Bug#815662: libssh2: diff for NMU version 1.5.0-2.1

Tue, 23 Feb 2016 11:37:13 -0800 

Hi Mikhail,

I've prepared an NMU for libssh2 (versioned as 1.5.0-2.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore

diff -Nru libssh2-1.5.0/debian/changelog libssh2-1.5.0/debian/changelog
--- libssh2-1.5.0/debian/changelog	2015-03-19 16:16:26.000000000 +0100
+++ libssh2-1.5.0/debian/changelog	2016-02-23 20:23:43.000000000 +0100
@@ -1,3 +1,11 @@
+libssh2 (1.5.0-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2016-0787: bits/bytes confusion resulting in truncated
+    Diffie-Hellman secret length (Closes: #815662)
+
+ -- Salvatore Bonaccorso <[email protected]>  Tue, 23 Feb 2016 20:22:46 +0100
+
 libssh2 (1.5.0-2) unstable; urgency=medium
 
   * Fix ABI by linking to gcrypt again (Closes: #781507)
diff -Nru libssh2-1.5.0/debian/patches/0001-diffie_hellman_sha1-convert-bytes-to-bits.patch libssh2-1.5.0/debian/patches/0001-diffie_hellman_sha1-convert-bytes-to-bits.patch
--- libssh2-1.5.0/debian/patches/0001-diffie_hellman_sha1-convert-bytes-to-bits.patch	1970-01-01 01:00:00.000000000 +0100
+++ libssh2-1.5.0/debian/patches/0001-diffie_hellman_sha1-convert-bytes-to-bits.patch	2016-02-23 20:23:43.000000000 +0100
@@ -0,0 +1,25 @@
+From ca5222ea819cc5ed797860070b4c6c1aeeb28420 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <[email protected]>
+Date: Thu, 11 Feb 2016 13:52:20 +0100
+Subject: [PATCH] diffie_hellman_sha1: convert bytes to bits
+
+As otherwise we get far too small numbers.
+
+Reported-by: Andreas Schneider
+
+CVE-2016-0787
+---
+ src/kex.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/kex.c
++++ b/src/kex.c
+@@ -103,7 +103,7 @@ static int diffie_hellman_sha1(LIBSSH2_S
+         memset(&exchange_state->req_state, 0, sizeof(packet_require_state_t));
+ 
+         /* Generate x and e */
+-        _libssh2_bn_rand(exchange_state->x, group_order, 0, -1);
++        _libssh2_bn_rand(exchange_state->x, group_order * 8 - 1, 0, -1);
+         _libssh2_bn_mod_exp(exchange_state->e, g, exchange_state->x, p,
+                             exchange_state->ctx);
+ 
diff -Nru libssh2-1.5.0/debian/patches/series libssh2-1.5.0/debian/patches/series
--- libssh2-1.5.0/debian/patches/series	2015-03-19 16:16:26.000000000 +0100
+++ libssh2-1.5.0/debian/patches/series	2016-02-23 20:23:43.000000000 +0100
@@ -1,2 +1,3 @@
 0001-Add-lgpg-error-to-.pc-to-facilitate-static-linking.patch
 0001-Do-not-expose-private-libraries-nor-link-flags-to-us.patch
+0001-diffie_hellman_sha1-convert-bytes-to-bits.patch

Reply via email to