Bug#917900: stretch-pu: package libssh/0.7.3-2+deb9u2
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
The update for libssh in DSA-4322-1 introduced a regression which
breaks server-side keyboard-interactive authentication. The issue was
reported by Martin Pitt in #913870.
As this is more a special case we want to avoid to issue another DSA
(regression update) for this specific issue, but as it was introduced
in a security update we should have a fix for it in an upcoming point
release.
For that I have cherry-picked the two needed patches and i have tested
the resulting packages with the reproducer case as provided by Martin
in the upstream issue https://bugs.libssh.org/T117 .
Following the new allowed procedure, and as the changes were minimal
enough I have already uploaded the package, and attached is the
corresponding debdiff for further review.
Could you accept the changes for an upcoming point release?
Regards,
Salvatore
diff -Nru libssh-0.7.3/debian/changelog libssh-0.7.3/debian/changelog
--- libssh-0.7.3/debian/changelog 2018-10-16 21:18:05.000000000 +0200
+++ libssh-0.7.3/debian/changelog 2018-12-31 14:47:15.000000000 +0100
@@ -1,3 +1,11 @@
+libssh (0.7.3-2+deb9u2) stretch; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix broken server-side keyboard-interactive authentication.
+ Thanks to Martin Pitt (Closes: #913870)
+
+ -- Salvatore Bonaccorso <carnil@debian.org> Mon, 31 Dec 2018 14:47:15 +0100
+
libssh (0.7.3-2+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch
--- libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch 1970-01-01 01:00:00.000000000 +0100
+++ libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch 2018-12-31 14:47:15.000000000 +0100
@@ -0,0 +1,30 @@
+From: Meng Tan <mtan@wallix.com>
+Date: Wed, 17 Oct 2018 14:50:08 +0200
+Subject: server: Set correct state after sending INFO_REQUEST (Kbd
+ Interactive)
+Origin: https://git.libssh.org/projects/libssh.git/commit/?id=734e3ce6747a5ed120b93a1ff253b3fde5f20024
+Bug: https://bugs.libssh.org/T117
+Bug-Debian: https://bugs.debian.org/913870
+
+Signed-off-by: Meng Tan <mtan@wallix.com>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit 4ea46eecce9f4e676150fe27fec34e1570b70ace)
+---
+ src/server.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/server.c b/src/server.c
+index a078e7afc7f1..b1f01a86842c 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -976,6 +976,7 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
+ msg->session->kbdint->prompts = NULL;
+ msg->session->kbdint->echo = NULL;
+ }
++ msg->session->auth.state = SSH_AUTH_STATE_INFO;
+
+ return rc;
+ }
+--
+2.11.0
+
diff -Nru libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch
--- libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch 1970-01-01 01:00:00.000000000 +0100
+++ libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch 2018-12-31 14:47:15.000000000 +0100
@@ -0,0 +1,26 @@
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Wed, 24 Oct 2018 19:57:17 +0200
+Subject: server: Fix compile error
+Origin: https://git.libssh.org/projects/libssh.git/commit/?id=7ad80ba1cc48f7af1f192692d100a6255d97b843
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+---
+ src/server.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/server.c b/src/server.c
+index b1f01a86842c..400b04a7e61b 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -976,7 +976,7 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
+ msg->session->kbdint->prompts = NULL;
+ msg->session->kbdint->echo = NULL;
+ }
+- msg->session->auth.state = SSH_AUTH_STATE_INFO;
++ msg->session->auth_state = SSH_AUTH_STATE_INFO;
+
+ return rc;
+ }
+--
+2.11.0
+
diff -Nru libssh-0.7.3/debian/patches/series libssh-0.7.3/debian/patches/series
--- libssh-0.7.3/debian/patches/series 2018-10-16 21:18:05.000000000 +0200
+++ libssh-0.7.3/debian/patches/series 2018-12-31 14:47:15.000000000 +0100
@@ -6,6 +6,8 @@
0006-CVE-2018-10933-Check-channel-state-when-OPEN_FAILURE.patch
0007-CVE-2018-10933-Introduced-packet-filtering.patch
0008-CVE-2018-10933-Add-tests-for-packet-filtering.patch
+0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch
+0010-server-Fix-compile-error.patch
1001_error-msg-typo-fix.patch
1003-custom-lib-names.patch
2003-disable-expand_tilde_unix-test.patch
Reply to: