Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 633428 (CVE-2017-15906)

Summary: <net-misc/openssh-{7.5_p1-r3,7.6_p1}: sftp-server was incorrectly permitting creation of zero-length files
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: base-system
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.openwall.com/lists/oss-security/2017/10/03/14
See Also: https://github.com/gentoo/gentoo/pull/6206
Whiteboard: A3 [glsa cve]
Package list:
=net-misc/openssh-7.5_p1-r3
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2017-10-04 06:34:00 UTC
From ${URL} :

Security
--------

 * sftp-server(8): in read-only mode, sftp-server was incorrectly
   permitting creation of zero-length files. Reported by Michal
   Zalewski.



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Larry the Git Cow gentoo-dev 2017-11-14 22:15:23 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=713e5d3b63b36aa4cc6e47fb47214142dbc8d23c

commit 713e5d3b63b36aa4cc6e47fb47214142dbc8d23c
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2017-11-14 22:14:56 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2017-11-14 22:15:11 +0000

    net-misc/openssh: Rev bump to fix CVE-2017-15906
    
    Bug: https://bugs.gentoo.org/633428
    Package-Manager: Portage-2.3.13, Repoman-2.3.4

 .../files/openssh-7.5_p1-CVE-2017-15906.patch      |  31 ++
 net-misc/openssh/openssh-7.5_p1-r3.ebuild          | 332 +++++++++++++++++++++
 2 files changed, 363 insertions(+)}
Comment 2 Thomas Deutschmann gentoo-dev Security 2017-11-14 22:22:50 UTC
@ Arches,

please test and mark stable: =net-misc/openssh-7.5_p1-r3
Comment 3 Agostino Sarubbo gentoo-dev 2017-11-15 21:01:44 UTC
amd64 stable
Comment 4 Thomas Deutschmann gentoo-dev Security 2017-11-16 01:38:23 UTC
x86 stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-16 19:43:39 UTC
ia64 stable
Comment 6 Tobias Klausmann gentoo-dev 2017-11-17 11:22:23 UTC
Stable on alpha.
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-18 10:32:52 UTC
sparc stable (thanks to Rolf Eike Beer)
Comment 8 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-18 12:42:32 UTC
ppc64 stable
Comment 9 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-19 18:50:14 UTC
ppc stable
Comment 10 Markus Meier gentoo-dev 2017-11-19 19:46:20 UTC
arm stable
Comment 11 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-19 19:58:47 UTC
hppa stable
Comment 12 Thomas Deutschmann gentoo-dev Security 2017-12-18 19:02:31 UTC
Repository is clean.
Comment 13 D'juan McDonald (domhnall) 2018-01-05 19:24:54 UTC
New GLSA request filed.


Gentoo Security Padawan
(Jmbailey/mbailey_j)
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2018-01-07 23:37:15 UTC
This issue was resolved and addressed in
 GLSA 201801-05 at https://security.gentoo.org/glsa/201801-05
by GLSA coordinator Aaron Bauman (b-man).