[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1059693: marked as done (bullseye-pu: package filezilla/filezilla_3.52.2-3+deb11u1)

Your message dated Sat, 10 Feb 2024 13:02:58 +0000
with message-id <E1rYn0U-002xsK-7B@coccia.debian.org>
and subject line Released with 11.9
has caused the Debian Bug report #1059693,
regarding bullseye-pu: package filezilla/filezilla_3.52.2-3+deb11u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1059693: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059693
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: filezilla@packages.debian.org
Control: affects -1 + src:filezilla

[ Reason ]
This will address the no-DSA CVE-2023-48795. The vulnerability has been
fixed in sid and trixie.

https://security-tracker.debian.org/tracker/CVE-2023-48795

[ Impact ]
The impact of putty itself and by proxy also for the SFTP support in filezilla is
fortunately very limited : At most an attacker could use abuse terrapin to force
the use of SHA1 as negotiated during the server-sig-algs exchange:
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terrapin.html

[ Tests ]
The fix has been extensively tested by upstream.

I have built affected filezilla versions with and without patching and performed a variety of
connection, transfer and general use tests to be sure this update will work as users expect.

[ Risks ]
The updating of the embedded putty within filezilla from upstream commits was very straightforward
and is minimal risk.

The only variation from upstream is to add the PTRLEN_DECL_LITERAL define macro that was added to
putty after the filezilla release in bullseye fixing compile errors.

[ Checklist ]
 [X] *all* changes are documented in the d/changelog
 [X] I reviewed all changes and I approve them
 [X] attach debdiff against the package in (old)stable
 [X] the issue is verified as fixed in unstable

[ Other info ]
None.

Regards

Phil

-- 
Playing the game for the games sake.

Web:

* Debian Wiki: https://wiki.debian.org/PhilWyett
* Website: https://kathenas.org
* Social Debian: https://pleroma.debian.social/kathenas/
* Social Instagram: https://www.instagram.com/kathenasorg/


diff -Nru filezilla-3.52.2/debian/changelog filezilla-3.52.2/debian/changelog
--- filezilla-3.52.2/debian/changelog	2021-01-21 10:38:25.000000000 +0000
+++ filezilla-3.52.2/debian/changelog	2023-12-26 21:06:56.000000000 +0000
@@ -1,3 +1,10 @@
+filezilla (3.52.2-3+deb11u1) bullseye; urgency=medium
+
+  * [CVE-2023-48795] - Add patch: CVE-2023-48795.patch.
+    - Ref: https://security-tracker.debian.org/tracker/CVE-2023-48795
+
+ -- Phil Wyett <philip.wyett@kathenas.org>  Tue, 26 Dec 2023 21:06:56 +0000
+
 filezilla (3.52.2-3) unstable; urgency=medium
 
   [Phil Wyett]
diff -Nru filezilla-3.52.2/debian/patches/CVE-2023-48795.patch filezilla-3.52.2/debian/patches/CVE-2023-48795.patch
--- filezilla-3.52.2/debian/patches/CVE-2023-48795.patch	1970-01-01 01:00:00.000000000 +0100
+++ filezilla-3.52.2/debian/patches/CVE-2023-48795.patch	2023-12-26 21:06:56.000000000 +0000
@@ -0,0 +1,279 @@
+Description: Cherry pick and modify upstream fix for CVE-2023-48795.
+
+Picked from upstream commits:
+
+filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11047
+filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11048
+filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11049
+filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11051
+
+Other:
+
+In 'src/putty/misc.h' addition of macro 'PTRLEN_DECL_LITERAL' from PUTTY upstream.
+
+Author: Phil Wyett <philip.wyett@kathenas.org>
+
+================================================================================
+--- a/src/putty/ssh2transport.c
++++ b/src/putty/ssh2transport.c
+@@ -26,6 +26,11 @@ const static ssh2_macalg *const buggymacs[] = {
+     &ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5
+ };
+ 
++const static ptrlen kex_strict_c =
++    PTRLEN_DECL_LITERAL("kex-strict-c-v00@openssh.com");
++const static ptrlen kex_strict_s =
++    PTRLEN_DECL_LITERAL("kex-strict-s-v00@openssh.com");
++
+ static ssh_compressor *ssh_comp_none_init(void)
+ {
+     return NULL;
+@@ -385,6 +390,31 @@ static bool ssh2_transport_filter_queue(struct ssh2_transport_state *s)
+ {
+     PktIn *pktin;
+ 
++    if (!s->enabled_incoming_crypto) {
++        /*
++         * Record the fact that we've seen any non-KEXINIT packet at
++         * the head of our queue.
++         *
++         * This enables us to check later that the initial incoming
++         * KEXINIT was the very first packet, if scanning the KEXINITs
++         * turns out to enable strict-kex mode.
++         */
++        PktIn *pktin = pq_peek(s->ppl.in_pq);
++        if (pktin && pktin->type != SSH2_MSG_KEXINIT)
++            s->seen_non_kexinit = true;
++
++        if (s->strict_kex) {
++            /*
++             * Also, if we're already in strict-KEX mode and haven't
++             * turned on crypto yet, don't do any actual filtering.
++             * This ensures that extraneous packets _after_ the
++             * KEXINIT will go to the main coroutine, which will
++             * complain about them.
++             */
++            return false;
++        }
++    }
++
+     while (1) {
+         if (ssh2_common_filter_queue(&s->ppl))
+             return true;
+@@ -757,6 +787,13 @@ static void ssh2_write_kexinit_lists(
+                 add_to_commasep(list, kexlists[i][j].name);
+             }
+         }
++        if (i == KEXLIST_KEX && first_time) {
++            if (our_hostkeys) {        /* we're the server */
++                add_to_commasep_pl(list, kex_strict_s);
++            } else {                   /* we're the client */
++                add_to_commasep_pl(list, kex_strict_c);
++            }
++        }
+         put_stringsb(pktout, list);
+     }
+     /* List client->server languages. Empty list. */
+@@ -765,14 +802,23 @@ static void ssh2_write_kexinit_lists(
+     put_stringz(pktout, "");
+ }
+ 
++static bool kexinit_keyword_found(ptrlen list, ptrlen keyword)
++{
++    for (ptrlen word; get_commasep_word(&list, &word) ;)
++        if (ptrlen_eq_ptrlen(word, keyword))
++            return true;
++    return false;
++}
++
+ static bool ssh2_scan_kexinits(
+-    ptrlen client_kexinit, ptrlen server_kexinit,
++    ptrlen client_kexinit, ptrlen server_kexinit, bool we_are_server,
+     struct kexinit_algorithm kexlists[NKEXLIST][MAXKEXLIST],
+     const ssh_kex **kex_alg, const ssh_keyalg **hostkey_alg,
+     transport_direction *cs, transport_direction *sc,
+     bool *warn_kex, bool *warn_hk, bool *warn_cscipher, bool *warn_sccipher,
+     Ssh *ssh, bool *ignore_guess_cs_packet, bool *ignore_guess_sc_packet,
+-    int *n_server_hostkeys, int server_hostkeys[MAXKEXLIST])
++    int *n_server_hostkeys, int server_hostkeys[MAXKEXLIST],
++    bool first_time, bool *strict_kex)
+ {
+     BinarySource client[1], server[1];
+     int i;
+@@ -971,6 +1017,14 @@ static bool ssh2_scan_kexinits(
+         }
+     }
+ 
++    /*
++     * Check whether the other side advertised support for kex-strict.
++     */
++    if (first_time && kexinit_keyword_found(
++            we_are_server ? clists[KEXLIST_KEX] : slists[KEXLIST_KEX],
++            we_are_server ? kex_strict_c : kex_strict_s))
++        *strict_kex = true;
++
+     if (server_hostkeys) {
+         /*
+          * Finally, make an auxiliary pass over the server's host key
+@@ -1138,12 +1192,26 @@ static void ssh2_transport_process_queue(PacketProtocolLayer *ppl)
+ 
+         if (!ssh2_scan_kexinits(
+                 ptrlen_from_strbuf(s->client_kexinit),
+-                ptrlen_from_strbuf(s->server_kexinit),
++                ptrlen_from_strbuf(s->server_kexinit), s->ssc != NULL,
+                 s->kexlists, &s->kex_alg, &s->hostkey_alg, s->cstrans,
+                 s->sctrans, &s->warn_kex, &s->warn_hk, &s->warn_cscipher,
+-                &s->warn_sccipher, s->ppl.ssh, NULL, &s->ignorepkt, &nhk, hks))
++                &s->warn_sccipher, s->ppl.ssh, NULL, &s->ignorepkt, &nhk, hks,
++                !s->got_session_id, &s->strict_kex))
+             return; /* false means a fatal error function was called */
+ 
++        /*
++         * If we've just turned on strict kex mode, say so, and
++         * retrospectively fault any pre-KEXINIT extraneous packets.
++         */
++        if (!s->got_session_id && s->strict_kex) {
++            ppl_logevent("Enabling strict key exchange semantics");
++            if (s->seen_non_kexinit) {
++                ssh_proto_error(s->ppl.ssh, "Received a packet before KEXINIT "
++                                "in strict-kex mode");
++                return;
++            }
++        }
++
+         /*
+          * In addition to deciding which host key we're actually going
+          * to use, we should make a list of the host keys offered by
+@@ -1333,7 +1401,9 @@ static void ssh2_transport_process_queue(PacketProtocolLayer *ppl)
+             s->ppl.bpp,
+             s->out.cipher, cipher_key->u, cipher_iv->u,
+             s->out.mac, s->out.etm_mode, mac_key->u,
+-            s->out.comp, s->out.comp_delayed);
++            s->out.comp, s->out.comp_delayed,
++            s->strict_kex);
++        s->enabled_outgoing_crypto = true;
+ 
+         strbuf_free(cipher_key);
+         strbuf_free(cipher_iv);
+@@ -1388,7 +1458,9 @@ static void ssh2_transport_process_queue(PacketProtocolLayer *ppl)
+             s->ppl.bpp,
+             s->in.cipher, cipher_key->u, cipher_iv->u,
+             s->in.mac, s->in.etm_mode, mac_key->u,
+-            s->in.comp, s->in.comp_delayed);
++            s->in.comp, s->in.comp_delayed,
++            s->strict_kex);
++        s->enabled_incoming_crypto = true;
+ 
+         strbuf_free(cipher_key);
+         strbuf_free(cipher_iv);
+--- a/src/putty/ssh2transport.h
++++ b/src/putty/ssh2transport.h
+@@ -180,6 +180,8 @@ struct ssh2_transport_state {
+     bool need_gss_transient_hostkey;
+     bool warned_about_no_gss_transient_hostkey;
+     bool got_session_id;
++    bool strict_kex, enabled_outgoing_crypto, enabled_incoming_crypto;
++    bool seen_non_kexinit;
+     int dlgret;
+     bool guessok;
+     bool ignorepkt;
+--- a/src/putty/misc.h.orig  2023-12-26 22:08:53.058083841 +0000
++++ b/src/putty/misc.h   2023-12-26 22:13:21.182448292 +0000
+@@ -205,6 +205,10 @@
+  * string. */
+ #define PTRLEN_LITERAL(stringlit) \
+     TYPECHECK("" stringlit "", make_ptrlen(stringlit, sizeof(stringlit)-1))
++/* Make a ptrlen out of a compile-time string literal in a way that
++ * allows you to declare the ptrlen itself as a compile-time initialiser. */
++#define PTRLEN_DECL_LITERAL(stringlit) \
++    { TYPECHECK("" stringlit "", stringlit), sizeof(stringlit)-1 }
+ /* Make a ptrlen out of a constant byte array. */
+ #define PTRLEN_FROM_CONST_BYTES(a) make_ptrlen(a, sizeof(a))
+ 
+--- a/src/putty/ssh.h.orig   2023-12-26 21:19:06.825369623 +0000
++++ b/src/putty/ssh.h    2023-12-26 21:20:06.546429641 +0000
+@@ -1555,6 +1555,7 @@
+               alloc_channel_id_general(tree, offsetof(type, localid)))
+ 
+ void add_to_commasep(strbuf *buf, const char *data);
++void add_to_commasep_pl(strbuf *buf, ptrlen data);
+ bool get_commasep_word(ptrlen *list, ptrlen *word);
+ 
+ int verify_ssh_manual_host_key(
+--- a/src/putty/ssh2bpp.c.orig	2021-06-29 09:59:07.000000000 +0100
++++ b/src/putty/ssh2bpp.c	2023-12-22 09:48:54.045561126 +0000
+@@ -115,7 +115,8 @@
+     BinaryPacketProtocol *bpp,
+     const ssh_cipheralg *cipher, const void *ckey, const void *iv,
+     const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
+-    const ssh_compression_alg *compression, bool delayed_compression)
++    const ssh_compression_alg *compression, bool delayed_compression,
++    bool reset_sequence_number)
+ {
+     struct ssh2_bpp_state *s;
+     assert(bpp->vt == &ssh2_bpp_vtable);
+@@ -155,6 +156,9 @@
+         s->out.mac = NULL;
+     }
+ 
++    if (reset_sequence_number)
++        s->out.sequence = 0;
++
+     if (delayed_compression && !s->seen_userauth_success) {
+         s->out.pending_compression = compression;
+         s->out_comp = NULL;
+@@ -179,7 +183,8 @@
+     BinaryPacketProtocol *bpp,
+     const ssh_cipheralg *cipher, const void *ckey, const void *iv,
+     const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
+-    const ssh_compression_alg *compression, bool delayed_compression)
++    const ssh_compression_alg *compression, bool delayed_compression,
++    bool reset_sequence_number)
+ {
+     struct ssh2_bpp_state *s;
+     assert(bpp->vt == &ssh2_bpp_vtable);
+@@ -237,6 +242,9 @@
+      * start consuming the input data again. */
+     s->pending_newkeys = false;
+ 
++    if (reset_sequence_number)
++        s->in.sequence = 0;
++
+     /* And schedule a run of handle_input, in case there's already
+      * input data in the queue. */
+     queue_idempotent_callback(&s->bpp.ic_in_raw);
+--- a/src/putty/sshbpp.h.orig	2021-06-29 09:59:07.000000000 +0100
++++ b/src/putty/sshbpp.h	2023-12-22 09:53:53.327065403 +0000
+@@ -138,12 +138,14 @@
+     BinaryPacketProtocol *bpp,
+     const ssh_cipheralg *cipher, const void *ckey, const void *iv,
+     const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
+-    const ssh_compression_alg *compression, bool delayed_compression);
++    const ssh_compression_alg *compression, bool delayed_compression,
++	bool reset_sequence_number);
+ void ssh2_bpp_new_incoming_crypto(
+     BinaryPacketProtocol *bpp,
+     const ssh_cipheralg *cipher, const void *ckey, const void *iv,
+     const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
+-    const ssh_compression_alg *compression, bool delayed_compression);
++    const ssh_compression_alg *compression, bool delayed_compression,
++	bool reset_sequence_number);
+ 
+ /*
+  * A query method specific to the interface between ssh2transport and
+--- a/src/putty/sshcommon.c.orig	2021-06-29 09:59:07.000000000 +0100
++++ b/src/putty/sshcommon.c	2023-12-22 11:20:35.839502891 +0000
+@@ -606,6 +606,13 @@
+  * lists of protocol identifiers in SSH-2.
+  */
+ 
++void add_to_commasep_pl(strbuf *buf, ptrlen data)
++{
++    if (buf->len > 0)
++        put_byte(buf, ',');
++    put_datapl(buf, data);
++}
++
+ void add_to_commasep(strbuf *buf, const char *data)
+ {
+     if (buf->len > 0)
diff -Nru filezilla-3.52.2/debian/patches/series filezilla-3.52.2/debian/patches/series
--- filezilla-3.52.2/debian/patches/series	2021-01-18 21:28:06.000000000 +0000
+++ filezilla-3.52.2/debian/patches/series	2023-12-26 21:06:56.000000000 +0000
@@ -1,2 +1,3 @@
 01_remove-xdg-check.patch
 # 11_use-decimal-si-by-default.patch
+CVE-2023-48795.patch

Attachment: signature.asc
Description: This is a digitally signed message part


--- End Message ---
--- Begin Message --- 
Version: 11.9

The upload requested in this bug has been released as part of 11.9.

--- End Message ---
Reply to: