[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#917900: marked as done (stretch-pu: package libssh/0.7.3-2+deb9u2)

Your message dated Sat, 16 Feb 2019 11:36:33 +0000
with message-id <1550316993.21192.50.camel@adam-barratt.org.uk>
and subject line Closing bugs for updates included in 9.8
has caused the Debian Bug report #917900,
regarding stretch-pu: package libssh/0.7.3-2+deb9u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
917900: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917900
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu

Hi,

The update for libssh in DSA-4322-1 introduced a regression which
breaks server-side keyboard-interactive authentication. The issue was
reported by Martin Pitt in #913870.

As this is more a special case we want to avoid to issue another DSA
(regression update) for this specific issue, but as it was introduced
in a security update we should have a fix for it in an upcoming point
release.

For that I have cherry-picked the two needed patches and i have tested
the resulting packages with the reproducer case as provided by Martin
in the upstream issue https://bugs.libssh.org/T117 .

Following the new allowed procedure, and as the changes were minimal
enough I have already uploaded the package, and attached is the
corresponding debdiff for further review.

Could you accept the changes for an upcoming point release?

Regards,
Salvatore

diff -Nru libssh-0.7.3/debian/changelog libssh-0.7.3/debian/changelog
--- libssh-0.7.3/debian/changelog	2018-10-16 21:18:05.000000000 +0200
+++ libssh-0.7.3/debian/changelog	2018-12-31 14:47:15.000000000 +0100
@@ -1,3 +1,11 @@
+libssh (0.7.3-2+deb9u2) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix broken server-side keyboard-interactive authentication.
+    Thanks to Martin Pitt (Closes: #913870)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 31 Dec 2018 14:47:15 +0100
+
 libssh (0.7.3-2+deb9u1) stretch-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch
--- libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch	1970-01-01 01:00:00.000000000 +0100
+++ libssh-0.7.3/debian/patches/0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch	2018-12-31 14:47:15.000000000 +0100
@@ -0,0 +1,30 @@
+From: Meng Tan <mtan@wallix.com>
+Date: Wed, 17 Oct 2018 14:50:08 +0200
+Subject: server: Set correct state after sending INFO_REQUEST (Kbd
+ Interactive)
+Origin: https://git.libssh.org/projects/libssh.git/commit/?id=734e3ce6747a5ed120b93a1ff253b3fde5f20024
+Bug: https://bugs.libssh.org/T117
+Bug-Debian: https://bugs.debian.org/913870
+
+Signed-off-by: Meng Tan <mtan@wallix.com>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+(cherry picked from commit 4ea46eecce9f4e676150fe27fec34e1570b70ace)
+---
+ src/server.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/server.c b/src/server.c
+index a078e7afc7f1..b1f01a86842c 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -976,6 +976,7 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
+     msg->session->kbdint->prompts = NULL;
+     msg->session->kbdint->echo = NULL;
+   }
++  msg->session->auth.state = SSH_AUTH_STATE_INFO;
+ 
+   return rc;
+ }
+-- 
+2.11.0
+
diff -Nru libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch
--- libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch	1970-01-01 01:00:00.000000000 +0100
+++ libssh-0.7.3/debian/patches/0010-server-Fix-compile-error.patch	2018-12-31 14:47:15.000000000 +0100
@@ -0,0 +1,26 @@
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Wed, 24 Oct 2018 19:57:17 +0200
+Subject: server: Fix compile error
+Origin: https://git.libssh.org/projects/libssh.git/commit/?id=7ad80ba1cc48f7af1f192692d100a6255d97b843
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+---
+ src/server.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/server.c b/src/server.c
+index b1f01a86842c..400b04a7e61b 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -976,7 +976,7 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
+     msg->session->kbdint->prompts = NULL;
+     msg->session->kbdint->echo = NULL;
+   }
+-  msg->session->auth.state = SSH_AUTH_STATE_INFO;
++  msg->session->auth_state = SSH_AUTH_STATE_INFO;
+ 
+   return rc;
+ }
+-- 
+2.11.0
+
diff -Nru libssh-0.7.3/debian/patches/series libssh-0.7.3/debian/patches/series
--- libssh-0.7.3/debian/patches/series	2018-10-16 21:18:05.000000000 +0200
+++ libssh-0.7.3/debian/patches/series	2018-12-31 14:47:15.000000000 +0100
@@ -6,6 +6,8 @@
 0006-CVE-2018-10933-Check-channel-state-when-OPEN_FAILURE.patch
 0007-CVE-2018-10933-Introduced-packet-filtering.patch
 0008-CVE-2018-10933-Add-tests-for-packet-filtering.patch
+0009-server-Set-correct-state-after-sending-INFO_REQUEST-.patch
+0010-server-Fix-compile-error.patch
 1001_error-msg-typo-fix.patch
 1003-custom-lib-names.patch
 2003-disable-expand_tilde_unix-test.patch

--- End Message ---
--- Begin Message --- 
Version: 9.8

Hi,

The update referenced by each of these bugs was included in this
morning's stretch point release.

Regards,

Adam

--- End Message ---
Reply to: