Security Release: 0.8.5 - cookie_decode() vulnerability.
Marcel Hellkamp
Description:
This vulnerability reduces the amount of time required to guess a valid
signature for a forged cookie.
Affects:
Bottle 0.6.4 up to 0.8.4, applications that use the secure-cookie feature.
Workaround:
Do not use secure-cookies with unpatched versions of Bottle.
Details:
Prior to this patch, the transmitted signature and the calculated
(valid) signature were compared using the python '==' operator. The
runtime of this operation depends on the length of a common string
prefix. The time difference is barely measurable for a single request,
but it exists. An attacker could send a large amounts of request with
different signatures, measure the time for each request and
statistically determine which signature is most likely to have a valid
prefix. On a fast network, this can reduce the time required to guess a
valid signature for a forged cookie.
Thanks to:
Jean-Paul "exarkun" Calderone (py-dev mailinglist)
Marcel Hellkamp
Commit:
https://github.com/defnull/bottle/commit/e3c6c46a605ca7a03238e76a8fb71adc5e14a3db
PyPi: http://pypi.python.org/pypi/bottle/0.8.5