Bug 16617

I just fixed this regression in the CVE-2015-5600 OpenSSH update for Mageia 4:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1485719

Apparently it doesn't affect 6.5p1 and newer (so Mageia 5 is fine).

Updated packages in core/updates_testing:
========================
openssh-6.2p2-3.6.mga4
openssh-clients-6.2p2-3.6.mga4
openssh-server-6.2p2-3.6.mga4
openssh-askpass-common-6.2p2-3.6.mga4
openssh-askpass-6.2p2-3.6.mga4
openssh-askpass-gnome-6.2p2-3.6.mga4
openssh-ldap-6.2p2-3.6.mga4

from openssh-6.2p2-3.6.mga4.src.rpm

Could connect to a server using the updated packages, and after restarting the server on my computer, connect to it from another computer.

Mageia 4 64.

Whiteboard: MGA4TOO => MGA4TOO MGA4-64-OK

(In reply to Samuel VERSCHELDE from comment #2)
> Could connect to a server using the updated packages, and after restarting
> the server on my computer, connect to it from another computer.
> 
> Mageia 4 64.

Oops, that was with 5.mga4 and not 6.mga4. Will wait for my mirror to sync.

Whiteboard: MGA4TOO MGA4-64-OK => MGA4TOO

In VirtualBox, M4, KDE, 32-bit

Package(s) under test:
openssh openssh-clients openssh-server

default install of openssh openssh-clients & openssh-server

[root@localhost wilcal]# urpmi openssh
Package openssh-6.2p2-3.4.mga4.i586 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.2p2-3.4.mga4.i586 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.2p2-3.4.mga4.i586 is already installed

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh -oKbdInteractiveDevices=`perl -e 'print "pam," x 10000'` wilcal@192.168.1.140
Warning: Permanently added '192.168.1.140' (RSA) to the list of known hosts.
2nd time:
[wilcal@localhost ~]$ ssh -oKbdInteractiveDevices=`perl -e 'print "pam," x 10000'` wilcal@192.168.1.140
Password: 
Last login: Fri Aug 21 07:03:34 2015 from unknownfcaa149b0480.attlocal.net


install openssh openssh-clients & openssh-server from updates_testing

[root@localhost wilcal]# urpmi openssh
Package openssh-6.2p2-3.6.mga4.i586 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.2p2-3.6.mga4.i586 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.2p2-3.6.mga4.i586 is already installed
In user terminal on another M5 system on the LAN:
ssh -oKbdInteractiveDevices=`perl -e 'print "pam," x 10000' wilcal@192.168.1.140

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh wilcal@192.168.1.140
Password: xxx
logs in just fine

CC: (none) => wilcal.int

In VirtualBox, M4, KDE, 64-bit

Package(s) under test:
openssh openssh-clients openssh-server

default install of openssh openssh-clients & openssh-server

[root@localhost wilcal]# urpmi openssh
Package openssh-6.2p2-3.4.mga4.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.2p2-3.4.mga4.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.2p2-3.4.mga4.x86_64 is already installed

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh wilcal@192.168.1.142
wilcal@192.168.1.142's password: 
Last login: Fri Aug 21 07:30:21 2015 from unknownfcaa149b0480.attlocal.net

install openssh openssh-clients & openssh-server from updates_testing

[root@localhost wilcal]# urpmi openssh
Package openssh-6.2p2-3.6.mga4.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.2p2-3.6.mga4.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.2p2-3.6.mga4.x86_64 is already installed

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh wilcal@192.168.1.142
Password: 
Last login: Fri Aug 21 07:39:32 2015 from unknownfcaa149b0480.attlocal.net

In VirtualBox, M5, KDE, 32-bit

Package(s) under test:
openssh openssh-clients openssh-server

default install of openssh openssh-clients & openssh-server

[root@localhost wilcal]# urpmi openssh
Package openssh-6.6p1-5.3.mga5.i586 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.6p1-5.3.mga5.i586 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.6p1-5.3.mga5.i586 is already installed

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh wilcal@192.168.1.143
Password: 
Last login: Fri Aug 21 07:53:14 2015 from unknownfcaa149b0480.attlocal.net
works

install openssh openssh-clients & openssh-server from updates_testing

[root@localhost wilcal]# urpmi openssh
Package openssh-6.6p1-5.5.mga5.i586 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.6p1-5.5.mga5.i586 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.6p1-5.5.mga5.i586 is already installed

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh wilcal@192.168.1.143
Password: 
Last login: Fri Aug 21 07:39:32 2015 from unknownfcaa149b0480.attlocal.net
works

Whiteboard: MGA4TOO MGA4-32-OK MGA4-64-OK => MGA4TOO MGA4-32-OK MGA4-64-OK MGA5-32-OK

In VirtualBox, M5, KDE, 64-bit

Package(s) under test:
openssh openssh-clients openssh-server

default install of openssh openssh-clients & openssh-server

[root@localhost wilcal]# urpmi openssh
Package openssh-6.6p1-5.3.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.6p1-5.3.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.6p1-5.3.mga5.x86_64 is already installed

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh wilcal@192.168.1.141
Password: xxx
Last login: Fri Aug 21 08:11:48 2015 from unknownfcaa149b0480.attlocal.net
works

install openssh openssh-clients & openssh-server from updates_testing

[root@localhost wilcal]# urpmi openssh
Package openssh-6.6p1-5.5.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-clients
Package openssh-clients-6.6p1-5.5.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi openssh-server
Package openssh-server-6.6p1-5.5.mga5.x86_64 is already installed

Putty can connect to localhost
Putty can connect to an external ssh server on the LAN
Putty on another M5 system on the LAN can connect back to the Vbox client under test
"ssh-keygen -t rsa" command generates a public and private key
In user terminal on another M5 system on the LAN:
[wilcal@localhost ~]$ ssh wilcal@192.168.1.141
Password: xxx
Last login: Fri Aug 21 08:18:17 2015 from unknownfcaa149b0480.attlocal.net
works

This looks good to go David. What you say?

Yep, ship it.

Validating then.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0321.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

CVEs have finally been assigned:
http://openwall.com/lists/oss-security/2015/08/22/1

Can someone update the advisory in SVN?

Advisory:
========================

Updated openssh packages fix security vulnerabilities:

Privilege seaparation weakness related to PAM support allowing the attacker to
impersonate other users was found in openssh package. Attackers who could
successfully compromise the pre-authentication process for remote code
execution and who had valid credentials on the host could impersonate other
users (CVE-2015-6563).

Use-after-free bug was found in openssh package. The vulnerability is
exploitable by attackers who could compromise the pre-authentication process
for remote code execution (CVE-2015-6564).

References:
http://openwall.com/lists/oss-security/2015/08/22/1
https://lists.fedoraproject.org/pipermail/package-announce/2015-August/164224.html

Summary: openssh new security issues fixed upstream in 7.0 => openssh new security issues fixed upstream in 7.0 (CVE-2015-6563 and CVE-2015-6564)