[MEN-1412] Artifact checksums is not verified for headers, only payload - Northern.tech AS

XML

Word

Printable

Details

Type: Bug
Status: Done
Priority: Blocker
Resolution: Fixed
Affects Version/s: 1.2.0
Fix Version/s: 1.2.1, 1.1.2
Labels:
- Client

Sprint:
MEN Sprint 44, MEN Sprint 45
Story Points:
8
Backlog:
yes

Description

To reproduce:

Extract an update using regular tar xf update.mender.
Open the manifest file and change any of the checksums for the headers, but not the payload (data).
Try to apply the update with mender -rootfs.

Mender accepts the update even though it shouldn't. This is a serious issue because it allows an attacker to make arbitrary changes to state scripts of a signed update.

Acceptance criteria:

Mender should not accept wrong checksum on any headers.
This must be tested in acceptance tests
- The test_signed_updates test might be a good place to add it. It already deals with corrupting checksums and trying to update using those.
Must update vendored dependency in all repositories that vendor mender-artifact, including the servers.

Attachments

Release management

Activity

People

Assignee:: Kristian Amlie

Reporter:: Kristian Amlie

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 05/Sep/17 9:04 AM

Updated:: 03/Oct/17 11:08 PM

Resolved:: 28/Sep/17 7:06 PM