[Secure-testing-team] Bug#729029: openssh: Memory corruption in AES-GCM support
Moritz Muehlenhoff
jmm at inutil.org
Fri Nov 8 05:38:17 UTC 2013
Package: openssh
Severity: grave
Tags: security
Justification: user security hole
Please see http://www.openssh.com/txt/gcmrekey.adv
No CVE ID has been assigned yet.
AES-GCM support was introduced in 6.2, so oldstable and stable should
be fine (from http://www.openssh.com/txt/release-6.2):
| * ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption in
| SSH protocol 2. The new cipher is available as aes128-gcm at openssh.com
| and aes256-gcm at openssh.com. It uses an identical packet format to the
| AES-GCM mode specified in RFC 5647, but uses simpler and different
| selection rules during key exchange.
Cheers,
Moritz
More information about the Secure-testing-team
mailing list