Bug 34269 - libssh: Insecure PRNG seeding (3.2)
Summary: libssh: Insecure PRNG seeding (3.2)
Status: CLOSED FIXED
Alias: None
Product: UCS
Classification: Unclassified
Component: Security updates
Version: UCS 3.2
Hardware: Other Linux
: P4 normal
Target Milestone: UCS 3.2-8-errata
Assignee: Philipp Hahn
QA Contact: Arvid Requate
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-06 09:55 CET by Moritz Muehlenhoff
Modified: 2016-07-21 14:01 CEST (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:
requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2014-03-06 09:55:05 CET 
+++ This bug was initially created as a clone of Bug #34268 +++

CVE-2014-0017

The PRNG is not always correctly reseeding when a new process is forked.
Comment 1 Arvid Requate univentionstaff 2015-08-17 11:27:57 CEST 
Fixed in 0.4.5-3+squeeze2
Comment 2 Arvid Requate univentionstaff 2016-02-23 17:07:18 CET 
Another issue has been fixed in upstream Debian package version 0.4.5-3+squeeze3:

* Weak Diffie-Hellman secret generation in libssh (CVE-2016-0739)
Comment 3 Philipp Hahn univentionstaff 2016-06-09 10:01:19 CEST 
$ repo_admin.py --cherrypick -r 3.1 -s extsec3.1 --releasedest 3.3 --dest errata3.3-0 -p libssh

Package: libssh
Version: 0.4.5-3.18.201606090958
Branch: ucs_3.3-0
Scope: errata3.3-0

r70004 | Bug #34269: libssh YAML
 libssh.yaml
Comment 4 Philipp Hahn univentionstaff 2016-06-09 10:09:26 CEST 
$ repo_admin.py --cherrypick -r 3.1 -s extsec3.1 --releasedest 3.2 --dest errata3.2-8 -p libssh

Package: libssh
Version: 0.4.5-3.18.201606091002
Branch: ucs_3.2-0
Scope: errata3.2-8

r70005 | Bug #34269: libssh
 libssh.yaml
Comment 5 Arvid Requate univentionstaff 2016-06-09 17:52:17 CEST 
Versioning issue: The errata3.2-8 package version will not get updated during update to UCS 3.3. It will stay until the system is updated to errata3.3-0-latest:

Version:        0.4.5-3.5.201303011058:         ucs_3.1-0-ucs3.1-1
Version:        0.4.5-3.15.201606090935:        ucs_3.1-0-extsec3.1
Version:        0.4.5-3.18.201606091002:        ucs_3.2-0-errata3.2-8
Version:        0.4.5-3.16.201605091706:        ucs_3.3-0
Version:        0.4.5-3.19.201606091004:        ucs_3.3-0-errata3.3-0


Maybe it's not critical, but we may as well rebuilt it properly e.g. with

.../config/version/libssh := 13 in ucs_3.1-0-extsec3.1

and

.../config/version/libssh := 14 in ucs_3.2-0-errata3.2-8
Comment 6 Philipp Hahn univentionstaff 2016-06-13 11:45:03 CEST 
(In reply to Arvid Requate from comment #5)
> Versioning issue: The errata3.2-8 package version will not get updated
> during update to UCS 3.3. It will stay until the system is updated to
> errata3.3-0-latest:
...
> Maybe it's not critical, but we may as well rebuilt it properly e.g. with
> .../config/version/libssh := 13 in ucs_3.1-0-extsec3.1

printf 14 > /var/univention/buildsystem2/config/versions/libssh

Package: libssh
Version: 0.4.5-3.15.201606131016
Branch: ucs_3.2-0
Scope: errata3.2-8

buildsystem=> SELECT DISTINCT srcver,major,minor,patch,scope,site FROM binpkg WHERE srcpkg='libssh' AND major>=3 AND site<>'testing' AND site<>'test' ORDER BY srcver;
         srcver          | major | minor | patch | scope  | site 
-------------------------+-------+-------+-------+--------+------
 0.4.5-3.3.201104201457  |     3 |     0 |     0 |        | ftp
 0.4.5-3.3.201104201457  |     3 |     0 |     0 |        | apt
 0.4.5-3.5.201303011058  |     3 |     1 |     1 |        | ftp
 0.4.5-3.5.201303011058  |     3 |     1 |     1 |        | apt
 0.4.5-3.15.201606090935 |     3 |     1 |       | extsec | apt
 0.4.5-3.15.201606131016 |     3 |     2 |     8 | errata | apt
 0.4.5-3.16.201605091706 |     3 |     3 |     0 |        | apt
 0.5.4-1.8.201406182156  |     4 |     0 |     0 |        | apt
 0.5.4-1.8.201406182156  |     4 |     0 |     0 |        | ftp

r70112 | Bug #34269: libssh YAML
 libssh.yaml
Comment 7 Arvid Requate univentionstaff 2016-07-20 13:47:56 CEST 
Ok.
Comment 8 Janek Walkenhorst univentionstaff 2016-07-21 14:01:49 CEST 
<http://errata.software-univention.de/ucs/3.2/442.html>