Hi Laurent, I've prepared an NMU for libssh (versioned as 0.6.3-4.3) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer.
Regards, Salvatore
diff -Nru libssh-0.6.3/debian/changelog libssh-0.6.3/debian/changelog --- libssh-0.6.3/debian/changelog 2015-11-16 20:26:31.000000000 +0100 +++ libssh-0.6.3/debian/changelog 2016-02-23 19:54:50.000000000 +0100 @@ -1,3 +1,10 @@ +libssh (0.6.3-4.3) unstable; urgency=medium + + * Non-maintainer upload. + * CVE-2016-0739: Truncated Diffie-Hellman secret length (Closes: #815663) + + -- Salvatore Bonaccorso <car...@debian.org> Tue, 23 Feb 2016 19:54:04 +0100 + libssh (0.6.3-4.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru libssh-0.6.3/debian/patches/0003_CVE-2016-0739.patch libssh-0.6.3/debian/patches/0003_CVE-2016-0739.patch --- libssh-0.6.3/debian/patches/0003_CVE-2016-0739.patch 1970-01-01 01:00:00.000000000 +0100 +++ libssh-0.6.3/debian/patches/0003_CVE-2016-0739.patch 2016-02-23 19:54:50.000000000 +0100 @@ -0,0 +1,64 @@ +Description: CVE-2016-0739: Truncated Diffie-Hellman secret length +Origin: upstream, https://git.libssh.org/projects/libssh.git/commit/?id=f8d0026c65fc8a55748ae481758e2cf376c26c86 +Bug-Debian: https://bugs.debian.org/815663 +Forwarded: not-needed +Author: Aris Adamantiadis <a...@0xbadc0de.be> +Reviewed-by: Salvatore Bonaccorso <car...@debian.org> +Last-Update: 2016-02-22 +Applied-Upstream: 0.7.3 + +--- + src/dh.c | 22 +++++++++++++++++----- + 1 file changed, 17 insertions(+), 5 deletions(-) + +--- a/src/dh.c ++++ b/src/dh.c +@@ -240,15 +240,21 @@ void ssh_print_bignum(const char *which, + } + + int dh_generate_x(ssh_session session) { ++ int keysize; ++ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { ++ keysize = 1023; ++ } else { ++ keysize = 2047; ++ } + session->next_crypto->x = bignum_new(); + if (session->next_crypto->x == NULL) { + return -1; + } + + #ifdef HAVE_LIBGCRYPT +- bignum_rand(session->next_crypto->x, 128); ++ bignum_rand(session->next_crypto->x, keysize); + #elif defined HAVE_LIBCRYPTO +- bignum_rand(session->next_crypto->x, 128, 0, -1); ++ bignum_rand(session->next_crypto->x, keysize, -1, 0); + #endif + + /* not harder than this */ +@@ -261,15 +267,21 @@ int dh_generate_x(ssh_session session) { + + /* used by server */ + int dh_generate_y(ssh_session session) { +- session->next_crypto->y = bignum_new(); ++ int keysize; ++ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) { ++ keysize = 1023; ++ } else { ++ keysize = 2047; ++ } ++ session->next_crypto->y = bignum_new(); + if (session->next_crypto->y == NULL) { + return -1; + } + + #ifdef HAVE_LIBGCRYPT +- bignum_rand(session->next_crypto->y, 128); ++ bignum_rand(session->next_crypto->y, keysize); + #elif defined HAVE_LIBCRYPTO +- bignum_rand(session->next_crypto->y, 128, 0, -1); ++ bignum_rand(session->next_crypto->y, keysize, -1, 0); + #endif + + /* not harder than this */ diff -Nru libssh-0.6.3/debian/patches/series libssh-0.6.3/debian/patches/series --- libssh-0.6.3/debian/patches/series 2015-11-16 20:26:31.000000000 +0100 +++ libssh-0.6.3/debian/patches/series 2016-02-23 19:54:50.000000000 +0100 @@ -1,5 +1,6 @@ 0001_CVE-2014-8132.patch 0002_CVE-2015-3146.patch +0003_CVE-2016-0739.patch 1001_error-msg-typo-fix.patch 1003-custom-lib-names.patch 2002-fix-html-doc-generation.patch
