Package: release.debian.org Severity: normal Tags: bookworm User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: filezi...@packages.debian.org Control: affects -1 + src:filezilla
[ Reason ] This will address the no-DSA CVE-2023-48795. The vulnerability has been fixed in sid and trixie. https://security-tracker.debian.org/tracker/CVE-2023-48795 [ Impact ] The impact of putty itself and by proxy also for the SFTP support in filezilla is fortunately very limited : At most an attacker could use abuse terrapin to force the use of SHA1 as negotiated during the server-sig-algs exchange: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terrapin.html [ Tests ] The fix has been extensively tested by upstream. I have built affected filezilla versions with and without patching and performed a variety of connection, transfer and general use tests to be sure this update will work as users expect. [ Risks ] The updating of the embedded putty within filezilla from upstream commits was very straightforward and is minimal risk. [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Other info ] None. Regards Phil -- Playing the game for the games sake. Web: * Debian Wiki: https://wiki.debian.org/PhilWyett * Website: https://kathenas.org * Social Debian: https://pleroma.debian.social/kathenas/ * Social Instagram: https://www.instagram.com/kathenasorg/
diff -Nru filezilla-3.63.0/debian/changelog filezilla-3.63.0/debian/changelog --- filezilla-3.63.0/debian/changelog 2023-08-14 11:48:50.000000000 +0100 +++ filezilla-3.63.0/debian/changelog 2023-12-22 11:35:10.000000000 +0000 @@ -1,3 +1,10 @@ +filezilla (3.63.0-1+deb12u3) bookworm; urgency=medium + + * [CVE-2023-48795] - Add patch: CVE-2023-48795.patch. + - Ref: https://security-tracker.debian.org/tracker/CVE-2023-48795 + + -- Phil Wyett <philip.wy...@kathenas.org> Fri, 22 Dec 2023 11:35:10 +0000 + filezilla (3.63.0-1+deb12u2) bookworm; urgency=medium * Add patch: 0003-crash-when-removing-filetypes-from-list.patch (Closes: #1043556) diff -Nru filezilla-3.63.0/debian/patches/CVE-2023-48795.patch filezilla-3.63.0/debian/patches/CVE-2023-48795.patch --- filezilla-3.63.0/debian/patches/CVE-2023-48795.patch 1970-01-01 01:00:00.000000000 +0100 +++ filezilla-3.63.0/debian/patches/CVE-2023-48795.patch 2023-12-22 11:35:10.000000000 +0000 @@ -0,0 +1,285 @@ +Description: Cherry pick and modify upstream fix for CVE-2023-48795. + +Picked from upstream commits: + +filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11047 +filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11048 +filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11049 +filezilla: https://svn.filezilla-project.org/filezilla?view=revision&revision=11051 + +Author: Phil Wyett <philip.wy...@kathenas.org> + +================================================================================ +--- a/src/putty/ssh.h.orig 2021-06-29 09:59:07.000000000 +0100 ++++ b/src/putty/ssh.h 2023-12-22 11:23:42.211363089 +0000 +@@ -1684,6 +1684,7 @@ + alloc_channel_id_general(tree, offsetof(type, localid))) + + void add_to_commasep(strbuf *buf, const char *data); ++void add_to_commasep_pl(strbuf *buf, ptrlen data); + bool get_commasep_word(ptrlen *list, ptrlen *word); + + int verify_ssh_manual_host_key(Conf *conf, char **fingerprints, ssh_key *key); +--- a/src/putty/ssh2bpp.c.orig 2021-06-29 09:59:07.000000000 +0100 ++++ b/src/putty/ssh2bpp.c 2023-12-22 09:48:54.045561126 +0000 +@@ -115,7 +115,8 @@ + BinaryPacketProtocol *bpp, + const ssh_cipheralg *cipher, const void *ckey, const void *iv, + const ssh2_macalg *mac, bool etm_mode, const void *mac_key, +- const ssh_compression_alg *compression, bool delayed_compression) ++ const ssh_compression_alg *compression, bool delayed_compression, ++ bool reset_sequence_number) + { + struct ssh2_bpp_state *s; + assert(bpp->vt == &ssh2_bpp_vtable); +@@ -155,6 +156,9 @@ + s->out.mac = NULL; + } + ++ if (reset_sequence_number) ++ s->out.sequence = 0; ++ + if (delayed_compression && !s->seen_userauth_success) { + s->out.pending_compression = compression; + s->out_comp = NULL; +@@ -179,7 +183,8 @@ + BinaryPacketProtocol *bpp, + const ssh_cipheralg *cipher, const void *ckey, const void *iv, + const ssh2_macalg *mac, bool etm_mode, const void *mac_key, +- const ssh_compression_alg *compression, bool delayed_compression) ++ const ssh_compression_alg *compression, bool delayed_compression, ++ bool reset_sequence_number) + { + struct ssh2_bpp_state *s; + assert(bpp->vt == &ssh2_bpp_vtable); +@@ -237,6 +242,9 @@ + * start consuming the input data again. */ + s->pending_newkeys = false; + ++ if (reset_sequence_number) ++ s->in.sequence = 0; ++ + /* And schedule a run of handle_input, in case there's already + * input data in the queue. */ + queue_idempotent_callback(&s->bpp.ic_in_raw); +--- a/src/putty/ssh2transport.c.orig 2021-06-29 09:59:07.000000000 +0100 ++++ b/src/putty/ssh2transport.c 2023-12-22 10:01:13.199216745 +0000 +@@ -26,6 +26,13 @@ + &ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5 + }; + ++const static ptrlen ext_info_c = PTRLEN_DECL_LITERAL("ext-info-c"); ++const static ptrlen ext_info_s = PTRLEN_DECL_LITERAL("ext-info-s"); ++const static ptrlen kex_strict_c = ++ PTRLEN_DECL_LITERAL("kex-strict-c-...@openssh.com"); ++const static ptrlen kex_strict_s = ++ PTRLEN_DECL_LITERAL("kex-strict-s-...@openssh.com"); ++ + static ssh_compressor *ssh_comp_none_init(void) + { + return NULL; +@@ -447,6 +454,31 @@ + { + PktIn *pktin; + ++ if (!s->enabled_incoming_crypto) { ++ /* ++ * Record the fact that we've seen any non-KEXINIT packet at ++ * the head of our queue. ++ * ++ * This enables us to check later that the initial incoming ++ * KEXINIT was the very first packet, if scanning the KEXINITs ++ * turns out to enable strict-kex mode. ++ */ ++ PktIn *pktin = pq_peek(s->ppl.in_pq); ++ if (pktin && pktin->type != SSH2_MSG_KEXINIT) ++ s->seen_non_kexinit = true; ++ ++ if (s->strict_kex) { ++ /* ++ * Also, if we're already in strict-KEX mode and haven't ++ * turned on crypto yet, don't do any actual filtering. ++ * This ensures that extraneous packets _after_ the ++ * KEXINIT will go to the main coroutine, which will ++ * complain about them. ++ */ ++ return false; ++ } ++ } ++ + while (1) { + if (ssh2_common_filter_queue(&s->ppl)) + return true; +@@ -840,10 +872,14 @@ + } + } + if (i == KEXLIST_KEX && first_time) { +- if (our_hostkeys) /* we're the server */ +- add_to_commasep(list, "ext-info-s"); +- else /* we're the client */ +- add_to_commasep(list, "ext-info-c"); ++ if (our_hostkeys) { /* we're the server */ ++ add_to_commasep_pl(list, ext_info_s); ++ add_to_commasep_pl(list, kex_strict_s); ++ ++ } else { /* we're the client */ ++ add_to_commasep_pl(list, ext_info_c); ++ add_to_commasep_pl(list, kex_strict_c); ++ } + } + put_stringsb(pktout, list); + } +@@ -853,15 +889,23 @@ + put_stringz(pktout, ""); + } + ++static bool kexinit_keyword_found(ptrlen list, ptrlen keyword) ++{ ++ for (ptrlen word; get_commasep_word(&list, &word) ;) ++ if (ptrlen_eq_ptrlen(word, keyword)) ++ return true; ++ return false; ++} ++ + static bool ssh2_scan_kexinits( +- ptrlen client_kexinit, ptrlen server_kexinit, ++ ptrlen client_kexinit, ptrlen server_kexinit, bool we_are_server, + struct kexinit_algorithm kexlists[NKEXLIST][MAXKEXLIST], + const ssh_kex **kex_alg, const ssh_keyalg **hostkey_alg, + transport_direction *cs, transport_direction *sc, + bool *warn_kex, bool *warn_hk, bool *warn_cscipher, bool *warn_sccipher, + Ssh *ssh, bool *ignore_guess_cs_packet, bool *ignore_guess_sc_packet, + int *n_server_hostkeys, int server_hostkeys[MAXKEXLIST], unsigned *hkflags, +- bool *can_send_ext_info) ++ bool *can_send_ext_info, bool first_time, bool *strict_kex) + { + BinarySource client[1], server[1]; + int i; +@@ -1064,16 +1108,18 @@ + /* + * Check whether the other side advertised support for EXT_INFO. + */ +- { +- ptrlen extinfo_advert = +- (server_hostkeys ? PTRLEN_LITERAL("ext-info-c") : +- PTRLEN_LITERAL("ext-info-s")); +- ptrlen list = (server_hostkeys ? clists[KEXLIST_KEX] : +- slists[KEXLIST_KEX]); +- for (ptrlen word; get_commasep_word(&list, &word) ;) +- if (ptrlen_eq_ptrlen(word, extinfo_advert)) +- *can_send_ext_info = true; +- } ++ if (kexinit_keyword_found( ++ we_are_server ? clists[KEXLIST_KEX] : slists[KEXLIST_KEX], ++ we_are_server ? ext_info_c : ext_info_s)) ++ *can_send_ext_info = true; ++ ++ /* ++ * Check whether the other side advertised support for kex-strict. ++ */ ++ if (first_time && kexinit_keyword_found( ++ we_are_server ? clists[KEXLIST_KEX] : slists[KEXLIST_KEX], ++ we_are_server ? kex_strict_c : kex_strict_s)) ++ *strict_kex = true; + + if (server_hostkeys) { + /* +@@ -1242,14 +1288,28 @@ + + if (!ssh2_scan_kexinits( + ptrlen_from_strbuf(s->client_kexinit), +- ptrlen_from_strbuf(s->server_kexinit), ++ ptrlen_from_strbuf(s->server_kexinit), s->ssc != NULL, + s->kexlists, &s->kex_alg, &s->hostkey_alg, s->cstrans, + s->sctrans, &s->warn_kex, &s->warn_hk, &s->warn_cscipher, + &s->warn_sccipher, s->ppl.ssh, NULL, &s->ignorepkt, &nhk, hks, +- &s->hkflags, &s->can_send_ext_info)) ++ &s->hkflags, &s->can_send_ext_info, !s->got_session_id, ++ &s->strict_kex)) + return; /* false means a fatal error function was called */ + + /* ++ * If we've just turned on strict kex mode, say so, and ++ * retrospectively fault any pre-KEXINIT extraneous packets. ++ */ ++ if (!s->got_session_id && s->strict_kex) { ++ ppl_logevent("Enabling strict key exchange semantics"); ++ if (s->seen_non_kexinit) { ++ ssh_proto_error(s->ppl.ssh, "Received a packet before KEXINIT " ++ "in strict-kex mode"); ++ return; ++ } ++ } ++ ++ /* + * In addition to deciding which host key we're actually going + * to use, we should make a list of the host keys offered by + * the server which we _don't_ have cached. These will be +@@ -1438,7 +1498,9 @@ + s->ppl.bpp, + s->out.cipher, cipher_key->u, cipher_iv->u, + s->out.mac, s->out.etm_mode, mac_key->u, +- s->out.comp, s->out.comp_delayed); ++ s->out.comp, s->out.comp_delayed, ++ s->strict_kex); ++ s->enabled_outgoing_crypto = true; + + strbuf_free(cipher_key); + strbuf_free(cipher_iv); +@@ -1529,7 +1591,9 @@ + s->ppl.bpp, + s->in.cipher, cipher_key->u, cipher_iv->u, + s->in.mac, s->in.etm_mode, mac_key->u, +- s->in.comp, s->in.comp_delayed); ++ s->in.comp, s->in.comp_delayed, ++ s->strict_kex); ++ s->enabled_incoming_crypto = true; + + strbuf_free(cipher_key); + strbuf_free(cipher_iv); +--- a/src/putty/ssh2transport.h.orig 2021-06-29 09:59:07.000000000 +0100 ++++ b/src/putty/ssh2transport.h 2023-12-22 09:57:12.374747626 +0000 +@@ -186,6 +186,8 @@ + bool warned_about_no_gss_transient_hostkey; + bool got_session_id; + bool can_send_ext_info, post_newkeys_ext_info; ++ bool strict_kex, enabled_outgoing_crypto, enabled_incoming_crypto; ++ bool seen_non_kexinit; + int dlgret; + bool guessok; + bool ignorepkt; +--- a/src/putty/sshbpp.h.orig 2021-06-29 09:59:07.000000000 +0100 ++++ b/src/putty/sshbpp.h 2023-12-22 09:53:53.327065403 +0000 +@@ -138,12 +138,14 @@ + BinaryPacketProtocol *bpp, + const ssh_cipheralg *cipher, const void *ckey, const void *iv, + const ssh2_macalg *mac, bool etm_mode, const void *mac_key, +- const ssh_compression_alg *compression, bool delayed_compression); ++ const ssh_compression_alg *compression, bool delayed_compression, ++ bool reset_sequence_number); + void ssh2_bpp_new_incoming_crypto( + BinaryPacketProtocol *bpp, + const ssh_cipheralg *cipher, const void *ckey, const void *iv, + const ssh2_macalg *mac, bool etm_mode, const void *mac_key, +- const ssh_compression_alg *compression, bool delayed_compression); ++ const ssh_compression_alg *compression, bool delayed_compression, ++ bool reset_sequence_number); + + /* + * A query method specific to the interface between ssh2transport and +--- a/src/putty/sshcommon.c.orig 2021-06-29 09:59:07.000000000 +0100 ++++ b/src/putty/sshcommon.c 2023-12-22 11:20:35.839502891 +0000 +@@ -606,6 +606,13 @@ + * lists of protocol identifiers in SSH-2. + */ + ++void add_to_commasep_pl(strbuf *buf, ptrlen data) ++{ ++ if (buf->len > 0) ++ put_byte(buf, ','); ++ put_datapl(buf, data); ++} ++ + void add_to_commasep(strbuf *buf, const char *data) + { + if (buf->len > 0) diff -Nru filezilla-3.63.0/debian/patches/series filezilla-3.63.0/debian/patches/series --- filezilla-3.63.0/debian/patches/series 2023-08-14 11:47:29.000000000 +0100 +++ filezilla-3.63.0/debian/patches/series 2023-12-22 11:35:10.000000000 +0000 @@ -2,3 +2,4 @@ # 11_use-decimal-si-by-default.patch 0002-Add-patch-to-not-build-fzshellext.patch 0003-crash-when-removing-filetypes-from-list.patch +CVE-2023-48795.patch
signature.asc
Description: This is a digitally signed message part
