[v2 0/2] libssh / libssh2 security updates

[v2 0/2] libssh / libssh2 security updates

[Leo Famulari]

Sorry for the noise but my last email on this subject contained an early
draft of the annotation. It's possible the patches were an earlier
revision as well, so I'm resending here.

Please disregard the first version.

These patches address CVE-2016-0739 (libssh) and CVE-2016-0786 (libssh2)
[0].

For libssh, we update to the latest upstream release, 0.7.3 [1].

Guile-ssh depends on a private package of an older version of libssh [2], so
we update that private package to the latest version supported by
guile-ssh, 0.6.5. This happens to be the previous version of our public
libssh package.

This allows us to remove the patch for CVE-2014-0017, which was fixed in
libssh-0.6.3 [3].

For libssh2, we update to the latest upstream release, 1.7.0. [4]

Many packages depend on libssh2, including curl, so we create a
temporary package of the old, vulnerable version, 1.4. When we have
rebuilt all packages affected by CVE-2016-0786, this temporary package
should be removed and curl should be made to depend on the latest
version. That future commit should state "Fixes CVE-2016-7087".

Please double check that curl does not need to be rebuilt before
applying these patches. Feel free to reorganize them changes or alter
the commit messages as desired.

[0]
http://seclists.org/oss-sec/2016/q1/408
http://www.libssh.org/archive/libssh/2016-02/0000013.html
https://libssh2.org/changes.html

[1]
http://www.libssh.org/archive/libssh/2016-02/0000013.html

[2]
https://github.com/artyom-poptsov/guile-ssh#requirements

[3]
https://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0017

[4]
https://libssh2.org/changes.html


Leo Famulari (2):
  gnu: libssh2: Update to 1.7.0.
  gnu: libssh: Update to 0.7.3.

 gnu-system.am                                   |  1 -
 gnu/packages/curl.scm                           |  2 +-
 gnu/packages/patches/libssh-CVE-2014-0017.patch | 89 -------------------------
 gnu/packages/ssh.scm                            | 48 +++++++++----
 4 files changed, 35 insertions(+), 105 deletions(-)
 delete mode 100644 gnu/packages/patches/libssh-CVE-2014-0017.patch

-- 
2.7.1

[v2 1/2] gnu: libssh2: Update to 1.7.0.

[Leo Famulari]

Partially fixes CVE-2016-7087.

libssh2-1.4 is for temporary use by curl, while all packages affected by
CVE-2016-7087 are rebuilt. Once they are rebuilt, curl should be updated
to use libssh2-1.7.0, and libssh2-1.4 should be removed.

* gnu/packages/ssh.scm (libssh2): Update to 1.7.0.
(libssh2-1.4): New variable.
* gnu/packages/curl.scm (curl)[inputs]: Temporarily specify dependency
on libssh2-1.4 while rebuilding.
---
 gnu/packages/curl.scm |  2 +-
 gnu/packages/ssh.scm  | 28 ++++++++++++++++++++++++----
 2 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index 222910b..0187a0b 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -54,7 +54,7 @@
    (inputs `(("gnutls" ,gnutls)
              ("gss" ,gss)
              ("libidn" ,libidn)
-             ("libssh2" ,libssh2)
+             ("libssh2" ,libssh2-1.4)
              ("openldap" ,openldap)
              ("zlib" ,zlib)))
    (native-inputs
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index d4bf29c..2b0693b 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -2,6 +2,7 @@
 ;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -85,14 +86,15 @@ remote applications.")
 (define-public libssh2
   (package
    (name "libssh2")
-   (version "1.4.3")
+   (version "1.7.0")
    (source (origin
             (method url-fetch)
             (uri (string-append
-                   "http://www.libssh2.org/download/libssh2-"
+                   "https://www.libssh2.org/download/libssh2-"
                    version ".tar.gz"))
-            (sha256 (base32
-                     "0vdr478dbhbdgnniqmirawjb7mrcxckn4slhhrijxnzrkmgziipa"))))
+            (sha256
+             (base32
+              "116mh112w48vv9k3f15ggp5kxw5sj4b88dzb5j69llsh7ba1ymp4"))))
    (build-system gnu-build-system)
    ;; The installed libssh2.pc file does not include paths to libgcrypt and
    ;; zlib libraries, so we need to propagate the inputs.
@@ -108,6 +110,24 @@ a server that supports the SSH-2 protocol.")
    (license license:bsd-3)
    (home-page "http://www.libssh2.org/")))
 
+;;; This is a temporary package for use only by curl. Once we have
+;;; rebuilt all packages affected by CVE-2016-0787, this package should
+;;; be removed.
+;;;
+;;; This package is vulnerable to CVE-2016-7087.
+;;;
+;;; https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0787
+(define-public libssh2-1.4
+  (package (inherit libssh2)
+    (version "1.4.3")
+    (source (origin
+             (method url-fetch)
+             (uri (string-append "https://www.libssh2.org/download/libssh2-"
+                                 version ".tar.gz"))
+             (sha256
+              (base32
+                "0vdr478dbhbdgnniqmirawjb7mrcxckn4slhhrijxnzrkmgziipa"))))))
+
 (define-public openssh
   (package
    (name "openssh")
-- 
2.7.1

[v2 2/2] gnu: libssh: Update to 0.7.3.

[Leo Famulari]

Fixes CVE-2016-0739.

* gnu/packages/ssh.scm (libssh): Update to 0.7.3.
(libssh-0.5): Update to 0.6.5 and rename to libssh-0.6.
(guile-ssh): Specify dependency on libssh-0.6.
* gnu/packages/patches/libssh-CVE-2014-0017.patch: Delete file.
* gnu-system.am: Remove it.
---
 gnu-system.am                                   |  1 -
 gnu/packages/patches/libssh-CVE-2014-0017.patch | 89 -------------------------
 gnu/packages/ssh.scm                            | 20 +++---
 3 files changed, 10 insertions(+), 100 deletions(-)
 delete mode 100644 gnu/packages/patches/libssh-CVE-2014-0017.patch

diff --git a/gnu-system.am b/gnu-system.am
index a93b005..d2e90ed 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -571,7 +571,6 @@ dist_patch_DATA =						\
   gnu/packages/patches/libtiff-oob-accesses-in-decode.patch	\
   gnu/packages/patches/libtiff-oob-write-in-nextdecode.patch	\
   gnu/packages/patches/libtool-skip-tests2.patch		\
-  gnu/packages/patches/libssh-CVE-2014-0017.patch		\
   gnu/packages/patches/libunwind-CVE-2015-3239.patch		\
   gnu/packages/patches/libwmf-CAN-2004-0941.patch		\
   gnu/packages/patches/libwmf-CVE-2006-3376.patch		\
diff --git a/gnu/packages/patches/libssh-CVE-2014-0017.patch b/gnu/packages/patches/libssh-CVE-2014-0017.patch
deleted file mode 100644
index 94d8cc3..0000000
--- a/gnu/packages/patches/libssh-CVE-2014-0017.patch
+++ /dev/null
@@ -1,89 +0,0 @@
-Patch from libssh 0.6, with bind.c hunk adjusted for 0.5.5.
-
-From e99246246b4061f7e71463f8806b9dcad65affa0 Mon Sep 17 00:00:00 2001
-From: Aris Adamantiadis <aris@0xbadc0de.be>
-Date: Wed, 05 Feb 2014 20:24:12 +0000
-Subject: security: fix for vulnerability CVE-2014-0017
-
-When accepting a new connection, a forking server based on libssh forks
-and the child process handles the request. The RAND_bytes() function of
-openssl doesn't reset its state after the fork, but simply adds the
-current process id (getpid) to the PRNG state, which is not guaranteed
-to be unique.
-This can cause several children to end up with same PRNG state which is
-a security issue.
----
-diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h
-index 7374a88..e8ff32c 100644
---- a/include/libssh/wrapper.h
-+++ b/include/libssh/wrapper.h
-@@ -70,5 +70,6 @@ int crypt_set_algorithms_server(ssh_session session);
- struct ssh_crypto_struct *crypto_new(void);
- void crypto_free(struct ssh_crypto_struct *crypto);
- 
-+void ssh_reseed(void);
- 
- #endif /* WRAPPER_H_ */
-diff --git a/src/bind.c b/src/bind.c
-index 8d82d0d..03d3403 100644
---- a/src/bind.c
-+++ b/src/bind.c
-@@ -375,6 +375,8 @@ int ssh_bind_accept(ssh_bind sshbind, ss
-   session->dsa_key = dsa;
-   session->rsa_key = rsa;
- 
-+  /* force PRNG to change state in case we fork after ssh_bind_accept */
-+  ssh_reseed();
-   return SSH_OK;
- }
- 
-diff --git a/src/libcrypto.c b/src/libcrypto.c
-index bb1d96a..d8cc795 100644
---- a/src/libcrypto.c
-+++ b/src/libcrypto.c
-@@ -23,6 +23,7 @@
- #include <stdlib.h>
- #include <stdio.h>
- #include <string.h>
-+#include <sys/time.h>
- 
- #include "libssh/priv.h"
- #include "libssh/session.h"
-@@ -38,6 +39,8 @@
- #include <openssl/rsa.h>
- #include <openssl/hmac.h>
- #include <openssl/opensslv.h>
-+#include <openssl/rand.h>
-+
- #ifdef HAVE_OPENSSL_AES_H
- #define HAS_AES
- #include <openssl/aes.h>
-@@ -74,6 +77,12 @@ static int alloc_key(struct ssh_cipher_struct *cipher) {
-     return 0;
- }
- 
-+void ssh_reseed(void){
-+    struct timeval tv;
-+    gettimeofday(&tv, NULL);
-+    RAND_add(&tv, sizeof(tv), 0.0);
-+}
-+
- SHACTX sha1_init(void) {
-   SHACTX c = malloc(sizeof(*c));
-   if (c == NULL) {
-diff --git a/src/libgcrypt.c b/src/libgcrypt.c
-index 899bccd..4617901 100644
---- a/src/libgcrypt.c
-+++ b/src/libgcrypt.c
-@@ -45,6 +45,9 @@ static int alloc_key(struct ssh_cipher_struct *cipher) {
-     return 0;
- }
- 
-+void ssh_reseed(void){
-+	}
-+
- SHACTX sha1_init(void) {
-   SHACTX ctx = NULL;
-   gcry_md_open(&ctx, GCRY_MD_SHA1, 0);
---
-cgit v0.9.1
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 2b0693b..062f7fd 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -45,15 +45,15 @@
 (define-public libssh
   (package
     (name "libssh")
-    (version "0.6.5")
+    (version "0.7.3")
     (source (origin
               (method url-fetch)
               (uri (string-append
-                    "https://red.libssh.org/attachments/download/121/libssh-"
+                    "https://red.libssh.org/attachments/download/195/libssh-"
                     version ".tar.xz"))
               (sha256
                (base32
-                "0b6wyx6bwbb8jpn8x4rhlrdiqwqrwrs0mxjmrnqykm9kw1ijgm8g"))))
+                "165g49i4kmm3bfsjm0n8hm21kadv79g9yjqyq09138jxanz4dvr6"))))
     (build-system cmake-build-system)
     (arguments
      '(#:configure-flags '("-DWITH_GCRYPT=ON")
@@ -71,17 +71,17 @@ remote applications.")
     (home-page "http://www.libssh.org")
     (license license:lgpl2.1+)))
 
-(define libssh-0.5                                ; kept private
+(define libssh-0.6 ; kept private for use in guile-ssh
   (package (inherit libssh)
-    (version "0.5.5")
+    (version "0.6.5")
     (source (origin
               (method url-fetch)
-              (uri (string-append "https://red.libssh.org/attachments/download/51/libssh-"
-                                  version ".tar.gz"))
+              (uri (string-append "https://red.libssh.org/attachments/"
+                                  "download/121/libssh-"
+                                  version ".tar.xz"))
               (sha256
                (base32
-                "17cfdff4hc0ijzrr15biq29fiabafz0bw621zlkbwbc1zh2hzpy0"))
-              (patches (list (search-patch "libssh-CVE-2014-0017.patch")))))))
+                "0b6wyx6bwbb8jpn8x4rhlrdiqwqrwrs0mxjmrnqykm9kw1ijgm8g"))))))
 
 (define-public libssh2
   (package
@@ -255,7 +255,7 @@ Additionally, various channel-specific options can be negotiated.")
                      ("pkg-config" ,pkg-config)
                      ("which" ,which)))
     (inputs `(("guile" ,guile-2.0)
-              ("libssh" ,libssh)
+              ("libssh" ,libssh-0.6)
               ("libgcrypt" ,libgcrypt)))
     (synopsis "Guile bindings to libssh")
     (description
-- 
2.7.1