diff -Nru openssh-7.6p1/debian/changelog openssh-7.6p1/debian/changelog --- openssh-7.6p1/debian/changelog 2022-03-30 09:17:14.000000000 -0400 +++ openssh-7.6p1/debian/changelog 2023-08-04 18:19:23.000000000 -0400 @@ -1,3 +1,14 @@ +openssh (1:7.6p1-4ubuntu0.8~test1) bionic-security; urgency=medium + + * SECURITY UPDATE: information leak in algorithm negotiation (LP: #2030275) + - debian/patches/CVE-2020-14145-mitigation.patch: tweak the client + hostkey preference ordering algorithm in sshconnect2.c. + - Note: This update does not solve CVE-2020-14145, but does mitigate + the issue in the specific scenario where the user has a key that + matches the best-preference default algorithm. + + -- Marc Deslauriers Fri, 04 Aug 2023 18:19:23 -0400 + openssh (1:7.6p1-4ubuntu0.7) bionic; urgency=medium * d/p/fix-connect-timeout-overflow.patch: prevent ConnectTimeout overflow. diff -Nru openssh-7.6p1/debian/patches/CVE-2020-14145-mitigation.patch openssh-7.6p1/debian/patches/CVE-2020-14145-mitigation.patch --- openssh-7.6p1/debian/patches/CVE-2020-14145-mitigation.patch 1969-12-31 19:00:00.000000000 -0500 +++ openssh-7.6p1/debian/patches/CVE-2020-14145-mitigation.patch 2023-08-04 18:00:48.000000000 -0400 @@ -0,0 +1,83 @@ +Backport of: + +From b3855ff053f5078ec3d3c653cdaedefaa5fc362d Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Fri, 18 Sep 2020 05:23:03 +0000 +Subject: upstream: tweak the client hostkey preference ordering algorithm to + +prefer the default ordering if the user has a key that matches the +best-preference default algorithm. + +feedback and ok markus@ + +OpenBSD-Commit-ID: a92dd7d7520ddd95c0a16786a7519e6d0167d35f +--- + sshconnect2.c | 41 ++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 38 insertions(+), 3 deletions(-) + +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -100,12 +100,25 @@ verify_host_key_callback(struct sshkey * + return 0; + } + ++/* Returns the first item from a comma-separated algorithm list */ ++static char * ++first_alg(const char *algs) ++{ ++ char *ret, *cp; ++ ++ ret = xstrdup(algs); ++ if ((cp = strchr(ret, ',')) != NULL) ++ *cp = '\0'; ++ return ret; ++} ++ + static char * + order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) + { +- char *oavail, *avail, *first, *last, *alg, *hostname, *ret; ++ char *oavail = NULL, *avail = NULL, *first = NULL, *last = NULL; ++ char *alg = NULL, *hostname = NULL, *ret = NULL, *best = NULL; + size_t maxlen; +- struct hostkeys *hostkeys; ++ struct hostkeys *hostkeys = NULL; + int ktype; + u_int i; + +@@ -117,6 +130,26 @@ order_hostkeyalgs(char *host, struct soc + for (i = 0; i < options.num_system_hostfiles; i++) + load_hostkeys(hostkeys, hostname, options.system_hostfiles[i]); + ++ /* ++ * If a plain public key exists that matches the type of the best ++ * preference HostkeyAlgorithms, then use the whole list as is. ++ * Note that we ignore whether the best preference algorithm is a ++ * certificate type, as sshconnect.c will downgrade certs to ++ * plain keys if necessary. ++ */ ++ best = first_alg(KEX_DEFAULT_PK_ALG); ++ if (lookup_key_in_hostkeys_by_type(hostkeys, ++ sshkey_type_plain(sshkey_type_from_name(best)), NULL)) { ++ debug3("%s: have matching best-preference key type %s, " ++ "using HostkeyAlgorithms verbatim", __func__, best); ++ ret = xstrdup(KEX_DEFAULT_PK_ALG); ++ goto out; ++ } ++ ++ /* ++ * Otherwise, prefer the host key algorithms that match known keys ++ * while keeping the ordering of HostkeyAlgorithms as much as possible. ++ */ + oavail = avail = xstrdup(KEX_DEFAULT_PK_ALG); + maxlen = strlen(avail) + 1; + first = xmalloc(maxlen); +@@ -145,6 +178,8 @@ order_hostkeyalgs(char *host, struct soc + if (*first != '\0') + debug3("%s: prefer hostkeyalgs: %s", __func__, first); + ++ out: ++ free(best); + free(first); + free(last); + free(hostname); diff -Nru openssh-7.6p1/debian/patches/series openssh-7.6p1/debian/patches/series --- openssh-7.6p1/debian/patches/series 2022-03-30 09:17:14.000000000 -0400 +++ openssh-7.6p1/debian/patches/series 2023-08-04 17:59:17.000000000 -0400 @@ -39,3 +39,4 @@ lp-1863930-Fix-logic-bug-in-sshd_exchange_identification.patch lp1966591-upstream-preserve-group-world-read-permission-on-kno.patch fix-connect-timeout-overflow.patch +CVE-2020-14145-mitigation.patch