[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1120325: marked as done (trixie-pu: package libssh/0.11.2-1+deb13u1)

Your message dated Sat, 15 Nov 2025 11:21:45 +0000
with message-id <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk>
and subject line Closing requests for updates included in 13.2
has caused the Debian Bug report #1120325,
regarding trixie-pu: package libssh/0.11.2-1+deb13u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1120325: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120325
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: libssh@packages.debian.org, mpitt@debian.org
Control: affects -1 + src:libssh
User: release.debian.org@packages.debian.org
Usertags: pu

Fixes two low severity issues, manual tests and autopkgtests via
debusine were fine. Debdiff below.

Cheers,
        Moritz

diff -Nru libssh-0.11.2/debian/changelog libssh-0.11.2/debian/changelog
--- libssh-0.11.2/debian/changelog	2025-06-28 07:42:47.000000000 +0200
+++ libssh-0.11.2/debian/changelog	2025-11-04 00:32:14.000000000 +0100
@@ -1,3 +1,10 @@
+libssh (0.11.2-1+deb13u1) trixie; urgency=medium
+
+  * CVE-2025-8277 (Closes: #1114859)
+  * CVE-2025-8114 (Closes: #1109860)
+
+ -- Moritz Mühlenhoff <jmm@debian.org>  Tue, 04 Nov 2025 00:32:14 +0100
+
 libssh (0.11.2-1) unstable; urgency=medium
 
   * New upstream security/bug fix release:
diff -Nru libssh-0.11.2/debian/patches/CVE-2025-8114.patch libssh-0.11.2/debian/patches/CVE-2025-8114.patch
--- libssh-0.11.2/debian/patches/CVE-2025-8114.patch	1970-01-01 01:00:00.000000000 +0100
+++ libssh-0.11.2/debian/patches/CVE-2025-8114.patch	2025-11-04 00:32:14.000000000 +0100
@@ -0,0 +1,32 @@
+From 65f363c9e3a22b90af7f74b5c439a133b1047379 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Wed, 6 Aug 2025 15:17:59 +0200
+Subject: CVE-2025-8114: Fix NULL pointer dereference after allocation failure
+
+--- libssh-0.11.2.orig/src/kex.c
++++ libssh-0.11.2/src/kex.c
+@@ -1487,6 +1487,8 @@ int ssh_make_sessionid(ssh_session sessi
+     ssh_log_hexdump("hash buffer", ssh_buffer_get(buf), ssh_buffer_get_len(buf));
+ #endif
+ 
++    /* Set rc for the following switch statement in case we goto error. */
++    rc = SSH_ERROR;
+     switch (session->next_crypto->kex_type) {
+     case SSH_KEX_DH_GROUP1_SHA1:
+     case SSH_KEX_DH_GROUP14_SHA1:
+@@ -1546,6 +1548,7 @@ int ssh_make_sessionid(ssh_session sessi
+                session->next_crypto->secret_hash);
+         break;
+     }
++
+     /* During the first kex, secret hash and session ID are equal. However, after
+      * a key re-exchange, a new secret hash is calculated. This hash will not replace
+      * but complement existing session id.
+@@ -1554,6 +1557,7 @@ int ssh_make_sessionid(ssh_session sessi
+         session->next_crypto->session_id = malloc(session->next_crypto->digest_len);
+         if (session->next_crypto->session_id == NULL) {
+             ssh_set_error_oom(session);
++            rc = SSH_ERROR;
+             goto error;
+         }
+         memcpy(session->next_crypto->session_id, session->next_crypto->secret_hash,
diff -Nru libssh-0.11.2/debian/patches/CVE-2025-8277.patch libssh-0.11.2/debian/patches/CVE-2025-8277.patch
--- libssh-0.11.2/debian/patches/CVE-2025-8277.patch	1970-01-01 01:00:00.000000000 +0100
+++ libssh-0.11.2/debian/patches/CVE-2025-8277.patch	2025-11-04 00:32:14.000000000 +0100
@@ -0,0 +1,153 @@
+Consists of these fixes upstream:
+
+From 87db2659ec608a977a63eea529f17b9168388d73 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Tue, 5 Aug 2025 18:42:31 +0200
+Subject: CVE-2025-8277: packet: Adjust packet filter to work when DH-GEX is
+ guessed wrongly
+
+From 266174a6d36687b65cf90174f06af90b8b27c65f Mon Sep 17 00:00:00 2001
+From: Francesco Rollo <eferollo@gmail.com>
+Date: Thu, 24 Jul 2025 16:30:07 +0300
+Subject: CVE-2025-8277: Fix memory leak of unused ephemeral key pair after
+ client's wrong KEX guess
+
+From 8e4d67aa9eda455bfad9ac610e54b7a548d0aa08 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Wed, 6 Aug 2025 11:10:38 +0200
+Subject: CVE-2025-8277: ecdh: Free previously allocated pubkeys
+
+From 1c763e29d138db87665e98983f468d2dd0f286c1 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Wed, 6 Aug 2025 15:32:56 +0200
+Subject: CVE-2025-8277: mbedtls: Avoid leaking ecdh keys
+
+--- libssh-0.11.2.orig/src/dh_crypto.c
++++ libssh-0.11.2/src/dh_crypto.c
+@@ -407,6 +407,11 @@ int ssh_dh_init_common(struct ssh_crypto
+     struct dh_ctx *ctx = NULL;
+     int rc;
+ 
++    /* Cleanup any previously allocated dh_ctx */
++    if (crypto->dh_ctx != NULL) {
++        ssh_dh_cleanup(crypto);
++    }
++
+     ctx = calloc(1, sizeof(*ctx));
+     if (ctx == NULL) {
+         return SSH_ERROR;
+--- libssh-0.11.2.orig/src/dh_key.c
++++ libssh-0.11.2/src/dh_key.c
+@@ -237,6 +237,11 @@ int ssh_dh_init_common(struct ssh_crypto
+     struct dh_ctx *ctx = NULL;
+     int rc;
+ 
++    /* Cleanup any previously allocated dh_ctx */
++    if (crypto->dh_ctx != NULL) {
++        ssh_dh_cleanup(crypto);
++    }
++
+     ctx = calloc(1, sizeof(*ctx));
+     if (ctx == NULL) {
+         return SSH_ERROR;
+--- libssh-0.11.2.orig/src/ecdh_crypto.c
++++ libssh-0.11.2/src/ecdh_crypto.c
+@@ -191,6 +191,17 @@ static ssh_string ssh_ecdh_generate(ssh_
+ #endif /* OPENSSL_VERSION_NUMBER */
+         return NULL;
+     }
++
++    /* Free any previously allocated privkey */
++    if (session->next_crypto->ecdh_privkey != NULL) {
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
++        EC_KEY_free(session->next_crypto->ecdh_privkey);
++#else
++        EVP_PKEY_free(session->next_crypto->ecdh_privkey);
++#endif
++        session->next_crypto->ecdh_privkey = NULL;
++    }
++
+     session->next_crypto->ecdh_privkey = key;
+     return pubkey_string;
+ }
+@@ -219,6 +230,7 @@ int ssh_client_ecdh_init(ssh_session ses
+         return SSH_ERROR;
+     }
+ 
++    ssh_string_free(session->next_crypto->ecdh_client_pubkey);
+     session->next_crypto->ecdh_client_pubkey = client_pubkey;
+ 
+     /* register the packet callbacks */
+--- libssh-0.11.2.orig/src/ecdh_gcrypt.c
++++ libssh-0.11.2/src/ecdh_gcrypt.c
+@@ -101,8 +101,15 @@ int ssh_client_ecdh_init(ssh_session ses
+         goto out;
+     }
+ 
++    /* Free any previously allocated privkey */
++    if (session->next_crypto->ecdh_privkey != NULL) {
++        gcry_sexp_release(session->next_crypto->ecdh_privkey);
++        session->next_crypto->ecdh_privkey = NULL;
++    }
+     session->next_crypto->ecdh_privkey = key;
+     key = NULL;
++
++    SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
+     session->next_crypto->ecdh_client_pubkey = client_pubkey;
+     client_pubkey = NULL;
+ 
+--- libssh-0.11.2.orig/src/ecdh_mbedcrypto.c
++++ libssh-0.11.2/src/ecdh_mbedcrypto.c
+@@ -70,6 +70,12 @@ int ssh_client_ecdh_init(ssh_session ses
+         return SSH_ERROR;
+     }
+ 
++    /* Free any previously allocated privkey */
++    if (session->next_crypto->ecdh_privkey != NULL) {
++        mbedtls_ecp_keypair_free(session->next_crypto->ecdh_privkey);
++        SAFE_FREE(session->next_crypto->ecdh_privkey);
++    }
++
+     session->next_crypto->ecdh_privkey = malloc(sizeof(mbedtls_ecp_keypair));
+     if (session->next_crypto->ecdh_privkey == NULL) {
+         return SSH_ERROR;
+@@ -110,6 +116,7 @@ int ssh_client_ecdh_init(ssh_session ses
+         goto out;
+     }
+ 
++    SSH_STRING_FREE(session->next_crypto->ecdh_client_pubkey);
+     session->next_crypto->ecdh_client_pubkey = client_pubkey;
+     client_pubkey = NULL;
+ 
+--- libssh-0.11.2.orig/src/packet.c
++++ libssh-0.11.2/src/packet.c
+@@ -294,6 +294,7 @@ static enum ssh_packet_filter_result_e s
+          *   or session_state == SSH_SESSION_STATE_INITIAL_KEX
+          * - dh_handshake_state == DH_STATE_INIT
+          *   or dh_handshake_state == DH_STATE_INIT_SENT (re-exchange)
++         *   or dh_handshake_state == DH_STATE_REQUEST_SENT (dh-gex)
+          *   or dh_handshake_state == DH_STATE_FINISHED (re-exchange)
+          *
+          * Transitions:
+@@ -313,6 +314,7 @@ static enum ssh_packet_filter_result_e s
+ 
+         if ((session->dh_handshake_state != DH_STATE_INIT) &&
+             (session->dh_handshake_state != DH_STATE_INIT_SENT) &&
++            (session->dh_handshake_state != DH_STATE_REQUEST_SENT) &&
+             (session->dh_handshake_state != DH_STATE_FINISHED))
+         {
+             rc = SSH_PACKET_DENIED;
+--- libssh-0.11.2.orig/src/wrapper.c
++++ libssh-0.11.2/src/wrapper.c
+@@ -181,7 +181,10 @@ void crypto_free(struct ssh_crypto_struc
+ #endif /* OPENSSL_VERSION_NUMBER */
+ #elif defined HAVE_GCRYPT_ECC
+         gcry_sexp_release(crypto->ecdh_privkey);
+-#endif
++#elif defined HAVE_LIBMBEDCRYPTO
++        mbedtls_ecp_keypair_free(crypto->ecdh_privkey);
++        SAFE_FREE(crypto->ecdh_privkey);
++#endif /* HAVE_LIBGCRYPT */
+         crypto->ecdh_privkey = NULL;
+     }
+ #endif
diff -Nru libssh-0.11.2/debian/patches/series libssh-0.11.2/debian/patches/series
--- libssh-0.11.2/debian/patches/series	2025-06-28 07:42:47.000000000 +0200
+++ libssh-0.11.2/debian/patches/series	2025-11-04 00:32:14.000000000 +0100
@@ -1,3 +1,5 @@
 1003-custom-lib-names.patch
 2003-disable-expand_tilde_unix-test.patch
 2004-install-static-lib.patch
+CVE-2025-8277.patch
+CVE-2025-8114.patch

--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 13.2

Hi,

The updates referenced in each of these bugs were included in today's
13.2 trixie point release.

Regards,

Adam

--- End Message ---
Reply to: