Bug#1059005: libssh2: CVE-2023-48795
Hi Nicolas, On Thu, Jan 04, 2024 at 03:38:29PM -0500, Nicolas Mora wrote: > Hello, > > I've uploaded a new package with the patch for unstable, instead of > waiting for the new upstream release. I didn't want the holidays and > the new release process to delay the fix too much... Thanks, have seen it! (security-tracker metadata is already updated). Regards, Salvatore
Bug#1059005: libssh2: CVE-2023-48795
Hello, I've uploaded a new package with the patch for unstable, instead of waiting for the new upstream release. I didn't want the holidays and the new release process to delay the fix too much...
Bug#1059005: libssh2: CVE-2023-48795
Hello, Le 2023-12-19 à 15 h 13, Salvatore Bonaccorso a écrit : I'll prepare a fix for unstable then, thanks! Looking from the commit activity in the upstream repository and last commits touching the release notes I guess upstream is finalizing a new release? If so it might be worth to just go to the new upstream version rather than cherry-picking the commit adding strict KEX support. But that said, fully trusting you on the matter and up to you on next steps. I've also seen that they are preparing a release soon that will address this bug, so I'll wait a little bit to see what's what. The patch should be ready in salsa if someone needs. /Nicolas
Bug#1059005: libssh2: CVE-2023-48795
Hello, On Tue, Dec 19, 2023 at 03:04:35PM -0500, Nicolas Mora wrote: > Hello, > > Le 2023-12-19 à 14 h 32, Salvatore Bonaccorso a écrit : > > > > It's not the same version :). > > > > bookworm has 0.10.0 based version, whereas in testing and bove we have > > 1.11.0 based one. For bookworm and older there is no haCha20-Poly1305 > > and CBC-EtM support, which was only introduced after the 0.10.0 > > release. > > > > Thus for libssh2 only unstable needs fixing (and then the fix mgirate > > to testing). > > > > Does this help? > > > My bad, I missed the difference between 1.10 and 1.11 :p Yeah the same Debian revision was confusing, after your question I had to double check again :) > I'll prepare a fix for unstable then, thanks! Looking from the commit activity in the upstream repository and last commits touching the release notes I guess upstream is finalizing a new release? If so it might be worth to just go to the new upstream version rather than cherry-picking the commit adding strict KEX support. But that said, fully trusting you on the matter and up to you on next steps. Thanks for working on it! Regards, Salvatore
Bug#1059005: libssh2: CVE-2023-48795
Hello, Le 2023-12-19 à 14 h 32, Salvatore Bonaccorso a écrit : It's not the same version :). bookworm has 0.10.0 based version, whereas in testing and bove we have 1.11.0 based one. For bookworm and older there is no haCha20-Poly1305 and CBC-EtM support, which was only introduced after the 0.10.0 release. Thus for libssh2 only unstable needs fixing (and then the fix mgirate to testing). Does this help? My bad, I missed the difference between 1.10 and 1.11 :p I'll prepare a fix for unstable then, thanks! /Nicolas
Bug#1059005: libssh2: CVE-2023-48795
Hi Nicolas, On Tue, Dec 19, 2023 at 01:35:50PM -0500, Nicolas Mora wrote: > Hello, thanks for the notification! > > Le 2023-12-19 à 03 h 26, Salvatore Bonaccorso a écrit : > > Source: libssh2 > > Version: 1.11.0-3 > > Severity: important > > Tags: security upstream > > Forwarded: https://github.com/libssh2/libssh2/issues/1290 > > X-Debbugs-Cc: car...@debian.org, Debian Security Team > > > > > I've noticed on [1] that this CVE is fixed for libssh2 on bookworm and > under, is it the case? > > I'm wondering also because they have the same version in bookworm and > trixie, and the issue on github doesn't mention the version that is > affected, therefore I assume all versions are vulnerable, isn't it? It's not the same version :). bookworm has 0.10.0 based version, whereas in testing and bove we have 1.11.0 based one. For bookworm and older there is no haCha20-Poly1305 and CBC-EtM support, which was only introduced after the 0.10.0 release. Thus for libssh2 only unstable needs fixing (and then the fix mgirate to testing). Does this help? Regards, Salvatore
Bug#1059005: libssh2: CVE-2023-48795
Hello, thanks for the notification! Le 2023-12-19 à 03 h 26, Salvatore Bonaccorso a écrit : Source: libssh2 Version: 1.11.0-3 Severity: important Tags: security upstream Forwarded: https://github.com/libssh2/libssh2/issues/1290 X-Debbugs-Cc: car...@debian.org, Debian Security Team I've noticed on [1] that this CVE is fixed for libssh2 on bookworm and under, is it the case? I'm wondering also because they have the same version in bookworm and trixie, and the issue on github doesn't mention the version that is affected, therefore I assume all versions are vulnerable, isn't it? /Nicolas [1] https://security-tracker.debian.org/tracker/source-package/libssh2 [2] https://github.com/libssh2/libssh2/issues/1290
Bug#1059005: libssh2: CVE-2023-48795
Source: libssh2 Version: 1.11.0-3 Severity: important Tags: security upstream Forwarded: https://github.com/libssh2/libssh2/issues/1290 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for libssh2. CVE-2023-48795[0]: | The SSH transport protocol with certain OpenSSH extensions, found in | OpenSSH before 9.6 and other products, allows remote attackers to | bypass integrity checks such that some packets are omitted (from the | extension negotiation message), and a client and server may | consequently end up with a connection for which some security | features have been downgraded or disabled, aka a Terrapin attack. | This occurs because the SSH Binary Packet Protocol (BPP), | implemented by these extensions, mishandles the handshake phase and | mishandles use of sequence numbers. For example, there is an | effective attack against SSH's use of ChaCha20-Poly1305 (and CBC | with Encrypt-then-MAC). The bypass occurs in | chacha20-poly1...@openssh.com and (if CBC is used) the | -e...@openssh.com MAC algorithms. This also affects Maverick Synergy | Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh | before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before | 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, and | libssh2 through 1.11.0; and there could be effects on Bitvise SSH | through 9.31. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-48795 https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] https://github.com/libssh2/libssh2/issues/1290 Please adjust the affected versions in the BTS as needed. Regards, Salvatore