Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 675522 (CVE-2019-6111) - <net-misc/openssh-7.9_p1-r4: multiple vulnerabilities (CVE-2019-{6109,6110,6111})
Summary: <net-misc/openssh-7.9_p1-r4: multiple vulnerabilities (CVE-2019-{6109,6110,61...
Status: RESOLVED FIXED
Alias: CVE-2019-6111
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on: 661258
Blocks: 675520 CVE-2019-6109, CVE-2019-6110
  Show dependency tree
 
Reported: 2019-01-15 17:50 UTC by GLSAMaker/CVETool Bot
Modified: 2020-05-18 18:08 UTC (History)
5 users (show)

See Also:
Package list:
net-misc/openssh-7.9_p1-r4
Runtime testing required: ---
nattka: sanity-check-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-01-15 17:50:31 UTC 
CVE-2019-6111 (https://nvd.nist.gov/vuln/detail/CVE-2019-6111):
  scp client missing received object name validation

CVE-2019-6110 (https://nvd.nist.gov/vuln/detail/CVE-2019-6110):
  scp client spoofing via stderr

CVE-2019-6109 (https://nvd.nist.gov/vuln/detail/CVE-2019-6109):
  scp client spoofing via object name
Comment 1 Teika kazura 2019-02-17 11:48:46 UTC 
Upstream doesn't consider (some of?) these scp issues as a bug, according to the debian tracker of CVE-2019-6110:
  https://security-tracker.debian.org/tracker/CVE-2019-6110

However, CVE-2019-6109 and CVE-2019-6111 have been fixed:
  https://www.debian.org/security/2019/dsa-4387

Best regards.
Comment 2 Larry the Git Cow gentoo-dev 2019-03-03 02:46:51 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40935d5171a88ca21159ee9db7c2d780b4473a22

commit 40935d5171a88ca21159ee9db7c2d780b4473a22
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2019-03-03 02:46:29 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2019-03-03 02:46:41 +0000

    net-misc/openssh: add some patches, including CVE-2019-6111
    
    Bug: https://bugs.gentoo.org/show_bug.cgi?id=675522
    Package-Manager: Portage-2.3.62, Repoman-2.3.12
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-misc/openssh/Manifest                 |   2 +
 net-misc/openssh/openssh-7.9_p1-r3.ebuild | 468 ++++++++++++++++++++++++++++++
 2 files changed, 470 insertions(+)
Comment 3 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-03-06 14:47:19 UTC 
amd64 stable
Comment 4 Mart Raudsepp gentoo-dev 2019-03-06 19:45:44 UTC 
arm64 stable
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2019-03-07 15:05:19 UTC 
Please proceed with =net-misc/openssh-7.9_p1-r4
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2019-03-07 21:51:14 UTC 
x86 stable
Comment 7 Rolf Eike Beer archtester 2019-03-08 20:39:19 UTC 
hppa and sparc done
Comment 8 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-03-10 14:34:48 UTC 
arm stable
Comment 9 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-03-10 15:36:34 UTC 
alpha stable
Comment 10 Matt Turner gentoo-dev 2019-03-10 21:24:26 UTC 
ppc/ppc64 stable
Comment 11 Yury German Gentoo Infrastructure gentoo-dev 2019-03-10 21:53:41 UTC 
With all the supported arches done, we are going to issue the GLSA. Remaining arches please complete stabilization, and clean-up
Comment 12 Sergei Trofimovich (RETIRED) gentoo-dev 2019-03-14 19:38:20 UTC 
ia64 stable
Comment 13 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-03-15 23:20:11 UTC 
s390 stable
Comment 14 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-03-15 23:20:30 UTC 
sh stable
Comment 15 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-03-15 23:20:54 UTC 
m68k stable
Comment 16 GLSAMaker/CVETool Bot gentoo-dev 2019-03-20 13:37:11 UTC 
This issue was resolved and addressed in
 GLSA 201903-16 at https://security.gentoo.org/glsa/201903-16
by GLSA coordinator Aaron Bauman (b-man).
Comment 17 Aaron Bauman (RETIRED) gentoo-dev 2019-03-20 13:39:03 UTC 
re-opened to track cleanup and fixing of twist
Comment 18 Jeroen Roovers (RETIRED) gentoo-dev 2019-04-18 09:26:54 UTC 
Version 8.0 was released today.
Comment 19 Aaron Bauman (RETIRED) gentoo-dev 2019-08-09 21:18:57 UTC 
@base-system, can this be cleaned yet?
Comment 20 NATTkA bot gentoo-dev 2020-04-06 15:16:43 UTC 
Unable to check for sanity:

> no match for package: net-misc/openssh-7.9_p1-r4
Comment 21 Larry the Git Cow gentoo-dev 2020-04-21 11:30:00 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=564f650e05897641af79a977599733c16dab7883

commit 564f650e05897641af79a977599733c16dab7883
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-21 11:29:28 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-21 11:29:49 +0000

    net-misc/openssh: security cleanup
    
    Bug: https://bugs.gentoo.org/675522
    Bug: https://bugs.gentoo.org/697046
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-misc/openssh/Manifest                          |  19 -
 .../files/openssh-7.3-mips-seccomp-n32.patch       |  21 -
 .../files/openssh-7.5_p1-CVE-2017-15906.patch      |  31 --
 .../openssh/files/openssh-7.5_p1-GSSAPI-dns.patch  | 351 ----------------
 .../openssh/files/openssh-7.5_p1-cross-cache.patch |  39 --
 .../files/openssh-7.5_p1-hpn-x509-10.2-glue.patch  |  67 ---
 .../files/openssh-7.5_p1-s390-seccomp.patch        |  27 --
 .../openssh/files/openssh-7.5_p1-x32-typo.patch    |  25 --
 .../openssh/files/openssh-7.7_p1-GSSAPI-dns.patch  | 351 ----------------
 .../openssh/files/openssh-7.8_p1-GSSAPI-dns.patch  | 359 ----------------
 .../files/openssh-7.9_p1-CVE-2018-20685.patch      |  16 -
 .../files/openssh-7.9_p1-X509-11.6-tests.patch     |  12 -
 ...openssh-7.9_p1-X509-dont-make-piddir-11.6.patch |  16 -
 .../files/openssh-7.9_p1-X509-glue-11.6.patch      |  28 --
 .../files/openssh-7.9_p1-hpn-X509-glue.patch       |  79 ----
 .../openssh/files/openssh-7.9_p1-hpn-glue.patch    | 112 -----
 .../files/openssh-7.9_p1-hpn-openssl-1.1.patch     |  91 ----
 .../files/openssh-7.9_p1-hpn-sctp-glue.patch       |  17 -
 .../openssh-7.9_p1-openssl-1.0.2-compat.patch      |  13 -
 .../openssh/files/openssh-8.0_p1-GSSAPI-dns.patch  | 359 ----------------
 .../files/openssh-8.0_p1-X509-12.1-tests.patch     |  11 -
 ...integer-overflow-similar-to-the-XMSS-case.patch |  76 ----
 ...eger-overflow-in-XMSS-private-key-parsing.patch |  14 -
 .../files/openssh-8.0_p1-hpn-X509-glue.patch       | 114 -----
 .../openssh/files/openssh-8.0_p1-hpn-glue.patch    | 194 ---------
 net-misc/openssh/files/openssh-8.0_p1-tests.patch  |  43 --
 net-misc/openssh/metadata.xml                      |   2 -
 net-misc/openssh/openssh-7.5_p1-r5.ebuild          | 335 ---------------
 net-misc/openssh/openssh-7.7_p1-r10.ebuild         | 445 --------------------
 net-misc/openssh/openssh-7.9_p1-r5.ebuild          | 468 ---------------------
 net-misc/openssh/openssh-8.0_p1-r5.ebuild          | 465 --------------------
 31 files changed, 4200 deletions(-)
Comment 22 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-18 18:08:44 UTC 
All done.