timing attack allows attacker to determine valid usernames

Bug #10334 reported by Debian Bug Importer
6
Affects Status Importance Assigned to Milestone
openssh (Debian)
Fix Released
Unknown
openssh (Ubuntu)
Fix Released
High
Colin Watson

Bug Description

Automatically imported from Debian bug report #281595 http://bugs.debian.org/281595

CVE References

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #281595 http://bugs.debian.org/281595

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Tue, 16 Nov 2004 15:11:07 -0500
From: Joey Hess <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: timing attack allows attacker to determine valid usernames

--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Package: ssh
Version: 1:3.8.1p1-8.sarge.2
Severity: serious
Tags: security

CAN-2003-0190 describes a flaw in ssh's password prompt timing which
makes it easy for an attacker to determine if a username exists on a
machine. I've checked and testing and unstable's versions of ssh are
vulnerable. Details and some fixes are in this message:
http://marc.theaimsgroup.com/?l=3Dbugtraq&m=3D105172058404810&w=3D2

Feel free to downgrade this bug if you don't feel it's a real security
problem or not RC. I assume upstream must not, since the problem has not
been fixed in over a year. Of course, upstream problably doesn't use ssh
in the vulnerable configuration, with pam.

--=20
see shy jo

--VS++wcV0S1rZb1Fb
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBml7bd8HHehbQuO8RAhQdAJ9vX7qqeX/o1omjdtICaEq9lwXhiACfaNou
1vS3O884o0cblm2Er0ryN/o=
=U6Mq
-----END PGP SIGNATURE-----

--VS++wcV0S1rZb1Fb--

Revision history for this message
In , Colin Watson (cjwatson) wrote : Re: Bug#281595: timing attack allows attacker to determine valid usernames

On Tue, Nov 16, 2004 at 03:11:07PM -0500, Joey Hess wrote:
> Package: ssh
> Version: 1:3.8.1p1-8.sarge.2
> Severity: serious
> Tags: security
>
> CAN-2003-0190 describes a flaw in ssh's password prompt timing which
> makes it easy for an attacker to determine if a username exists on a
> machine. I've checked and testing and unstable's versions of ssh are
> vulnerable. Details and some fixes are in this message:
> http://marc.theaimsgroup.com/?l=bugtraq&m=105172058404810&w=2
>
> Feel free to downgrade this bug if you don't feel it's a real security
> problem or not RC. I assume upstream must not, since the problem has not
> been fixed in over a year. Of course, upstream problably doesn't use ssh
> in the vulnerable configuration, with pam.

I think it's been somewhat fixed upstream (where upstream == portable),
actually:

20040530
 [...]
 - (dtucker) [auth-pam.c] Use an invalid password for root if
   PermitRootLogin != yes or the login is invalid, to prevent leaking
   information. Based on Openwall's owl-always-auth patch. ok djm@

However, that's only PAM password authentication, and
keyboard-interactive is relevant too. Darren, do you happen to know if
kbdint has been fixed in the same way in 3.9p1? I don't see anything
obvious in CVS.

Thanks,

--
Colin Watson [<email address hidden>]

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 19 Nov 2004 13:45:33 +0000
From: Colin Watson <email address hidden>
To: Joey Hess <email address hidden>, <email address hidden>
Cc: Darren Tucker <email address hidden>
Subject: Re: Bug#281595: timing attack allows attacker to determine valid usernames

On Tue, Nov 16, 2004 at 03:11:07PM -0500, Joey Hess wrote:
> Package: ssh
> Version: 1:3.8.1p1-8.sarge.2
> Severity: serious
> Tags: security
>
> CAN-2003-0190 describes a flaw in ssh's password prompt timing which
> makes it easy for an attacker to determine if a username exists on a
> machine. I've checked and testing and unstable's versions of ssh are
> vulnerable. Details and some fixes are in this message:
> http://marc.theaimsgroup.com/?l=bugtraq&m=105172058404810&w=2
>
> Feel free to downgrade this bug if you don't feel it's a real security
> problem or not RC. I assume upstream must not, since the problem has not
> been fixed in over a year. Of course, upstream problably doesn't use ssh
> in the vulnerable configuration, with pam.

I think it's been somewhat fixed upstream (where upstream == portable),
actually:

20040530
 [...]
 - (dtucker) [auth-pam.c] Use an invalid password for root if
   PermitRootLogin != yes or the login is invalid, to prevent leaking
   information. Based on Openwall's owl-always-auth patch. ok djm@

However, that's only PAM password authentication, and
keyboard-interactive is relevant too. Darren, do you happen to know if
kbdint has been fixed in the same way in 3.9p1? I don't see anything
obvious in CVS.

Thanks,

--
Colin Watson [<email address hidden>]

Revision history for this message
In , Darren Tucker (dtucker) wrote :

Colin Watson wrote:
> 20040530
> [...]
> - (dtucker) [auth-pam.c] Use an invalid password for root if
> PermitRootLogin != yes or the login is invalid, to prevent leaking
> information. Based on Openwall's owl-always-auth patch. ok djm@
>
> However, that's only PAM password authentication, and
> keyboard-interactive is relevant too. Darren, do you happen to know if
> kbdint has been fixed in the same way in 3.9p1? I don't see anything
> obvious in CVS.

No, it's not fixed in 3.9p1.

The problem is not exactly the same, though. In this case, it's partly
because the keyboard-interactive code doesn't call the kbdint driver at
all in this case. The first attached patch ought to fix that.

With that fixed, a change to the PAM code is required because it will
complete for a real user with their real password if, eg they are listed
in DenyUsers. This will result in the PAM code getting out of sync with
the kbdint code, resulting in the authentication hanging. The second
patch ought to fix that.

I haven't done much testing of either patch, so please let me know how
they go.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (4.4 KiB)

Message-ID: <email address hidden>
Date: Sat, 20 Nov 2004 13:51:55 +1100
From: Darren Tucker <email address hidden>
To: Colin Watson <email address hidden>
CC: Joey Hess <email address hidden>, <email address hidden>
Subject: Re: Bug#281595: timing attack allows attacker to determine valid
 usernames

--------------070401050908060001080903
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Colin Watson wrote:
> 20040530
> [...]
> - (dtucker) [auth-pam.c] Use an invalid password for root if
> PermitRootLogin != yes or the login is invalid, to prevent leaking
> information. Based on Openwall's owl-always-auth patch. ok djm@
>
> However, that's only PAM password authentication, and
> keyboard-interactive is relevant too. Darren, do you happen to know if
> kbdint has been fixed in the same way in 3.9p1? I don't see anything
> obvious in CVS.

No, it's not fixed in 3.9p1.

The problem is not exactly the same, though. In this case, it's partly
because the keyboard-interactive code doesn't call the kbdint driver at
all in this case. The first attached patch ought to fix that.

With that fixed, a change to the PAM code is required because it will
complete for a real user with their real password if, eg they are listed
in DenyUsers. This will result in the PAM code getting out of sync with
the kbdint code, resulting in the authentication hanging. The second
patch ought to fix that.

I haven't done much testing of either patch, so please let me know how
they go.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

--------------070401050908060001080903
Content-Type: text/plain;
 name="openbsd-sshd-kbdint-leak.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="openbsd-sshd-kbdint-leak.patch"

Index: auth2-chall.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/auth2-chall.c,v
retrieving revision 1.21
diff -u -p -r1.21 auth2-chall.c
--- auth2-chall.c 1 Jun 2004 14:20:45 -0000 1.21
+++ auth2-chall.c 6 Jul 2004 12:13:10 -0000
@@ -268,12 +268,9 @@ input_userauth_info_response(int type, u
  }
  packet_check_eom();

- if (authctxt->valid) {
- res = kbdintctxt->device->respond(kbdintctxt->ctxt,
- nresp, response);
- } else {
- res = -1;
- }
+ res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);
+ if (!authctxt->valid)
+ res = 1; /* keep going if login invalid */

  for (i = 0; i < nresp; i++) {
   memset(response[i], 'r', strlen(response[i]));
@@ -285,7 +282,7 @@ input_userauth_info_response(int type, u
  switch (res) {
  case 0:
   /* Success! */
- authenticated = 1;
+ authenticated = authctxt->valid ? 1 : 0;
   break;
  case 1:
   /* Authentication needs further interaction */

--------------070401050908060001080903
Content-Type: text/plain;
 name="openssh-pam-kbdint-leak.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="openssh-pam-kbdint-leak.patch"

Index: auth-pam.c
============================...

Read more...

Revision history for this message
In , Colin Watson (cjwatson) wrote :

On Sat, Nov 20, 2004 at 01:51:55PM +1100, Darren Tucker wrote:
> No, it's not fixed in 3.9p1.
>
> The problem is not exactly the same, though. In this case, it's partly
> because the keyboard-interactive code doesn't call the kbdint driver at
> all in this case. The first attached patch ought to fix that.
>
> With that fixed, a change to the PAM code is required because it will
> complete for a real user with their real password if, eg they are listed
> in DenyUsers. This will result in the PAM code getting out of sync with
> the kbdint code, resulting in the authentication hanging. The second
> patch ought to fix that.
>
> I haven't done much testing of either patch, so please let me know how
> they go.

Thanks for this. I've backported these to 3.8.1p1, which didn't have PAM
PasswordAuthentication; the patch is attached. It seems to work for me.
After a bit more testing I'll upload this to unstable.

Cheers,

--
Colin Watson [<email address hidden>]

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (4.2 KiB)

Message-ID: <email address hidden>
Date: Sat, 27 Nov 2004 17:26:50 +0000
From: Colin Watson <email address hidden>
To: Darren Tucker <email address hidden>
Cc: Joey Hess <email address hidden>, <email address hidden>
Subject: Re: Bug#281595: timing attack allows attacker to determine valid usernames

--SLDf9lqlvOQaIe6s
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Sat, Nov 20, 2004 at 01:51:55PM +1100, Darren Tucker wrote:
> No, it's not fixed in 3.9p1.
>
> The problem is not exactly the same, though. In this case, it's partly
> because the keyboard-interactive code doesn't call the kbdint driver at
> all in this case. The first attached patch ought to fix that.
>
> With that fixed, a change to the PAM code is required because it will
> complete for a real user with their real password if, eg they are listed
> in DenyUsers. This will result in the PAM code getting out of sync with
> the kbdint code, resulting in the authentication hanging. The second
> patch ought to fix that.
>
> I haven't done much testing of either patch, so please let me know how
> they go.

Thanks for this. I've backported these to 3.8.1p1, which didn't have PAM
PasswordAuthentication; the patch is attached. It seems to work for me.
After a bit more testing I'll upload this to unstable.

Cheers,

--
Colin Watson [<email address hidden>]

--SLDf9lqlvOQaIe6s
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="openssh-kbdint-authfix.patch"

Index: auth-pam.c
===================================================================
RCS file: /home/cjwatson/cvs/openssh/openssh/auth-pam.c,v
retrieving revision 1.10
diff -p -u -r1.10 auth-pam.c
--- auth-pam.c 10 Jul 2004 12:36:49 -0000 1.10
+++ auth-pam.c 27 Nov 2004 17:25:56 -0000
@@ -169,6 +169,7 @@ static int sshpam_cred_established = 0;
 static int sshpam_account_status = -1;
 static char **sshpam_env = NULL;
 static Authctxt *sshpam_authctxt = NULL;
+static char badpw[] = "\b\n\r\177INCORRECT";

 /* Some PAM implementations don't implement this */
 #ifndef HAVE_PAM_GETENVLIST
@@ -644,7 +645,10 @@ sshpam_respond(void *ctx, u_int num, cha
   return (-1);
  }
  buffer_init(&buffer);
- buffer_put_cstring(&buffer, *resp);
+ if (sshpam_authctxt->valid)
+ buffer_put_cstring(&buffer, *resp);
+ else
+ buffer_put_cstring(&buffer, badpw);
  if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) {
   buffer_free(&buffer);
   return (-1);
Index: auth2-chall.c
===================================================================
RCS file: /home/cjwatson/cvs/openssh/openssh/auth2-chall.c,v
retrieving revision 1.1.1.3
diff -p -u -r1.1.1.3 auth2-chall.c
--- auth2-chall.c 17 Sep 2003 00:31:55 -0000 1.1.1.3
+++ auth2-chall.c 27 Nov 2004 17:25:57 -0000
@@ -275,12 +275,9 @@ input_userauth_info_response(int type, u
  }
  packet_check_eom();

- if (authctxt->valid) {
- res = kbdintctxt->device->respond(kbdintctxt->ctxt,
- nresp, response);
- } else {
- res = -1;
- }
+ res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);
+ if (!authctxt->valid)
+ res = 1; /* keep going if login invalid */

  for (...

Read more...

Revision history for this message
In , Colin Watson (cjwatson) wrote :

On Sat, Nov 27, 2004 at 05:26:50PM +0000, Colin Watson wrote:
> On Sat, Nov 20, 2004 at 01:51:55PM +1100, Darren Tucker wrote:
> > No, it's not fixed in 3.9p1.
> >
> > The problem is not exactly the same, though. In this case, it's partly
> > because the keyboard-interactive code doesn't call the kbdint driver at
> > all in this case. The first attached patch ought to fix that.
> >
> > With that fixed, a change to the PAM code is required because it will
> > complete for a real user with their real password if, eg they are listed
> > in DenyUsers. This will result in the PAM code getting out of sync with
> > the kbdint code, resulting in the authentication hanging. The second
> > patch ought to fix that.
> >
> > I haven't done much testing of either patch, so please let me know how
> > they go.
>
> Thanks for this. I've backported these to 3.8.1p1, which didn't have PAM
> PasswordAuthentication; the patch is attached. It seems to work for me.
> After a bit more testing I'll upload this to unstable.

Here's a further patch on top of your openssh-pam-kbdint-leak.patch
which makes sure that attempted root logins when PermitRootLogin is not
set to yes always have the same delay (Debian bug #248747). It's the
same as you did for PAM PasswordAuthentication.

Cheers,

--
Colin Watson [<email address hidden>]

Revision history for this message
In , Colin Watson (cjwatson) wrote :

On Sun, Nov 28, 2004 at 12:37:11PM +0000, Colin Watson wrote:
> On Sat, Nov 27, 2004 at 05:26:50PM +0000, Colin Watson wrote:
> > Thanks for this. I've backported these to 3.8.1p1, which didn't have PAM
> > PasswordAuthentication; the patch is attached. It seems to work for me.
> > After a bit more testing I'll upload this to unstable.
>
> Here's a further patch on top of your openssh-pam-kbdint-leak.patch
> which makes sure that attempted root logins when PermitRootLogin is not
> set to yes always have the same delay (Debian bug #248747). It's the
> same as you did for PAM PasswordAuthentication.

... how about I actually attach it?

--
Colin Watson [<email address hidden>]

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Sun, 28 Nov 2004 12:37:11 +0000
From: Colin Watson <email address hidden>
To: Darren Tucker <email address hidden>
Cc: Joey Hess <email address hidden>, <email address hidden>,
 <email address hidden>
Subject: Re: Bug#281595: timing attack allows attacker to determine valid usernames

On Sat, Nov 27, 2004 at 05:26:50PM +0000, Colin Watson wrote:
> On Sat, Nov 20, 2004 at 01:51:55PM +1100, Darren Tucker wrote:
> > No, it's not fixed in 3.9p1.
> >
> > The problem is not exactly the same, though. In this case, it's partly
> > because the keyboard-interactive code doesn't call the kbdint driver at
> > all in this case. The first attached patch ought to fix that.
> >
> > With that fixed, a change to the PAM code is required because it will
> > complete for a real user with their real password if, eg they are listed
> > in DenyUsers. This will result in the PAM code getting out of sync with
> > the kbdint code, resulting in the authentication hanging. The second
> > patch ought to fix that.
> >
> > I haven't done much testing of either patch, so please let me know how
> > they go.
>
> Thanks for this. I've backported these to 3.8.1p1, which didn't have PAM
> PasswordAuthentication; the patch is attached. It seems to work for me.
> After a bit more testing I'll upload this to unstable.

Here's a further patch on top of your openssh-pam-kbdint-leak.patch
which makes sure that attempted root logins when PermitRootLogin is not
set to yes always have the same delay (Debian bug #248747). It's the
same as you did for PAM PasswordAuthentication.

Cheers,

--
Colin Watson [<email address hidden>]

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Sun, 28 Nov 2004 12:52:14 +0000
From: Colin Watson <email address hidden>
To: Darren Tucker <email address hidden>
Cc: Joey Hess <email address hidden>, <email address hidden>,
 <email address hidden>
Subject: Re: Bug#281595: timing attack allows attacker to determine valid usernames

--G4iJoqBmSsgzjUCe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Sun, Nov 28, 2004 at 12:37:11PM +0000, Colin Watson wrote:
> On Sat, Nov 27, 2004 at 05:26:50PM +0000, Colin Watson wrote:
> > Thanks for this. I've backported these to 3.8.1p1, which didn't have PAM
> > PasswordAuthentication; the patch is attached. It seems to work for me.
> > After a bit more testing I'll upload this to unstable.
>
> Here's a further patch on top of your openssh-pam-kbdint-leak.patch
> which makes sure that attempted root logins when PermitRootLogin is not
> set to yes always have the same delay (Debian bug #248747). It's the
> same as you did for PAM PasswordAuthentication.

... how about I actually attach it?

--
Colin Watson [<email address hidden>]

--G4iJoqBmSsgzjUCe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="openssh-root-delay.patch"

Index: auth-pam.c
===================================================================
RCS file: /home/cjwatson/cvs/openssh/openssh/auth-pam.c,v
retrieving revision 1.11
diff -p -u -r1.11 auth-pam.c
--- auth-pam.c 28 Nov 2004 12:31:03 -0000 1.11
+++ auth-pam.c 28 Nov 2004 12:33:20 -0000
@@ -645,7 +645,9 @@ sshpam_respond(void *ctx, u_int num, cha
   return (-1);
  }
  buffer_init(&buffer);
- if (sshpam_authctxt->valid)
+ if (sshpam_authctxt->valid &&
+ (sshpam_authctxt->pw->pw_uid != 0 ||
+ options.permit_root_login == PERMIT_YES))
   buffer_put_cstring(&buffer, *resp);
  else
   buffer_put_cstring(&buffer, badpw);

--G4iJoqBmSsgzjUCe--

Revision history for this message
In , Colin Watson (cjwatson) wrote : Bug#281595: fixed in openssh 1:3.8.1p1-8.sarge.4
Download full text (3.3 KiB)

Source: openssh
Source-Version: 1:3.8.1p1-8.sarge.4

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:

openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
  to pool/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
  to pool/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
openssh_3.8.1p1-8.sarge.4.diff.gz
  to pool/main/o/openssh/openssh_3.8.1p1-8.sarge.4.diff.gz
openssh_3.8.1p1-8.sarge.4.dsc
  to pool/main/o/openssh/openssh_3.8.1p1-8.sarge.4.dsc
ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
  to pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
ssh_3.8.1p1-8.sarge.4_powerpc.deb
  to pool/main/o/openssh/ssh_3.8.1p1-8.sarge.4_powerpc.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <email address hidden> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 28 Nov 2004 12:37:16 +0000
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server-udeb
Architecture: source powerpc
Version: 1:3.8.1p1-8.sarge.4
Distribution: unstable
Urgency: high
Maintainer: Matthew Vernon <email address hidden>
Changed-By: Colin Watson <email address hidden>
Description:
 openssh-client-udeb - Secure shell client for the Debian installer (udeb)
 openssh-server-udeb - Secure shell server for the Debian installer (udeb)
 ssh - Secure rlogin/rsh/rcp replacement (OpenSSH)
 ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 248747 281595
Changes:
 openssh (1:3.8.1p1-8.sarge.4) unstable; urgency=high
 .
   * Fix timing information leak allowing discovery of invalid usernames in
     PAM keyboard-interactive authentication (backported from a patch by
     Darren Tucker; closes: #281595).
   * Make sure that there's a delay in PAM keyboard-interactive
     authentication when PermitRootLogin is not set to yes and the correct
     root password is entered (closes: #248747).
Files:
 8ad7931d85460ac1f9a2971e708d1d65 906 net standard openssh_3.8.1p1-8.sarge.4.dsc
 187b8455948c188c97c3bfba92120e51 155885 net standard openssh_3.8.1p1-8.sarge.4.diff.gz
 ef7b58119f1f6d1bc0efd10412df2235 737276 net standard ssh_3.8.1p1-8.sarge.4_powerpc.deb
 70e71d02d5370a22da119f47b492a4dc 52728 gnome optional ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
 cb5fd04403ea907c8be066b620ed906a 151080 debian-installer optional openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
 9cd11fbcd1bcf3e2c06b78721a727dea 160092 debian-installer optional openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG ...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (3.5 KiB)

Message-Id: <email address hidden>
Date: Sun, 28 Nov 2004 09:32:17 -0500
From: Colin Watson <email address hidden>
To: <email address hidden>
Subject: Bug#281595: fixed in openssh 1:3.8.1p1-8.sarge.4

Source: openssh
Source-Version: 1:3.8.1p1-8.sarge.4

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:

openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
  to pool/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
  to pool/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.4_powerpc.udeb
openssh_3.8.1p1-8.sarge.4.diff.gz
  to pool/main/o/openssh/openssh_3.8.1p1-8.sarge.4.diff.gz
openssh_3.8.1p1-8.sarge.4.dsc
  to pool/main/o/openssh/openssh_3.8.1p1-8.sarge.4.dsc
ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
  to pool/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
ssh_3.8.1p1-8.sarge.4_powerpc.deb
  to pool/main/o/openssh/ssh_3.8.1p1-8.sarge.4_powerpc.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <email address hidden> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 28 Nov 2004 12:37:16 +0000
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server-udeb
Architecture: source powerpc
Version: 1:3.8.1p1-8.sarge.4
Distribution: unstable
Urgency: high
Maintainer: Matthew Vernon <email address hidden>
Changed-By: Colin Watson <email address hidden>
Description:
 openssh-client-udeb - Secure shell client for the Debian installer (udeb)
 openssh-server-udeb - Secure shell server for the Debian installer (udeb)
 ssh - Secure rlogin/rsh/rcp replacement (OpenSSH)
 ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 248747 281595
Changes:
 openssh (1:3.8.1p1-8.sarge.4) unstable; urgency=high
 .
   * Fix timing information leak allowing discovery of invalid usernames in
     PAM keyboard-interactive authentication (backported from a patch by
     Darren Tucker; closes: #281595).
   * Make sure that there's a delay in PAM keyboard-interactive
     authentication when PermitRootLogin is not set to yes and the correct
     root password is entered (closes: #248747).
Files:
 8ad7931d85460ac1f9a2971e708d1d65 906 net standard openssh_3.8.1p1-8.sarge.4.dsc
 187b8455948c188c97c3bfba92120e51 155885 net standard openssh_3.8.1p1-8.sarge.4.diff.gz
 ef7b58119f1f6d1bc0efd10412df2235 737276 net standard ssh_3.8.1p1-8.sarge.4_powerpc.deb
 70e71d02d5370a22da119f47b492a4dc 52728 gnome optional ssh-askpass-gnome_3.8.1p1-8.sarge.4_powerpc.deb
 cb5fd04403ea907c8be066b620ed906a 151080 debian-installer op...

Read more...

Revision history for this message
In , Colin Watson (cjwatson) wrote : Fixed in upload of openssh 1:3.8.1p1-14 to experimental

tag 248747 + fixed-in-experimental
tag 281595 + fixed-in-experimental

quit

This message was generated automatically in response to an
upload to the experimental distribution. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 28 Nov 2004 18:09:37 +0000
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb
Architecture: source powerpc all
Version: 1:3.8.1p1-14
Distribution: experimental
Urgency: low
Maintainer: Matthew Vernon <email address hidden>
Changed-By: Colin Watson <email address hidden>
Description:
 openssh-client - Secure shell client, an rlogin/rsh/rcp replacement
 openssh-client-udeb - Secure shell client for the Debian installer (udeb)
 openssh-server - Secure shell server, an rshd replacement
 openssh-server-udeb - Secure shell server for the Debian installer (udeb)
 ssh - Secure shell client and server (transitional package)
 ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 248747 281595
Changes:
 openssh (1:3.8.1p1-14) experimental; urgency=low
 .
   * We use DH_COMPAT=2, so build-depend on debhelper (>= 2).
   * Fix timing information leak allowing discovery of invalid usernames in
     PAM keyboard-interactive authentication (backported from a patch by
     Darren Tucker; closes: #281595).
   * Make sure that there's a delay in PAM keyboard-interactive
     authentication when PermitRootLogin is not set to yes and the correct
     root password is entered (closes: #248747).
Files:
 7f92eb12092978592f10bd7d97cf0904 920 net standard openssh_3.8.1p1-14.dsc
 6f21d2b109d0e9c0e8f2f201fdc686a8 147003 net standard openssh_3.8.1p1-14.diff.gz
 112790dd3da1930bb7246fe5d864e70c 520886 net standard openssh-client_3.8.1p1-14_powerpc.deb
 4e94f0941d476601e971d96d72a90f9d 259846 net optional openssh-server_3.8.1p1-14_powerpc.deb
 b2207bcaf70a8de016946c5f9e2f4024 29874 net optional ssh_3.8.1p1-14_all.deb
 a901c6976460b152217cfee42a859e83 54266 gnome optional ssh-askpass-gnome_3.8.1p1-14_powerpc.deb
 67235e32630c6929a0f96e1b267148bd 151044 debian-installer optional openssh-client-udeb_3.8.1p1-14_powerpc.udeb
 c2e81d377b8164d749d95da9e166b72e 160088 debian-installer optional openssh-server-udeb_3.8.1p1-14_powerpc.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Colin Watson <email address hidden> -- Debian developer

iD8DBQFBqhZg9t0zAhD6TNERAtQNAJ47O+5hhyIFAS7ixqi63NXSX/WrqQCfarS+
ziSLHeWBDfeaXDLE0RxPfEI=
=8sSx
-----END PGP SIGNATURE-----

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Sun, 28 Nov 2004 13:32:07 -0500
From: Colin Watson <email address hidden>
To: <email address hidden>
Cc: Colin Watson <email address hidden>, Matthew Vernon <email address hidden>
Subject: Fixed in upload of openssh 1:3.8.1p1-14 to experimental

tag 248747 + fixed-in-experimental
tag 281595 + fixed-in-experimental

quit

This message was generated automatically in response to an
upload to the experimental distribution. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 28 Nov 2004 18:09:37 +0000
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server openssh-client openssh-server-udeb
Architecture: source powerpc all
Version: 1:3.8.1p1-14
Distribution: experimental
Urgency: low
Maintainer: Matthew Vernon <email address hidden>
Changed-By: Colin Watson <email address hidden>
Description:
 openssh-client - Secure shell client, an rlogin/rsh/rcp replacement
 openssh-client-udeb - Secure shell client for the Debian installer (udeb)
 openssh-server - Secure shell server, an rshd replacement
 openssh-server-udeb - Secure shell server for the Debian installer (udeb)
 ssh - Secure shell client and server (transitional package)
 ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 248747 281595
Changes:
 openssh (1:3.8.1p1-14) experimental; urgency=low
 .
   * We use DH_COMPAT=2, so build-depend on debhelper (>= 2).
   * Fix timing information leak allowing discovery of invalid usernames in
     PAM keyboard-interactive authentication (backported from a patch by
     Darren Tucker; closes: #281595).
   * Make sure that there's a delay in PAM keyboard-interactive
     authentication when PermitRootLogin is not set to yes and the correct
     root password is entered (closes: #248747).
Files:
 7f92eb12092978592f10bd7d97cf0904 920 net standard openssh_3.8.1p1-14.dsc
 6f21d2b109d0e9c0e8f2f201fdc686a8 147003 net standard openssh_3.8.1p1-14.diff.gz
 112790dd3da1930bb7246fe5d864e70c 520886 net standard openssh-client_3.8.1p1-14_powerpc.deb
 4e94f0941d476601e971d96d72a90f9d 259846 net optional openssh-server_3.8.1p1-14_powerpc.deb
 b2207bcaf70a8de016946c5f9e2f4024 29874 net optional ssh_3.8.1p1-14_all.deb
 a901c6976460b152217cfee42a859e83 54266 gnome optional ssh-askpass-gnome_3.8.1p1-14_powerpc.deb
 67235e32630c6929a0f96e1b267148bd 151044 debian-installer optional openssh-client-udeb_3.8.1p1-14_powerpc.udeb
 c2e81d377b8164d749d95da9e166b72e 160088 debian-installer optional openssh-server-udeb_3.8.1p1-14_powerpc.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Colin Watson <email address hidden> -- Debian developer

iD8DBQFBqhZg9t0zAhD6TNERAtQNAJ47O+5hhyIFAS7ixqi63NXSX/WrqQCfarS+
ziSLHeWBDfeaXDLE0RxPfEI=
=8sSx
-----END PGP SIGNATURE-----

Revision history for this message
Colin Watson (cjwatson) wrote :

openssh (1:3.8.1p1-14ubuntu1) hoary; urgency=low

  * Resynchronise with Debian.

 -- Colin Watson <email address hidden> Mon, 29 Nov 2004 11:27:15 +0000

openssh (1:3.8.1p1-14) experimental; urgency=low

  * We use DH_COMPAT=2, so build-depend on debhelper (>= 2).
  * Fix timing information leak allowing discovery of invalid usernames in
    PAM keyboard-interactive authentication (backported from a patch by
    Darren Tucker; closes: #281595).
  * Make sure that there's a delay in PAM keyboard-interactive
    authentication when PermitRootLogin is not set to yes and the correct
    root password is entered (closes: #248747).

 -- Colin Watson <email address hidden> Sun, 28 Nov 2004 18:09:37 +0000

Changed in openssh:
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.