Hello community, here is the log from the commit of package libssh for openSUSE:Leap:15.2 checked in at 2020-04-14 14:19:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/libssh (Old) and /work/SRC/openSUSE:Leap:15.2/.libssh.new.3248 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libssh" Tue Apr 14 14:19:02 2020 rev:32 rq:793363 version:0.8.7 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/libssh/libssh.changes 2020-02-04 17:53:33.220717906 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.libssh.new.3248/libssh.changes 2020-04-14 14:19:02.713187795 +0200 @@ -1,0 +2,7 @@ +Mon Apr 6 18:30:22 UTC 2020 - James McDonough <[email protected]> + +- Fix possible Denial of Service attack when using AES-CTR + ciphers; (bsc#1168699) + * Add 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch + +------------------------------------------------------------------- New: ---- 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libssh.spec ++++++ --- /var/tmp/diff_new_pack.YUOLL8/_old 2020-04-14 14:19:03.237188186 +0200 +++ /var/tmp/diff_new_pack.YUOLL8/_new 2020-04-14 14:19:03.237188186 +0200 @@ -40,6 +40,7 @@ Patch2: 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch Patch3: 0001-tests-Add-aes-gcm-ciphers-tests.patch Patch4: CVE-2019-14889.patch +Patch5: 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch # cmake pulls curl, but libssh is a dependency of it, so avoid cycles by using curl-mini #!BuildRequires: libcurl4-mini BuildRequires: cmake ++++++ 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch ++++++ >From fa772dbe48f6c716f130e80562840d47dda5a1b7 Mon Sep 17 00:00:00 2001 From: Andreas Schneider <[email protected]> Date: Tue, 11 Feb 2020 11:52:33 +0100 Subject: [PATCH] CVE-2020-1730: Fix a possible segfault when zeroing AES-CTR key Fixes T213 Signed-off-by: Andreas Schneider <[email protected]> Reviewed-by: Anderson Toshiyuki Sasaki <[email protected]> --- src/libcrypto.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/libcrypto.c b/src/libcrypto.c index b3792264..e9f519ec 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -713,8 +713,12 @@ aes_ctr_encrypt(struct ssh_cipher_struct *cipher, } static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){ - explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key)); - SAFE_FREE(cipher->aes_key); + if (cipher != NULL) { + if (cipher->aes_key != NULL) { + explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key)); + } + SAFE_FREE(cipher->aes_key); + } } #endif /* HAVE_OPENSSL_EVP_AES_CTR */ -- 2.26.0
