This bug was fixed in the package openssh - 1:7.6p1-4ubuntu0.6
---
openssh (1:7.6p1-4ubuntu0.6) bionic; urgency=medium
* fix clients advertising version 1.99 (LP: #1863930)
- d/p/lp-1863930-Fix-logic-bug-in-sshd_exchange_identification.patch
- d/p/lp-1863930-unbreak-clients-
Validated according to test case from description:
root@bionic-ssh:~# python3 test_bug_1863930.py localhost
Server is patched
root@bionic-ssh:~# dpkg -l | grep openssh
ii openssh-client 1:7.6p1-4ubuntu0.6 amd64
secure shell (SSH) client, for secure acces
Server-Team: As you see in the bug-history we (Server Team) have
ourselves stopped working on this believing it might be too much of a
corner case waiting for it to come back. But that come-back has happened
by even more people reporting to be affected. Therefore - as much as it
initially seems to
** Changed in: openssh (Ubuntu Bionic)
Status: Incomplete => In Progress
** Tags added: sts sts-sponsor-halves
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
ACK from the security team on the changes in the MP.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Title:
SSH 1.99 clients fail to connect to openssh-server 1:7.6
** Tags removed: server-todo
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Title:
SSH 1.99 clients fail to connect to openssh-server 1:7.6p1-4ubuntu0.3
Status in
** Changed in: openssh (Ubuntu Bionic)
Assignee: (unassigned) => Heitor Alves de Siqueira (halves)
** Changed in: openssh (Ubuntu Bionic)
Importance: Low => High
** Changed in: openssh (Ubuntu Bionic)
Importance: High => Medium
--
You received this bug notification because you are a
As per Mark's description, this seems to fall in the
> - some reasonable cases exists, but are very rare: SRU it but hold the
release in block-proposed until the next "important" update comes
case described above.
** Tags added: server-todo
--
You received this bug notification because you are
** Changed in: openssh (Ubuntu Bionic)
Assignee: Christian Ehrhardt (paelzer) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Title:
SSH 1.99
Canonical client has opened a case regarding this as a current issue
preventing them from upgrading their systems from 14.04 to 18.04.
This blocker is due to the version of openssh-server on Bionic not
allowing the SolarWinds monitoring agent to establish a successful SSH
connection, as it adverti
** Description changed:
[Impact]
* The version check in ssh was broken no more following RFC 4253 and
- thereby denying some clients that it shouldn't
+ thereby denying some clients that it shouldn't.
- * Upstream fixed that and this is backporting the changes to bionic.
+ht
** Tags removed: server-next
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Title:
SSH 1.99 clients fail to connect to openssh-server 1:7.6p1-4ubuntu0.3
Status in
Merge Proposal review is complete, but waiting on some feedback that
helps to classify the severity and urgency correctly.
Depending on that the options will be:
- actually unimportant: don't SRU it at all
- some reasonable cases exists, but are very rare: SRU it but hold the release
in block-pro
Autopkgtests are complete on the PPA at
https://bileto.ubuntu.com/#/ticket/3962
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3962/+packages
Tests all passed or are known force-badtest cases already.
Waiting for Kyle's response to properly handle the severity of this ...
--
You r
I've redone the patches following the usual patch guidelines and opened an MP
with these at:
=>
https://code.launchpad.net/~paelzer/ubuntu/+source/openssh/+git/openssh/+merge/380138
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscrib
** Merge proposal linked:
https://code.launchpad.net/~paelzer/ubuntu/+source/openssh/+git/openssh/+merge/380138
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Ti
Thanks Kyle,
I agree the testcase is great and works in my tests.
This is exactly what I needed to craft the SRU template as needed.
But OTOH about severity of this, as it will mean everyone having ssh installed
(which is almost every installation out there) will have to download and
install a n
The easiest way I found to reproduce was to monkey patch the python
paramiko library. I've attached a short script which can be used to
test a host. It requires either python-paramiko or python3-paramiko to
run.
** Attachment added: "test_bug_1863930.py"
https://bugs.launchpad.net/ubuntu/bio
Yep, thanks cjwatson
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Title:
SSH 1.99 clients fail to connect to openssh-server 1:7.6p1-4ubuntu0.3
Status in openssh
@Kyle - in prep for an SRU - do you have steps to reproduce this e.g.
with which Ubuntu based client/options one can easily send 1.99 on a
connection attempt?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
I have time to maintain openssh in Debian, but in general I don't have
cycles to deal with SRUs, so please could somebody else take care of
that part?
** Changed in: openssh (Ubuntu Bionic)
Assignee: Colin Watson (cjwatson) => (unassigned)
--
You received this bug notification because you a
Assigned to cjwatson for now, but feel free to tell us you want us to
drive the SRU for this and we can change it.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Tit
Thanks Kyle for the great report and prepping a fix already.
offending: 97f4d3083 is in >=1%7.6p1-1
fix: 9e9c4a7e5 is in >=1%7.7p1-1
fix: c9c1bba06 is in >=1%7.7p1-1
Matching that with versions in Ubuntu means only Bionic should be
affected.
openssh | 1:5.9p1-5ubuntu1| precise | sou
The attachment "protocol_major_version_mismatch_regression.patch" seems
to be a patch. If it isn't, please remove the "patch" flag from the
attachment, remove the "patch" tag, and if you are a member of the
~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Laun
24 matches
Mail list logo