[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#211205: marked as done (New Security bug fixed in 3.7?!)



Your message dated Tue, 16 Sep 2003 14:47:25 -0400
with message-id <E19zKrF-0003jP-00@auric.debian.org>
and subject line Bug#211205: fixed in openssh 1:3.6.1p2-7
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 16 Sep 2003 13:51:13 +0000
>From ch@debian.org Tue Sep 16 08:51:08 2003
Return-path: <ch@debian.org>
Received: from office-gw.westend.com (xeniac.intern) [212.117.64.2] 
	by master.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 19zGET-0005Cu-00; Tue, 16 Sep 2003 08:51:06 -0500
Received: by xeniac.intern (Postfix, from userid 1000)
	id 70EBB47C060; Tue, 16 Sep 2003 15:51:04 +0200 (CEST)
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="ISO-8859-1"
From: Christian Hammers <ch@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: New Security bug fixed in 3.7?!
X-Mailer: reportbug 2.28
Date: Tue, 16 Sep 2003 15:51:03 +0200
Message-Id: <[🔎] 20030916135104.70EBB47C060@xeniac.intern>
X-BadReturnPath: ch@xeniac.intern rewritten as ch@debian.org
  using "From" header
Delivered-To: submit@bugs.debian.org
X-Spam-Status: No, hits=-4.9 required=4.0
	tests=HAS_PACKAGE,RCVD_IN_ORBS,UNDESIRED_LANGUAGE_BODY
	version=2.53-bugs.debian.org_2003_9_16
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_9_16 (1.174.2.15-2003-03-30-exp)

Package: ssh
Version: 1:3.6.1p2-6
Severity: critical
Tags: security

Hi

Just in case that this is no fake. I got no official OpenSSH announcement
yet but the 3.7 release it's at least on the master ftp server.
So be prepared... :-)

bye,

-christian-

The following is from a well known german news service:

   OpenSSH 3.7 schließt Sicherheitsloch
   [16.09.2003 15:21 ]

   -
   Ein heute Morgen veröffentlichter Patch schließt eine Schwachstelle in
   OpenSSH bis einschließlich Version 3.6.1. Bei der Schwachstelle
   handelt es sich um einen Fehler in der Funktion buffer_append_space()
   im Modul buffer.c, mit dem ein Angreifer möglicherweise eigenen Code
   einschleusen kann.

   Bei OpenSSH[1] bestätigt man die Schwachstelle und hat ein Advisory
   mit einem Patch sowie die neue Version OpenSSH 3.7[2] veröffentlicht,
   die das Problem -- eine Memory Corruption im Heap -- behebt. Bislang
   ist nach Aussage von OpenSSH aber unklar, ob das Sicherheitsproblem
   mittels eines Exploits überhaupt ausnutzbar ist. Im Laufe des heutigen
   Morgens haben verschiedene Internet-Provider und Rechzentren ein
   deutlich erhöhtes Traffic-Aufkommen auf Port 22 registriert -- es
   könnte sich dabei um einen Scanner handeln, der nach anfälligen
   OpenSSH-Versionen sucht.

   Anwender und Administratoren sollten schnellstmöglich auf die aktuelle
   OpenSSH-Version 3.7 updaten oder die bereitgestellten Patches
   einspielen. Als Workaround bis zur Update-Möglichkeit empfiehlt sich,
   den SSH-Port so zu filtern, dass nur bekannte IP-Adressen darauf
   zugreifen können. (pab[3]/c't)
     _________________________________________________________________

   URL dieses Artikels:
     http://www.heise.de/newsticker/data/pab-16.09.03-000/

   Links in diesem Artikel:
     [1] http://www.openssh.org
     [2] ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.7p1
   .tar.gz
     [3] mailto:pab@ct.heise.de
     _________________________________________________________________

   Copyright 2003 by Heise Zeitschriften Verlag



-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux xeniac 2.4.22 #1 Fr Sep 5 09:58:57 CEST 2003 i686
Locale: LANG=de_DE, LC_CTYPE=de_DE (ignored: LC_ALL set to de_DE)

Versions of packages ssh depends on:
ii  adduser                     3.51         Add and remove users and groups
ii  debconf                     1.3.13       Debian configuration management sy
ii  libc6                       2.3.2-6      GNU C Library: Shared libraries an
ii  libpam-modules              0.76-14      Pluggable Authentication Modules f
ii  libpam0g                    0.76-14      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7b-2     SSL shared libraries
ii  libwrap0                    7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.1.4-14   compression library - runtime

-- debconf information excluded


---------------------------------------
Received: (at 211205-close) by bugs.debian.org; 16 Sep 2003 18:53:32 +0000
>From katie@auric.debian.org Tue Sep 16 13:53:23 2003
Return-path: <katie@auric.debian.org>
Received: from auric.debian.org [206.246.226.45] 
	by master.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 19zKwu-00050p-00; Tue, 16 Sep 2003 13:53:16 -0500
Received: from katie by auric.debian.org with local (Exim 3.35 1 (Debian))
	id 19zKrF-0003jP-00; Tue, 16 Sep 2003 14:47:25 -0400
From: Colin Watson <cjwatson@debian.org>
To: 211205-close@bugs.debian.org
X-Katie: $Revision: 1.35 $
Subject: Bug#211205: fixed in openssh 1:3.6.1p2-7
Message-Id: <E19zKrF-0003jP-00@auric.debian.org>
Sender: Archive Administrator <katie@auric.debian.org>
Date: Tue, 16 Sep 2003 14:47:25 -0400
Delivered-To: 211205-close@bugs.debian.org

Source: openssh
Source-Version: 1:3.6.1p2-7

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:

openssh_3.6.1p2-7.diff.gz
  to pool/main/o/openssh/openssh_3.6.1p2-7.diff.gz
openssh_3.6.1p2-7.dsc
  to pool/main/o/openssh/openssh_3.6.1p2-7.dsc
ssh-askpass-gnome_3.6.1p2-7_i386.deb
  to pool/main/o/openssh/ssh-askpass-gnome_3.6.1p2-7_i386.deb
ssh_3.6.1p2-7_i386.deb
  to pool/main/o/openssh/ssh_3.6.1p2-7_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 211205@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 16 Sep 2003 14:32:28 +0100
Source: openssh
Binary: ssh-askpass-gnome ssh
Architecture: source i386
Version: 1:3.6.1p2-7
Distribution: unstable
Urgency: high
Maintainer: Matthew Vernon <matthew@debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description: 
 ssh        - Secure rlogin/rsh/rcp replacement (OpenSSH)
 ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 141703 208801 210380 211205
Changes: 
 openssh (1:3.6.1p2-7) unstable; urgency=high
 .
   * Update debconf template translations:
     - French (thanks, Christian Perrier; closes: #208801).
     - Japanese (thanks, Kenshi Muto; closes: #210380).
   * Some small improvements to the English templates courtesy of Christian
     Perrier. I've manually unfuzzied a few translations where it was
     obvious, on Christian's advice, but the others will have to be updated.
   * Document how to generate an RSA1 host key (closes: #141703).
   * Incorporate NMU fix for early buffer expansion vulnerability,
     CAN-2003-0693 (closes: #211205). Thanks to Michael Stone.
 .
 openssh (1:3.6.1p2-6.0) unstable; urgency=high
 .
   * SECURITY: fix for CAN-2003-0693, buffer allocation error
Files: 
 17322a60098f50af98ffb7cea49594c7 847 net standard openssh_3.6.1p2-7.dsc
 75457bebb3297b5709d60a102af66cdc 80371 net standard openssh_3.6.1p2-7.diff.gz
 d22568a62331c8ed9ac31f22ca344320 650286 net standard ssh_3.6.1p2-7_i386.deb
 b3405ac4a4e75643b47b60cc92256f79 43026 gnome optional ssh-askpass-gnome_3.6.1p2-7_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer

iD8DBQE/Z1bl9t0zAhD6TNERAnpnAJ9oj55MvBbb79aAk9BBlRTbl1oG8ACfURRj
ITiihsZRgOLjuBi6u18xYXI=
=8qOA
-----END PGP SIGNATURE-----




Reply to: