[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#779517: marked as done (unblock: putty/0.63-10)

Your message dated Sun, 01 Mar 2015 21:09:08 +0100
with message-id <[email protected]>
and subject line Re: Bug#779517: unblock: putty/0.63-10
has caused the Debian Bug report #779517,
regarding unblock: putty/0.63-10
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
779517: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779517
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock

Please unblock putty 0.63-10.  This is mainly a CVE-assigned security
fix (which I cherry-picked rather than trying to get the new 0.64
release into jessie), but there are a couple of sub-CVE-level issues,
and two other small changes I think are worth including.

diff -Nru putty-0.63/debian/.git-dpm putty-0.63/debian/.git-dpm
--- putty-0.63/debian/.git-dpm	2014-10-12 20:43:25.000000000 +0100
+++ putty-0.63/debian/.git-dpm	2015-03-01 12:58:10.000000000 +0000
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-fa575a5eb77674f9b35cbad2d23c1090592197ca
-fa575a5eb77674f9b35cbad2d23c1090592197ca
+ec231f1fb9e91c21cc24fd0ce731d9bee7218613
+ec231f1fb9e91c21cc24fd0ce731d9bee7218613
 6e1e908982e54596aa30d7d4a1f6f00b8fc7fba8
 6e1e908982e54596aa30d7d4a1f6f00b8fc7fba8
 putty_0.63.orig.tar.gz
diff -Nru putty-0.63/debian/changelog putty-0.63/debian/changelog
--- putty-0.63/debian/changelog	2014-10-12 20:47:43.000000000 +0100
+++ putty-0.63/debian/changelog	2015-03-01 12:59:16.000000000 +0000
@@ -1,3 +1,23 @@
+putty (0.63-10) unstable; urgency=medium
+
+  * Backport from upstream:
+    - Make kh2reg.py compatible with modern Python.
+    - MATTA-2015-002: Enforce acceptable range for Diffie-Hellman server
+      value.
+    - Fix an erroneous length field in SSH-1 key load.
+    - CVE-2015-2157: Fix failure to clear sensitive private key information
+      from memory (closes: #779488).
+
+ -- Colin Watson <[email protected]>  Sun, 01 Mar 2015 12:59:15 +0000
+
+putty (0.63-9) unstable; urgency=medium
+
+  * Backport from upstream (Simon Tatham):
+    - Revert the default for font bolding style back to using colours rather
+      than fonts (closes: #772948).
+
+ -- Colin Watson <[email protected]>  Sat, 13 Dec 2014 10:11:04 +0000
+
 putty (0.63-8) unstable; urgency=medium
 
   * Backport from upstream (Simon Tatham), suggested by Jacob Nevins:
diff -Nru putty-0.63/debian/patches/enforce-dh-range.patch putty-0.63/debian/patches/enforce-dh-range.patch
--- putty-0.63/debian/patches/enforce-dh-range.patch	1970-01-01 01:00:00.000000000 +0100
+++ putty-0.63/debian/patches/enforce-dh-range.patch	2015-03-01 12:58:09.000000000 +0000
@@ -0,0 +1,89 @@
+From 1358a16471783c9c816fe9004de45ae7202bc976 Mon Sep 17 00:00:00 2001
+From: Simon Tatham <[email protected]>
+Date: Sun, 1 Mar 2015 12:50:27 +0000
+Subject: Enforce acceptable range for Diffie-Hellman server value.
+
+Florent Daigniere of Matta points out that RFC 4253 actually
+_requires_ us to refuse to accept out-of-range values, though it isn't
+completely clear to me why this should be a MUST on the receiving end.
+
+Matta considers this to be a security vulnerability, on the grounds
+that if a server should accidentally send an obviously useless value
+such as 1 then we will fail to reject it and agree a key that an
+eavesdropper could also figure out. Their id for this vulnerability is
+MATTA-2015-002.
+
+Origin: upstream, http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=174476813f0ed94337aecc3e2d13a202a1dc2fa8
+Last-Update: 2015-03-01
+
+Patch-Name: enforce-dh-range.patch
+---
+ ssh.c   |  7 +++++++
+ ssh.h   |  1 +
+ sshdh.c | 23 +++++++++++++++++++++++
+ 3 files changed, 31 insertions(+)
+
+diff --git a/ssh.c b/ssh.c
+index 9eed54d..b543df1 100644
+--- a/ssh.c
++++ b/ssh.c
+@@ -6082,6 +6082,13 @@ static void do_ssh2_transport(Ssh ssh, void *vin, int inlen,
+         }
+         ssh_pkt_getstring(pktin, &s->sigdata, &s->siglen);
+ 
++        {
++            const char *err = dh_validate_f(ssh->kex_ctx, s->f);
++            if (err) {
++                bombout(("key exchange reply failed validation: %s", err));
++                crStopV;
++            }
++        }
+         s->K = dh_find_K(ssh->kex_ctx, s->f);
+ 
+         /* We assume everything from now on will be quick, and it might
+diff --git a/ssh.h b/ssh.h
+index 031fd97..ac5a10f 100644
+--- a/ssh.h
++++ b/ssh.h
+@@ -471,6 +471,7 @@ void *dh_setup_group(const struct ssh_kex *kex);
+ void *dh_setup_gex(Bignum pval, Bignum gval);
+ void dh_cleanup(void *);
+ Bignum dh_create_e(void *, int nbits);
++const char *dh_validate_f(void *handle, Bignum f);
+ Bignum dh_find_K(void *, Bignum f);
+ 
+ int loadrsakey(const Filename *filename, struct RSAKey *key,
+diff --git a/sshdh.c b/sshdh.c
+index c733b61..8f8ab2d 100644
+--- a/sshdh.c
++++ b/sshdh.c
+@@ -219,6 +219,29 @@ Bignum dh_create_e(void *handle, int nbits)
+ }
+ 
+ /*
++ * DH stage 2-epsilon: given a number f, validate it to ensure it's in
++ * range. (RFC 4253 section 8: "Values of 'e' or 'f' that are not in
++ * the range [1, p-1] MUST NOT be sent or accepted by either side."
++ * Also, we rule out 1 and p-1 too, since that's easy to do and since
++ * they lead to obviously weak keys that even a passive eavesdropper
++ * can figure out.)
++ */
++const char *dh_validate_f(void *handle, Bignum f)
++{
++    struct dh_ctx *ctx = (struct dh_ctx *)handle;
++    if (bignum_cmp(f, One) <= 0) {
++        return "f value received is too small";
++    } else {
++        Bignum pm1 = bigsub(ctx->p, One);
++        int cmp = bignum_cmp(f, pm1);
++        freebn(pm1);
++        if (cmp >= 0)
++            return "f value received is too large";
++    }
++    return NULL;
++}
++
++/*
+  * DH stage 2: given a number f, compute K = f^x mod p.
+  */
+ Bignum dh_find_K(void *handle, Bignum f)
diff -Nru putty-0.63/debian/patches/font-bolding-style-default.patch putty-0.63/debian/patches/font-bolding-style-default.patch
--- putty-0.63/debian/patches/font-bolding-style-default.patch	1970-01-01 01:00:00.000000000 +0100
+++ putty-0.63/debian/patches/font-bolding-style-default.patch	2015-03-01 12:58:09.000000000 +0000
@@ -0,0 +1,36 @@
+From 0a82f756c07d0266a6ff6f3b7fd86ccb1cd84040 Mon Sep 17 00:00:00 2001
+From: Simon Tatham <[email protected]>
+Date: Wed, 7 Aug 2013 06:22:52 +0000
+Subject: Revert default for font bolding style
+
+Revert the default for font bolding style back to using colours rather
+than fonts. I broke this in r9559 when I added the option for 'both',
+because the internal representation got offset by one so as to change
+from a boolean to two bitfields and I must have confused myself about
+what the default should be.
+
+[originally from svn r10008]
+[r9559 == bc6e0952ef1c27c577318ee3c0883c7823c7005b]
+
+Origin: upstream, http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=c0b6e0b9626baecab20ba6946dc26a75f187e2cf
+Bug-Debian: http://bugs.debian.org/772948
+Last-Update: 2014-12-13
+
+Patch-Name: font-bolding-style-default.patch
+---
+ settings.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/settings.c b/settings.c
+index 8bcfb21..2aae3f1 100644
+--- a/settings.c
++++ b/settings.c
+@@ -871,7 +871,7 @@ void load_open_settings(void *sesskey, Conf *conf)
+     gppi(sesskey, "TryPalette", 0, conf, CONF_try_palette);
+     gppi(sesskey, "ANSIColour", 1, conf, CONF_ansi_colour);
+     gppi(sesskey, "Xterm256Colour", 1, conf, CONF_xterm_256_colour);
+-    i = gppi_raw(sesskey, "BoldAsColour", 0); conf_set_int(conf, CONF_bold_style, i+1);
++    i = gppi_raw(sesskey, "BoldAsColour", 1); conf_set_int(conf, CONF_bold_style, i+1);
+ 
+     for (i = 0; i < 22; i++) {
+ 	static const char *const defaults[] = {
diff -Nru putty-0.63/debian/patches/kh2reg-modern-python.patch putty-0.63/debian/patches/kh2reg-modern-python.patch
--- putty-0.63/debian/patches/kh2reg-modern-python.patch	1970-01-01 01:00:00.000000000 +0100
+++ putty-0.63/debian/patches/kh2reg-modern-python.patch	2015-03-01 12:58:09.000000000 +0000
@@ -0,0 +1,74 @@
+From 62044d3f09a28436c37b288913649bf3374f7c06 Mon Sep 17 00:00:00 2001
+From: Jacob Nevins <[email protected]>
+Date: Sun, 1 Mar 2015 12:45:34 +0000
+Subject: Make kh2reg.py compatible with modern Python.
+
+Bare string exceptions aren't supported any more.
+Patch by Will Aoki, plus a backward compatibility tweak from Colin Watson.
+Seen working with Python 2.4.3 and 2.7.6.
+
+Origin: upstream, http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=56a42d09d43e91603f3fbf01f5781bcbbc54a6bd
+Last-Update: 2015-03-01
+
+Patch-Name: kh2reg-modern-python.patch
+---
+ contrib/kh2reg.py | 20 ++++++++++++++------
+ 1 file changed, 14 insertions(+), 6 deletions(-)
+
+diff --git a/contrib/kh2reg.py b/contrib/kh2reg.py
+index da62b3f..e6f27ef 100755
+--- a/contrib/kh2reg.py
++++ b/contrib/kh2reg.py
+@@ -9,7 +9,8 @@
+ #     kh2reg.py --unix    known_hosts1 2 3 4 ... > sshhostkeys
+ #       Creates data suitable for storing in ~/.putty/sshhostkeys (Unix).
+ # Line endings are someone else's problem as is traditional.
+-# Developed for Python 1.5.2.
++# Originally developed for Python 1.5.2, but probably won't run on that
++# any more.
+ 
+ import fileinput
+ import base64
+@@ -64,6 +65,13 @@ if output_type == 'windows':
+ [HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys]
+ """)
+ 
++class BlankInputLine(Exception):
++    pass
++
++class UnknownKeyType(Exception):
++   def __init__(self, keytype):
++       self.keytype = keytype
++
+ # Now process all known_hosts input.
+ for line in fileinput.input(args):
+ 
+@@ -73,7 +81,7 @@ for line in fileinput.input(args):
+ 
+         # Skip blanks and comments
+         if line == '' or line[0] == '#':
+-            raise "Skipping input line"
++            raise BlankInputLine
+ 
+         # Split line on spaces.
+         fields = string.split (line, ' ')
+@@ -120,7 +128,7 @@ for line in fileinput.input(args):
+             if   sshkeytype == "ssh-rsa":   keytype = "rsa2"
+             elif sshkeytype == "ssh-dss":   keytype = "dss"
+             else:
+-                raise "Unknown SSH key type", sshkeytype
++                raise UnknownKeyType(sshkeytype)
+ 
+         # Now print out one line per host pattern, discarding wildcards.
+         for host in string.split (hostpat, ','):
+@@ -151,7 +159,7 @@ for line in fileinput.input(args):
+                     sys.stdout.write("\"%s\"=\"%s\"\n"
+                                      % (winmungestr(key), value))
+ 
+-    except "Unknown SSH key type", k:
+-        sys.stderr.write("Unknown SSH key type '%s', skipping\n" % k)
+-    except "Skipping input line":
++    except UnknownKeyType, k:
++        sys.stderr.write("Unknown SSH key type '%s', skipping\n" % k.keytype)
++    except BlankInputLine:
+         pass
diff -Nru putty-0.63/debian/patches/private-key-not-wiped-2.patch putty-0.63/debian/patches/private-key-not-wiped-2.patch
--- putty-0.63/debian/patches/private-key-not-wiped-2.patch	1970-01-01 01:00:00.000000000 +0100
+++ putty-0.63/debian/patches/private-key-not-wiped-2.patch	2015-03-01 12:58:10.000000000 +0000
@@ -0,0 +1,70 @@
+From ec231f1fb9e91c21cc24fd0ce731d9bee7218613 Mon Sep 17 00:00:00 2001
+From: Simon Tatham <[email protected]>
+Date: Sun, 1 Mar 2015 12:55:31 +0000
+Subject: Add some missing smemclrs and sfrees.
+
+The absence of these could have prevented sensitive private key
+information from being properly cleared out of memory that PuTTY tools
+had finished with.
+
+Thanks to Patrick Coleman for spotting this and sending a patch.
+
+Origin: upstream, http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=65f69bca7363ceceeac515ae2a82b8f8adc6404d
+Bug: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
+Bug-Debian: http://bugs.debian.org/779488
+
+Patch-Name: private-key-not-wiped-2.patch
+---
+ sshpubk.c | 18 ++++++++++++++----
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/sshpubk.c b/sshpubk.c
+index 8cb4bf1..753370d 100644
+--- a/sshpubk.c
++++ b/sshpubk.c
+@@ -844,6 +844,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
+ 	goto error;
+     }
+     sfree(public_blob);
++    smemclr(private_blob, private_blob_len);
+     sfree(private_blob);
+     sfree(encryption);
+     if (errorstr)
+@@ -864,8 +865,10 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
+ 	sfree(mac);
+     if (public_blob)
+ 	sfree(public_blob);
+-    if (private_blob)
+-	sfree(private_blob);
++    if (private_blob) {
++        smemclr(private_blob, private_blob_len);
++        sfree(private_blob);
++    }
+     if (errorstr)
+ 	*errorstr = error;
+     return ret;
+@@ -1154,8 +1157,14 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
+     }
+ 
+     fp = f_open(filename, "w", TRUE);
+-    if (!fp)
+-	return 0;
++    if (!fp) {
++        sfree(pub_blob);
++        smemclr(priv_blob, priv_blob_len);
++        sfree(priv_blob);
++        smemclr(priv_blob_encrypted, priv_blob_len);
++        sfree(priv_blob_encrypted);
++        return 0;
++    }
+     fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);
+     fprintf(fp, "Encryption: %s\n", cipherstr);
+     fprintf(fp, "Comment: %s\n", key->comment);
+@@ -1172,6 +1181,7 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
+     sfree(pub_blob);
+     smemclr(priv_blob, priv_blob_len);
+     sfree(priv_blob);
++    smemclr(priv_blob_encrypted, priv_blob_len);
+     sfree(priv_blob_encrypted);
+     return 1;
+ }
diff -Nru putty-0.63/debian/patches/series putty-0.63/debian/patches/series
--- putty-0.63/debian/patches/series	2014-10-12 20:43:25.000000000 +0100
+++ putty-0.63/debian/patches/series	2015-03-01 12:58:10.000000000 +0000
@@ -8,3 +8,8 @@
 gtk-timer-leak-1.patch
 gtk-timer-leak-2.patch
 dynamic-tunnel-session.patch
+font-bolding-style-default.patch
+kh2reg-modern-python.patch
+enforce-dh-range.patch
+ssh-1-key-load-length.patch
+private-key-not-wiped-2.patch
diff -Nru putty-0.63/debian/patches/ssh-1-key-load-length.patch putty-0.63/debian/patches/ssh-1-key-load-length.patch
--- putty-0.63/debian/patches/ssh-1-key-load-length.patch	1970-01-01 01:00:00.000000000 +0100
+++ putty-0.63/debian/patches/ssh-1-key-load-length.patch	2015-03-01 12:58:09.000000000 +0000
@@ -0,0 +1,32 @@
+From 311ccf95a87f611fee426018bb4d6b7244c7da7e Mon Sep 17 00:00:00 2001
+From: Simon Tatham <[email protected]>
+Date: Sun, 1 Mar 2015 12:53:44 +0000
+Subject: Fix an erroneous length field in SSH-1 key load.
+
+We incremented buf by a few bytes, so we must decrement the
+corresponding length by the same amount, or else makekey() could
+overrun.
+
+Thanks to Patrick Coleman for the patch.
+
+Origin: upstream, http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=1f757928051b6d6ff231b2265bad2d263b0fe3ea
+Last-Update: 2015-03-01
+
+Patch-Name: ssh-1-key-load-length.patch
+---
+ sshpubk.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sshpubk.c b/sshpubk.c
+index ac9e0fa..8cb4bf1 100644
+--- a/sshpubk.c
++++ b/sshpubk.c
+@@ -67,7 +67,7 @@ static int loadrsakey_main(FILE * fp, struct RSAKey *key, int pub_only,
+     i += 4;
+ 
+     /* Now the serious stuff. An ordinary SSH-1 public key. */
+-    j = makekey(buf + i, len, key, NULL, 1);
++    j = makekey(buf + i, len - i, key, NULL, 1);
+     if (j < 0)
+ 	goto end;		       /* overran */
+     i += j;

unblock putty/0.63-10

Thanks,

-- 
Colin Watson                                       [[email protected]]

--- End Message ---
--- Begin Message --- 
On 2015-03-01 20:38, Colin Watson wrote:
> Package: release.debian.org
> Severity: normal
> User: [email protected]
> Usertags: unblock
> 
> Please unblock putty 0.63-10.  This is mainly a CVE-assigned security
> fix (which I cherry-picked rather than trying to get the new 0.64
> release into jessie), but there are a couple of sub-CVE-level issues,
> and two other small changes I think are worth including.
> 
> [...]
> 
> unblock putty/0.63-10
> 
> Thanks,
> 

Hi Colin,

Thanks for the request, I have unblocked putty/0.63-10.



Unrelated to this request, grub2 is taking some heavy beating having no
less than ~10 RC bugs right now.  In your opinion, are some of these RC
bugs, where it would make sense:

 * for us to encourage people to have a look at them?  Though this
   presumes the issues are something the average DD can help with.
 * for us to flag them as blockers/non-blockers for the release?
 * for us to downgrade them as severity inflated?

Also, at first glance, the version in unstable seems to solve some of
these RC bugs without introducing new ones.  However, I do not see an
unblock request for it?  Is there a reason for not migrating the new
version of grub2 (I haven't looked at the changes)?
  If not, please file an unblock bug for it and we will have a look at it.

Thanks,
~Niels

--- End Message ---
Reply to:
OSZAR »