gnu: Remove unused patch.
This is a followup to 6f9d5b2e8c
.
* gnu/packages/patches/libssh-0.6.5-CVE-2016-0739.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This commit is contained in:
parent
9c66b88543
commit
b01a89854b
|
@ -692,7 +692,6 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/libmad-frame-length.patch \
|
||||
%D%/packages/patches/libmad-mips-newgcc.patch \
|
||||
%D%/packages/patches/libpng-CVE-2016-10087.patch \
|
||||
%D%/packages/patches/libssh-0.6.5-CVE-2016-0739.patch \
|
||||
%D%/packages/patches/libtar-CVE-2013-4420.patch \
|
||||
%D%/packages/patches/libtheora-config-guess.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-10092.patch \
|
||||
|
|
|
@ -1,77 +0,0 @@
|
|||
Fix CVE-2016-0739 (Weak Diffie-Hellman secret generation in
|
||||
dh_generate_x() and dh_generate_y()).
|
||||
|
||||
"Due to a byte/bit confusion, the DH secret was too short. This file was
|
||||
completely reworked and will be commited in a future version."
|
||||
Source:
|
||||
https://git.libssh.org/projects/libssh.git/commit/?id=f8d0026c65fc8a55748ae481758e2cf376c26c86
|
||||
|
||||
This patch was created by upstream for libssh-0.7.3, but applied without
|
||||
modification to libssh-0.6.3 by Debian. In Guix, we apply it without
|
||||
modification to libssh-0.6.5.
|
||||
|
||||
References:
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0739
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
|
||||
https://security-tracker.debian.org/tracker/CVE-2016-0739
|
||||
|
||||
---
|
||||
src/dh.c | 22 +++++++++++++++++-----
|
||||
1 file changed, 17 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/dh.c b/src/dh.c
|
||||
index e489a1d..d27b66e 100644
|
||||
--- a/src/dh.c
|
||||
+++ b/src/dh.c
|
||||
@@ -227,15 +227,21 @@ void ssh_crypto_finalize(void) {
|
||||
}
|
||||
|
||||
int dh_generate_x(ssh_session session) {
|
||||
+ int keysize;
|
||||
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
|
||||
+ keysize = 1023;
|
||||
+ } else {
|
||||
+ keysize = 2047;
|
||||
+ }
|
||||
session->next_crypto->x = bignum_new();
|
||||
if (session->next_crypto->x == NULL) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
#ifdef HAVE_LIBGCRYPT
|
||||
- bignum_rand(session->next_crypto->x, 128);
|
||||
+ bignum_rand(session->next_crypto->x, keysize);
|
||||
#elif defined HAVE_LIBCRYPTO
|
||||
- bignum_rand(session->next_crypto->x, 128, 0, -1);
|
||||
+ bignum_rand(session->next_crypto->x, keysize, -1, 0);
|
||||
#endif
|
||||
|
||||
/* not harder than this */
|
||||
@@ -248,15 +254,21 @@ int dh_generate_x(ssh_session session) {
|
||||
|
||||
/* used by server */
|
||||
int dh_generate_y(ssh_session session) {
|
||||
- session->next_crypto->y = bignum_new();
|
||||
+ int keysize;
|
||||
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
|
||||
+ keysize = 1023;
|
||||
+ } else {
|
||||
+ keysize = 2047;
|
||||
+ }
|
||||
+ session->next_crypto->y = bignum_new();
|
||||
if (session->next_crypto->y == NULL) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
#ifdef HAVE_LIBGCRYPT
|
||||
- bignum_rand(session->next_crypto->y, 128);
|
||||
+ bignum_rand(session->next_crypto->y, keysize);
|
||||
#elif defined HAVE_LIBCRYPTO
|
||||
- bignum_rand(session->next_crypto->y, 128, 0, -1);
|
||||
+ bignum_rand(session->next_crypto->y, keysize, -1, 0);
|
||||
#endif
|
||||
|
||||
/* not harder than this */
|
||||
--
|
||||
cgit v0.12
|
||||
|
Loading…
Reference in New Issue