Summary: | <net-misc/openssh-7.1_p2: Multiple vulnerabilities related to roaming (CVE-2016-{0777,0778}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexander, barzog, base-system, bertrand, bircoph, cyberbat83, guillaume, hendrik, joe, mpagano, robbat2 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034680.html | ||
Whiteboard: | A3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 555518, 557340 |
Description
Alex Legler (RETIRED)
![]() ![]() ![]() Working on it... commit ad9f88e38be8085905214a94bc48913b095bd85a Author: Lars Wendler <polynomial-c@gentoo.org> Date: Thu Jan 14 16:30:58 2016 net-misc/openssh: Security bump for CVE-2016-0777 (bug #571892). Package-Manager: portage-2.2.26 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> This revision bump only fixes CVE-2016-0777 and not the other two security fixes which went into openssh-7.1p2 The 7.1p2 release requires work on the hpn patches so I decided to release a fixed version for this CVE first. Arches please test and mark stable =net-misc/openssh-7.1_p1-r3 with target KEYWORDS: alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux > The 7.1p2 release requires work on the hpn patches so I decided to release a
> fixed version for this CVE first.
This has happened before. I think it is not a good situation when the hpn patches delay the deployment of openssh security fixes. (I also wonder why hpn is enabled by default - very likely these patches got much less security review than stock openssh and also enable potentially dangerous features.)
(In reply to Lars Wendler (Polynomial-C) from comment #2) i'll take care of the hpn bump *** Bug 571930 has been marked as a duplicate of this bug. *** Please note the release notes mention two additional security issues not related to roaming: * SECURITY: Eliminate the fallback from untrusted X11-forwarding to trusted forwarding for cases when the X server disables the SECURITY extension. Reported by Thomas Hoger. * SECURITY: Fix an out of-bound read access in the packet handling code. Reported by Ben Hawkes. They're probably not very severe, but should be kept in mind. https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034680.html amd64 stable 7.1p2 is now in the tree with various updates Thank you vapier. Unfortunately I didn't have enough time to finish this yesterday By the way, sorry I didn't test USE="-hpn X509" properly. Arches please test and mark stable =net-misc/openssh-7.1_p2 with target KEYWORDS: alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux stable for alpha/amd64/arm/ia64/ppc/ppc64/s390/sh/sparc/x86 (In reply to Agostino Sarubbo from comment #10) > stable for alpha/amd64/arm/ia64/ppc/ppc64/s390/sh/sparc/x86 Testing 10 different platforms in under an hour. That's really impressive. i've done the few remaining ones now (In reply to Jeroen Roovers from comment #11) > Testing 10 different platforms in under an hour. That's really impressive. Automated tests? maintainer please cleanup This issue was resolved and addressed in GLSA 201601-01 at https://security.gentoo.org/glsa/201601-01 by GLSA coordinator Yury German (BlueKnight). Cleanup needs to be completed. commit 0a6f7c3566cca467497f37ff9ea82c4767f14a2b Author: Lars Wendler <polynomial-c@gentoo.org> Date: Sat Jun 11 14:29:14 2016 net-misc/openssh: Security cleanup (bug #571892). Kept latest ebuild with hpn USE flag as it's ~arch anyway and gets superseded by the latest "secure" version anyway. Package-Manager: portage-2.2.28 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> Lars, thanks for quick cleanup! |