From a75cee30877e48e44e72a2f2f7d319f3eac575c9 Mon Sep 17 00:00:00 2001 From: Sona Sarmadi Date: Thu, 3 Mar 2016 10:58:34 +0100 Subject: libssh: CVE-2016-0739 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bits/bytes confusion resulting in truncated Difffie-Hellman secret length Reference: https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/ Reference to upstream patch: https://git.libssh.org/projects/libssh.git/patch/?id=f8d0026c65fc8a55748ae481758e2cf376c26c86 Signed-off-by: Sona Sarmadi Signed-off-by: Nora Björklund --- .../libssh/files/CVE-2016-0739.patch | 73 ++++++++++++++++++++++ meta-oe/recipes-support/libssh/libssh_0.6.3.bb | 6 +- 2 files changed, 78 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch (limited to 'meta-oe/recipes-support/libssh') diff --git a/meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch b/meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch new file mode 100644 index 000000000..ebe012c33 --- /dev/null +++ b/meta-oe/recipes-support/libssh/files/CVE-2016-0739.patch @@ -0,0 +1,73 @@ +From f8d0026c65fc8a55748ae481758e2cf376c26c86 Mon Sep 17 00:00:00 2001 +From: Aris Adamantiadis +Date: Tue, 9 Feb 2016 15:09:27 +0100 +Subject: [PATCH] dh: Fix CVE-2016-0739 + +Due to a byte/bit confusion, the DH secret was too short. This file was +completely reworked and will be commited in a future version. + +Upstream-Status: Backport + +Signed-off-by: Aris Adamantiadis +Reviewed-by: Andreas Schneider +Signed-off-by: Sona Sarmadi +--- + src/dh.c | 22 +++++++++++++++++----- + 1 file changed, 17 insertions(+), 5 deletions(-) + +diff --git a/src/dh.c b/src/dh.c +index e489a1d..d27b66e 100644 +--- a/src/dh.c ++++ b/src/dh.c +@@ -227,15 +227,21 @@ void ssh_crypto_finalize(void) { + } + + int dh_generate_x(ssh_session session) { ++ int keysize; ++ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { ++ keysize = 1023; ++ } else { ++ keysize = 2047; ++ } + session->next_crypto->x = bignum_new(); + if (session->next_crypto->x == NULL) { + return -1; + } + + #ifdef HAVE_LIBGCRYPT +- bignum_rand(session->next_crypto->x, 128); ++ bignum_rand(session->next_crypto->x, keysize); + #elif defined HAVE_LIBCRYPTO +- bignum_rand(session->next_crypto->x, 128, 0, -1); ++ bignum_rand(session->next_crypto->x, keysize, -1, 0); + #endif + + /* not harder than this */ +@@ -248,15 +254,21 @@ int dh_generate_x(ssh_session session) { + + /* used by server */ + int dh_generate_y(ssh_session session) { +- session->next_crypto->y = bignum_new(); ++ int keysize; ++ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { ++ keysize = 1023; ++ } else { ++ keysize = 2047; ++ } ++ session->next_crypto->y = bignum_new(); + if (session->next_crypto->y == NULL) { + return -1; + } + + #ifdef HAVE_LIBGCRYPT +- bignum_rand(session->next_crypto->y, 128); ++ bignum_rand(session->next_crypto->y, keysize); + #elif defined HAVE_LIBCRYPTO +- bignum_rand(session->next_crypto->y, 128, 0, -1); ++ bignum_rand(session->next_crypto->y, keysize, -1, 0); + #endif + + /* not harder than this */ +-- +1.9.1 + diff --git a/meta-oe/recipes-support/libssh/libssh_0.6.3.bb b/meta-oe/recipes-support/libssh/libssh_0.6.3.bb index 771a47a6c..c110a0103 100644 --- a/meta-oe/recipes-support/libssh/libssh_0.6.3.bb +++ b/meta-oe/recipes-support/libssh/libssh_0.6.3.bb @@ -1,4 +1,5 @@ SUMMARY = "Multiplatform C library implementing the SSHv2 and SSHv1 protocol" +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" HOMEPAGE = "http://www.libssh.org" SECTION = "libs" @@ -7,7 +8,10 @@ DEPENDS = "zlib openssl libgcrypt" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=388a4fb1dea8ceae0be78ba9b01fc139" -SRC_URI = "git://git.libssh.org/projects/libssh.git;branch=v0-6" +SRC_URI = "git://git.libssh.org/projects/libssh.git;branch=v0-6 \ + file://CVE-2016-0739.patch \ + " + SRCREV = "87145387aa12b720b52d6bc75b4dd6cd058c868a" S = "${WORKDIR}/git" -- cgit v1.2.3-54-g00ecf