Bug 1896651

Summary: Update for libssh-0.9.0-4.el8.x86_64 as it has bug. Rebase to libssh-0-9-6
Product: Red Hat Enterprise Linux 8 Reporter: Dushyantk.sun <dushyantk.sun>
Component: libsshAssignee: Norbert Pócs <npocs>
Status: CLOSED ERRATA QA Contact: Pavel Yadlouski <pyadlous>
Severity: high Docs Contact: Jan Fiala <jafiala>
Priority: medium    
Version: 8.2CC: ansasaki, ccheney, jafiala, jjelen, npocs, pyadlous, sahana, sbroz, ssorce, szidek
Target Milestone: rcKeywords: Rebase, Triaged
Target Release: 8.0Flags: pm-rhel: mirror+
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: libssh-0.9.6-3.el8 Doc Type: Enhancement
Doc Text:
.`libssh` rebased to 0.9.6 The `libssh` package has been rebased to upstream version 0.9.6. This version provides bug fixes and enhancements, most notably: * Support for multiple identity files. The files are processed from the bottom to the top as listed in the `~/.ssh/config` file. * Parsing of sub-second times in SFTP is fixed. * A regression of the `ssh_channel_poll_timeout()` function returning `SSH_AGAIN` unexpectedly is now fixed. * A possible heap-buffer overflow after key re-exchange is fixed. * A handshake bug when AEAD cipher is matched but there is no HMAC overlap is fixed. * Several memory leaks on error paths are fixed.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-05-10 15:21:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Zabbix frontend snap none

Description Dushyantk.sun@gmail.com 2020-11-11 06:49:11 UTC 
Created attachment 1728268 [details]
Zabbix frontend snap

Description of problem:

Hello Team,

We have RH Linux release 8.2.2004. We have zabbix monitoring tool installed on it and this monitoring tool needs to connect to client machine(All clients are RH 6 and 7) to fetch server details over the ssh. However due to bug in libssh-0.9.0-4 , we are seeing intermittent issue while connecting to client machine.
I can see libssh community has release the updated version which is libssh 0.9.5 
I would like to check with you if there is any timeline for releasing this package on RH 8 repo or do we have any workaround for time being until release of package
It caused us to move forward with RH 8 version in prod environment. Found link from Zabbix https://support.zabbix.com/browse/ZBX-17756 and from libssh where they have fixed available. https://www.libssh.org/2020/09/10/libssh-0-9-5/ .

Pleases let me know if need more information.

Version-Release number of selected component (if applicable):

libssh-0.9.0-4.el8.x86_64

How reproducible:
While executing remote command from Zabbix application RH  8 server to client machines, it shows "Cannot read data from SSH server"

Steps to Reproduce:
1. Intermittent connection drop to client from RH 8 
2. Executing several remote  commands 
3.

Actual results:
can not read data from ssh server on zabbix tool frontend. 

Expected results:
It should connect and execute command to fetch the details

Additional info:
Comment 2 Dushyantk.sun@gmail.com 2020-11-11 09:43:12 UTC 
Hi Sahana,

Thank you for reviewing the issue and providing feedback. 

Since update will take time , could you please let me know if we have any workaround for it.

-Dushyant
Comment 4 Dushyantk.sun@gmail.com 2020-11-11 12:35:42 UTC 
Hi Sahana,

When we install RH 8 , we got default version of libssh-0.9.4 so can not downgrade. Do we have lower version of libssh which supports on RH 8 and how to download.

But yeah will wait for release of updated package.
Comment 5 Nikos Mavrogiannopoulos 2020-11-11 12:49:58 UTC 
Thank you Dushyanth for taking the time to report this issue to us. We appreciate the feedback and use reports such as this one to guide our efforts at improving our products. That being said, this bug tracking system is not a mechanism for requesting support, and we are not able to guarantee the timeliness or suitability of a resolution.

If this issue is critical or in any way time sensitive, please raise a ticket through the regular Red Hat support channels to ensure it receives the proper attention and prioritization to assure a timely resolution. 

For information on how to contact the Red Hat production support team, please visit:
    https://www.redhat.com/en/services/support
Comment 6 Nikos Mavrogiannopoulos 2020-11-11 12:52:25 UTC 
Please also ask the support engineer to assign your ticket to this Bugzilla.
Comment 7 Dushyantk.sun@gmail.com 2020-11-11 16:49:17 UTC 
HI Nikos,

Thank you. I will check and raise case accordingly.
Comment 14 Norbert Pócs 2021-10-12 15:17:20 UTC 
Changes from the change log for 0.9.5 are:

CVE-2020-16135: Avoid null pointer dereference in sftpserver
Improve handling of library initialization
Fix parsing of subsecond times in SFTP
Make the documentation reproducible
Remove deprecated API usage in OpenSSL
Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
Define version in one place
Prevent invalid free when using different C runtimes than OpenSSL
Compatibility improvements to testsuite


The latest upstream version 0.9.6 fixes the
 CVE-2021-3634 libssh: possible heap-based buffer overflow when rekeying
Additional changes in this release from the change log:

CVE-2021-3634: Fix possible heap-buffer overflow when rekeying with different key exchange mechanism
Fix several memory leaks on error paths
Reset pending_call_state on disconnect
Fix handshake bug with AEAD ciphers and no HMAC overlap
Use OPENSSL_CRYPTO_LIBRARIES in CMake
Ignore request success and failure message if they are not expected
Support more identity files in configuration
Avoid setting compiler flags directly in CMake
Support build directories with special characters
Include stdlib.h to avoid crash in Windows
Fix sftp_new_channel constructs an invalid object
Fix Ninja multiple rules error
Several tests fixes
Comment 18 Simo Sorce 2021-10-27 16:53:44 UTC 
Husam,
we might be able to provide it early via hotfix exception.
Comment 22 Simo Sorce 2021-11-10 17:13:09 UTC 
Norbert,
can you provide a link to the RHEL 8.6 brew build with the fix?
Comment 23 Norbert Pócs 2021-11-11 07:16:40 UTC 
(In reply to Simo Sorce from comment #22)
> Norbert,
> can you provide a link to the RHEL 8.6 brew build with the fix?

The build can be found here: https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1786749
Comment 34 errata-xmlrpc 2022-05-10 15:21:19 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: libssh security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:2031