CVE-2018-15473 (https://nvd.nist.gov/vuln/detail/CVE-2018-15473): OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Fixed since https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f1972d34210086aa07183ca4b412b7d1888c3971
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bd4e2c022dec6fedeabe2613d8968b3931766432 commit bd4e2c022dec6fedeabe2613d8968b3931766432 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-08-22 14:59:53 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-08-22 15:00:09 +0000 net-misc/openssh: partial security cleanup Bug: https://bugs.gentoo.org/664264 Package-Manager: Portage-2.3.48, Repoman-2.3.10 net-misc/openssh/Manifest | 6 - net-misc/openssh/openssh-7.6_p1-r5.ebuild | 342 ---------------------- net-misc/openssh/openssh-7.7_p1-r6.ebuild | 460 ------------------------------ net-misc/openssh/openssh-7.7_p1-r7.ebuild | 444 ---------------------------- net-misc/openssh/openssh-7.7_p1-r8.ebuild | 444 ---------------------------- 5 files changed, 1696 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=419a4fbd29c45b46b5caffa4d8c775693f596a27 commit 419a4fbd29c45b46b5caffa4d8c775693f596a27 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-08-22 14:57:16 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-08-22 15:00:07 +0000 net-misc/openssh: move stable keywords Bug: https://bugs.gentoo.org/664264 Package-Manager: Portage-2.3.48, Repoman-2.3.10 net-misc/openssh/openssh-7.7_p1-r9.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
arm64 stable
Security please vote on weather this is a GLSA. Thank you. Michael Boyle Gentoo Security Padawan
GLSA Vote: Yes! New GLSA request filed.
This issue was resolved and addressed in GLSA 201810-03 at https://security.gentoo.org/glsa/201810-03 by GLSA coordinator Aaron Bauman (b-man).
re-opened for cleanup
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5091fd8f2b5a7cb0d3e970df404446d3aef8f3c7 commit 5091fd8f2b5a7cb0d3e970df404446d3aef8f3c7 Author: Mikle Kolyada <zlogene@gentoo.org> AuthorDate: 2018-10-06 17:41:43 +0000 Commit: Mikle Kolyada <zlogene@gentoo.org> CommitDate: 2018-10-06 17:42:24 +0000 net-misc/openssh: Security cleanup Closes: https://bugs.gentoo.org/664264 Signed-off-by: Mikle Kolyada <zlogene@gentoo.org> Package-Manager: Portage-2.3.49, Repoman-2.3.11 net-misc/openssh/Manifest | 5 - net-misc/openssh/metadata.xml | 2 - net-misc/openssh/openssh-7.5_p1-r4.ebuild | 334 ------------------------------ 3 files changed, 341 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fbabae323c3a5684c7886cd4a56cb153ef2b2c17 commit fbabae323c3a5684c7886cd4a56cb153ef2b2c17 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-10-06 22:31:32 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-10-06 22:31:32 +0000 Revert "net-misc/openssh: Security cleanup" This reverts commit 5091fd8f2b5a7cb0d3e970df404446d3aef8f3c7. <net-misc/openssh-7.6 is still needed for dev-python/twisted. Bug: https://bugs.gentoo.org/661258 Bug: https://bugs.gentoo.org/664264 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> net-misc/openssh/Manifest | 5 + net-misc/openssh/metadata.xml | 2 + net-misc/openssh/openssh-7.5_p1-r4.ebuild | 334 ++++++++++++++++++++++++++++++ 3 files changed, 341 insertions(+)
Cleanup was reverted.
(In reply to Thomas Deutschmann from comment #10) > Cleanup was reverted. tests should be just restricted then, not vuln reverted
cleanup will be tracked in bug 675522
