Debdiff for Yakkety
The vuln has no specific known attack methods so there is no public exploit available. Package tests have passed and I used a somewhat unusual method to explicitly regression test. Package php-ssh2 depends on libssh2.
<?php
$server="ssh.host.name";
// DH Group1 SHA1 uses patched sha1 KEX
$methods = array( 'kex' => 'diffie-hellman-group1-sha1' );
// Make our connection $connection = ssh2_connect($server, 22, $methods);
if (!$connection) die('Connection failed');
$methods_neg = ssh2_methods_negotiated($connection); echo "Keys negotiated with: {$methods_neg['kex']}\n"; echo "Client-to-server uses these methods:\n"; echo " Encryption: {$methods_neg["client_to_server"]["crypt"]}\n"; echo " Compression: {$methods_neg["client_to_server"]["comp"]}\n"; echo "Server-to-client uses these methods:\n"; echo " Encryption: {$methods_neg["server_to_client"]["crypt"]}\n"; echo " Compression: {$methods_neg["server_to_client"]["comp"]}\n";
Debdiff for Yakkety
The vuln has no specific known attack methods so there is no public exploit available. Package tests have passed and I used a somewhat unusual method to explicitly regression test. Package php-ssh2 depends on libssh2.
<?php
$server= "ssh.host. name";
// DH Group1 SHA1 uses patched sha1 KEX
$methods = array( hellman- group1- sha1'
'kex' => 'diffie-
);
// Make our connection $server, 22, $methods);
$connection = ssh2_connect(
if (!$connection) die('Connection failed');
$methods_neg = ssh2_methods_ negotiated( $connection) ; neg['kex' ]}\n"; neg["client_ to_server" ]["crypt" ]}\n"; neg["client_ to_server" ]["comp" ]}\n"; neg["server_ to_client" ]["crypt" ]}\n"; neg["server_ to_client" ]["comp" ]}\n";
echo "Keys negotiated with: {$methods_
echo "Client-to-server uses these methods:\n";
echo " Encryption: {$methods_
echo " Compression: {$methods_
echo "Server-to-client uses these methods:\n";
echo " Encryption: {$methods_
echo " Compression: {$methods_