Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1059005: libssh2: CVE-2023-48795
10 views
Skip to first unread message
Salvatore Bonaccorso
Dec 19, 2023, 3:40:05 AM12/19/23
to
Source: libssh2
Version: 1.11.0-3
Severity: important
Tags: security upstream
Forwarded: https://github.com/libssh2/libssh2/issues/1290
X-Debbugs-Cc: car...@debian.org, Debian Security Team <te...@security.debian.org>
Hi,
The following vulnerability was published for libssh2.
CVE-2023-48795[0]:
| The SSH transport protocol with certain OpenSSH extensions, found in
| OpenSSH before 9.6 and other products, allows remote attackers to
| bypass integrity checks such that some packets are omitted (from the
| extension negotiation message), and a client and server may
| consequently end up with a connection for which some security
| features have been downgraded or disabled, aka a Terrapin attack.
| This occurs because the SSH Binary Packet Protocol (BPP),
| implemented by these extensions, mishandles the handshake phase and
| mishandles use of sequence numbers. For example, there is an
| effective attack against SSH's use of ChaCha20-Poly1305 (and CBC
| with Encrypt-then-MAC). The bypass occurs in
| chacha20...@openssh.com and (if CBC is used) the
| -e...@openssh.com MAC algorithms. This also affects Maverick Synergy
| Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh
| before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before
| 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, and
| libssh2 through 1.11.0; and there could be effects on Bitvise SSH
| through 9.31.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-48795
https://www.cve.org/CVERecord?id=CVE-2023-48795
[1] https://github.com/libssh2/libssh2/issues/1290
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Version: 1.11.0-3
Severity: important
Tags: security upstream
Forwarded: https://github.com/libssh2/libssh2/issues/1290
X-Debbugs-Cc: car...@debian.org, Debian Security Team <te...@security.debian.org>
Hi,
The following vulnerability was published for libssh2.
CVE-2023-48795[0]:
| The SSH transport protocol with certain OpenSSH extensions, found in
| OpenSSH before 9.6 and other products, allows remote attackers to
| bypass integrity checks such that some packets are omitted (from the
| extension negotiation message), and a client and server may
| consequently end up with a connection for which some security
| features have been downgraded or disabled, aka a Terrapin attack.
| This occurs because the SSH Binary Packet Protocol (BPP),
| implemented by these extensions, mishandles the handshake phase and
| mishandles use of sequence numbers. For example, there is an
| effective attack against SSH's use of ChaCha20-Poly1305 (and CBC
| with Encrypt-then-MAC). The bypass occurs in
| chacha20...@openssh.com and (if CBC is used) the
| -e...@openssh.com MAC algorithms. This also affects Maverick Synergy
| Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh
| before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before
| 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, and
| libssh2 through 1.11.0; and there could be effects on Bitvise SSH
| through 9.31.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-48795
https://www.cve.org/CVERecord?id=CVE-2023-48795
[1] https://github.com/libssh2/libssh2/issues/1290
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Salvatore Bonaccorso
Dec 19, 2023, 2:40:04 PM12/19/23
to
Hi Nicolas,
On Tue, Dec 19, 2023 at 01:35:50PM -0500, Nicolas Mora wrote:
> Hello, thanks for the notification!
> under, is it the case?
>
> I'm wondering also because they have the same version in bookworm and
> trixie, and the issue on github doesn't mention the version that is
> affected, therefore I assume all versions are vulnerable, isn't it?
It's not the same version :).
bookworm has 0.10.0 based version, whereas in testing and bove we have
1.11.0 based one. For bookworm and older there is no haCha20-Poly1305
and CBC-EtM support, which was only introduced after the 0.10.0
release.
Thus for libssh2 only unstable needs fixing (and then the fix mgirate
to testing).
Does this help?
Regards,
Salvatore
On Tue, Dec 19, 2023 at 01:35:50PM -0500, Nicolas Mora wrote:
> Hello, thanks for the notification!
>
> Le 2023-12-19 à 03 h 26, Salvatore Bonaccorso a écrit :
> > Source: libssh2
> > Version: 1.11.0-3
> > Severity: important
> > Tags: security upstream
> > Forwarded: https://github.com/libssh2/libssh2/issues/1290
> > X-Debbugs-Cc: car...@debian.org, Debian Security Team <te...@security.debian.org>
> >
> I've noticed on [1] that this CVE is fixed for libssh2 on bookworm and
> Le 2023-12-19 à 03 h 26, Salvatore Bonaccorso a écrit :
> > Source: libssh2
> > Version: 1.11.0-3
> > Severity: important
> > Tags: security upstream
> > Forwarded: https://github.com/libssh2/libssh2/issues/1290
> > X-Debbugs-Cc: car...@debian.org, Debian Security Team <te...@security.debian.org>
> >
> under, is it the case?
>
> I'm wondering also because they have the same version in bookworm and
> trixie, and the issue on github doesn't mention the version that is
> affected, therefore I assume all versions are vulnerable, isn't it?
It's not the same version :).
bookworm has 0.10.0 based version, whereas in testing and bove we have
1.11.0 based one. For bookworm and older there is no haCha20-Poly1305
and CBC-EtM support, which was only introduced after the 0.10.0
release.
Thus for libssh2 only unstable needs fixing (and then the fix mgirate
to testing).
Does this help?
Regards,
Salvatore
Salvatore Bonaccorso
Dec 19, 2023, 3:20:07 PM12/19/23
to
Hello,
On Tue, Dec 19, 2023 at 03:04:35PM -0500, Nicolas Mora wrote:
> Hello,
>
Yeah the same Debian revision was confusing, after your question I had
to double check again :)
> I'll prepare a fix for unstable then, thanks!
Looking from the commit activity in the upstream repository and last
commits touching the release notes I guess upstream is finalizing a
new release? If so it might be worth to just go to the new upstream
version rather than cherry-picking the commit adding strict KEX
support.
But that said, fully trusting you on the matter and up to you on next
steps.
Thanks for working on it!
Regards,
Salvatore
On Tue, Dec 19, 2023 at 03:04:35PM -0500, Nicolas Mora wrote:
> Hello,
>
> Le 2023-12-19 à 14 h 32, Salvatore Bonaccorso a écrit :
> >
> > It's not the same version :).
> >
> > bookworm has 0.10.0 based version, whereas in testing and bove we have
> > 1.11.0 based one. For bookworm and older there is no haCha20-Poly1305
> > and CBC-EtM support, which was only introduced after the 0.10.0
> > release.
> >
> > Thus for libssh2 only unstable needs fixing (and then the fix mgirate
> > to testing).
> >
> > Does this help?
> >
> My bad, I missed the difference between 1.10 and 1.11 :p
> >
> > It's not the same version :).
> >
> > bookworm has 0.10.0 based version, whereas in testing and bove we have
> > 1.11.0 based one. For bookworm and older there is no haCha20-Poly1305
> > and CBC-EtM support, which was only introduced after the 0.10.0
> > release.
> >
> > Thus for libssh2 only unstable needs fixing (and then the fix mgirate
> > to testing).
> >
> > Does this help?
> >
Yeah the same Debian revision was confusing, after your question I had
to double check again :)
> I'll prepare a fix for unstable then, thanks!
Looking from the commit activity in the upstream repository and last
commits touching the release notes I guess upstream is finalizing a
new release? If so it might be worth to just go to the new upstream
version rather than cherry-picking the commit adding strict KEX
support.
But that said, fully trusting you on the matter and up to you on next
steps.
Thanks for working on it!
Regards,
Salvatore
Nicolas Mora
Jan 4, 2024, 3:50:05 PM1/4/24
to
Hello,
I've uploaded a new package with the patch for unstable, instead of waiting for the new upstream release. I didn't want the holidays and the new release process to delay the fix too much...
I've uploaded a new package with the patch for unstable, instead of waiting for the new upstream release. I didn't want the holidays and the new release process to delay the fix too much...
Salvatore Bonaccorso
Jan 4, 2024, 4:50:05 PM1/4/24
to
Hi Nicolas,
Thanks, have seen it! (security-tracker metadata is already updated).
Regards,
Salvatore
Regards,
Salvatore
0 new messages