Your message dated Sat, 16 May 2026 11:07:43 +0000
with message-id <[email protected]>
and subject line Released with 12.14
has caused the Debian Bug report #1134379,
regarding bookworm-pu: package phpseclib/1.0.20-1+deb12u5
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1134379: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134379
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:phpseclib
User: [email protected]
Usertags: pu
[ This bug report is similar to #1134374 for trixie ]
I’d like to get CVE-2026-40194 fixed in an upcoming point release. This
is a variable-time comparison tagged as no-dsa. The change is pretty
trivial.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
Regards,
taffit
diff -Nru phpseclib-1.0.20/debian/changelog phpseclib-1.0.20/debian/changelog
--- phpseclib-1.0.20/debian/changelog 2026-03-24 18:16:23.000000000 +0100
+++ phpseclib-1.0.20/debian/changelog 2026-04-19 11:37:43.000000000 +0200
@@ -1,6 +1,14 @@
+phpseclib (1.0.20-1+deb12u4) bookworm; urgency=medium
+
+ * Fix bug number in previous changelog entry
+ * SSH2: use constant time string comparison in get_binary_packet()
+ [CVE-2026-40194]
+
+ -- David Prévot <[email protected]> Sun, 19 Apr 2026 11:37:43 +0200
+
phpseclib (1.0.20-1+deb12u3) bookworm-security; urgency=medium
- * make unpadding constant time [CVE-2026-32935] (Closes: #1131485)
+ * make unpadding constant time [CVE-2026-32935] (Closes: #1131484)
* X509: fix for weird characters in subjaltname [CVE-2023-52892]
-- David Prévot <[email protected]> Tue, 24 Mar 2026 18:16:23 +0100
diff -Nru phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch
--- phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch 1970-01-01 01:00:00.000000000 +0100
+++ phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch 2026-04-19 11:37:07.000000000 +0200
@@ -0,0 +1,58 @@
+From: terrafrost <[email protected]>
+Date: Thu, 9 Apr 2026 18:14:19 -0500
+Subject: SSH2: use constant time string comparison in get_binary_packet():
+
+Origin: backport, https://github.com/phpseclib/phpseclib/commit/ffe48b6b1b1af6963327f0a5330e3aa004a194ac
+Bug: https://github.com/phpseclib/phpseclib/security/advisories/GHSA-r854-jrxh-36qx
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2026-40194
+---
+ phpseclib/Net/SSH2.php | 31 ++++++++++++++++++++++++++++++-
+ 1 file changed, 30 insertions(+), 1 deletion(-)
+
+diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php
+index 93375df..c90c0e2 100644
+--- a/phpseclib/Net/SSH2.php
++++ b/phpseclib/Net/SSH2.php
+@@ -3686,7 +3686,7 @@ class Net_SSH2
+ $this->bitmap = 0;
+ user_error('Error reading socket');
+ return false;
+- } elseif ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) {
++ } elseif (!$this->_equals($hmac, $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding)))) {
+ user_error('Invalid HMAC');
+ return false;
+ }
+@@ -5488,4 +5488,33 @@ class Net_SSH2
+ {
+ $this->smartMFA = false;
+ }
++
++ /**
++ * Constant time equality testing
++ *
++ * Pretty much copy / pasted from Crypt/RSA.php
++ *
++ * @access private
++ * @param string $x
++ * @param string $y
++ * @return bool
++ */
++ function _equals($x, $y)
++ {
++ if (function_exists('hash_equals')) {
++ return hash_equals($x, $y);
++ }
++
++ if (strlen($x) != strlen($y)) {
++ return false;
++ }
++
++ $result = "\0";
++ $x^= $y;
++ for ($i = 0; $i < strlen($x); $i++) {
++ $result|= $x[$i];
++ }
++
++ return $result === "\0";
++ }
+ }
diff -Nru phpseclib-1.0.20/debian/patches/series phpseclib-1.0.20/debian/patches/series
--- phpseclib-1.0.20/debian/patches/series 2026-03-24 18:16:23.000000000 +0100
+++ phpseclib-1.0.20/debian/patches/series 2026-04-19 11:37:07.000000000 +0200
@@ -13,3 +13,4 @@
0013-BigInteger-fix-getLength.patch
0014-make-unpadding-constant-time.patch
0015-X509-fix-for-weird-characters-in-subjaltname.patch
+0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 12.14
This update has been released as part of Debian 12.14.
--- End Message ---
