to potentially force one of the nodes to > start sending unencrypted UDP packets. This is also fixed in tinc > 1.0.35. > > The new protocol used in tinc 1.1 is not affected by these > vulnerabilities. However, since it is backwards compatible with tinc > 1.0, it uses the legacy protocol when communicating with tinc 1.0 nodes. > Tinc 1.1pre17 fixes the first issue, and it wasn't vulnerable to the > second issue to begin with. > > -- > Met vriendelijke groet / with kind regards, > Guus Sliepen <guus at tinc-vpn.org> > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc