diff --git a/CVE-2025-59432.patch b/CVE-2025-59432.patch new file mode 100644 index 0000000000000000000000000000000000000000..bfdd2587e6ed7cc4b81aab3c6f3306a00d04e87b --- /dev/null +++ b/CVE-2025-59432.patch @@ -0,0 +1,56 @@ +From e0b0cf99f05406a0d26682c72fcb5728e95124b3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jorge=20Sol=C3=B3rzano?= +Date: Tue, 16 Sep 2025 19:51:50 +0200 +Subject: [PATCH] fix(security): Timing Attack Vulnerability + +Origin: https://github.com/ongres/scram/commit/f04975680d4a67bc84cc6c61bbffd5186223e2e2 + +A timing attack vulnerability exists in the SCRAM Java implementation. +The issue arises because Arrays.equals was used to compare secret values +such as client proofs and server signatures. Since Arrays.equals +performs a short-circuit comparison, the execution time varies depending +on how many leading bytes match. This behavior could allow an attacker +to perform a timing side-channel attack and potentially infer sensitive +authentication material. All users relying on SCRAM authentication are +impacted. + +This vulnerability has been patched by replacing Arrays.equals with +MessageDigest.isEqual, which ensures constant-time comparison. +--- + .../main/java/com/ongres/scram/common/ScramFunctions.java | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/common/src/main/java/com/ongres/scram/common/ScramFunctions.java b/common/src/main/java/com/ongres/scram/common/ScramFunctions.java +index 5f02706..9abf37d 100644 +--- a/common/src/main/java/com/ongres/scram/common/ScramFunctions.java ++++ b/common/src/main/java/com/ongres/scram/common/ScramFunctions.java +@@ -28,7 +28,7 @@ import com.ongres.scram.common.stringprep.StringPreparation; + import com.ongres.scram.common.util.CryptoUtil; + + import java.nio.charset.StandardCharsets; +-import java.util.Arrays; ++import java.security.MessageDigest; + + /** + * Utility functions (e.g. crypto) for SCRAM. +@@ -231,7 +231,7 @@ public class ScramFunctions { + byte[] clientKey = CryptoUtil.xor(clientSignature, clientProof); + byte[] computedStoredKey = hash(scramMechanism, clientKey); + +- return Arrays.equals(storedKey, computedStoredKey); ++ return MessageDigest.isEqual(storedKey, computedStoredKey); + } + + /** +@@ -245,6 +245,7 @@ public class ScramFunctions { + public static boolean verifyServerSignature( + ScramMechanism scramMechanism, byte[] serverKey, String authMessage, byte[] serverSignature + ) { +- return Arrays.equals(serverSignature(scramMechanism, serverKey, authMessage), serverSignature); ++ byte[] computedServerSignature = serverSignature(scramMechanism, serverKey, authMessage); ++ return MessageDigest.isEqual(serverSignature, computedServerSignature); + } + } +-- +2.51.0 + diff --git a/ongres-scram.spec b/ongres-scram.spec index fdada8bc5cb7f8997888330bf66edd6ae2339513..36694d85cf4db2e6b9b096cdfae4eb960310d346 100644 --- a/ongres-scram.spec +++ b/ongres-scram.spec @@ -1,10 +1,11 @@ Name: ongres-scram Version: 2.1 -Release: 1 +Release: 2 Summary: Java Implementation for SCRAM(Salted Challenge Response Authentication Mechanism) License: BSD URL: https://github.com/ongres/scram Source0: https://github.com/ongres/scram/archive/2.1/scram-2.1.tar.gz +Patch0: CVE-2025-59432.patch BuildRequires: maven-local ongres-stringprep BuildArch: noarch @@ -62,6 +63,9 @@ sed -i 's/[0-9a-f]\{8\}-[0-9a-f]\{4\}-[0-9a-f]\{4\}-[0-9a-f]\{4\}-[0-9a-f]\{12\} %files parent -f .mfiles-parent %changelog +* Fri Sep 26 2025 wangkai <13474090681@163.com> - 2.1-2 +- Fix CVE-2025-59432 + * Thu Feb 17 houyingchao - 2.1-1 - Upgrade to 2.1 version - Fix CVE-2022-21724