[security-announce] libssh2: CVE-2016-0787: Security Update

Sona Sarmadi sona.sarmadi at enea.com
Wed Mar 9 07:26:25 CET 2016

	Enea Linux Security Advisory

Product/package: libssh2 1.4.3/ Enea Linux 5.0
Severity: Medium
CVE Name: CVE-2016-0787
Layer: meta

This security update fixes bits/bytes confusion resulting in truncated
Diffie-Hellman secret length.

During the SSHv2 handshake when libssh2 is to get a suitable value for
'group order' in the Diffle Hellman negotiation, it would pass in number
of bytes to a function that expected number of bits. This would result
in the library generating numbers using only an 8th the number of random
bits than what were intended: 128 or 256 bits instead of 1023 or 2047

Using such drastically reduced amount of random bits for Diffie Hellman
weakended the handshake security significantly.

There are no known exploits of this flaw at this time.


Reference to upstream patch:

Correction for Enea Linux 5.0:

How to get the latest patches
- If you have already cloned needed repositories, update it to get new
security patches.

cd Enea-Linux-5.0/poky
git pull

- If you have not yet cloned needed repositories, do it as described
below. (All patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-fsl-ppc.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-
git -C $POKY clone -b dizzy
git -C $POKY/meta-enea clone -b dizzy

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.lists.enea.com/pipermail/security-announce/attachments/20160309/1b985ea6/attachment-0002.sig>

More information about the security-announce mailing list