fix(deps): update module golang.org/x/crypto to v0.17.0 [security] - autoclosed #672
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
2d89f71
to
cc8dc2c
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
cc8dc2c
to
2bd4409
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
2bd4409
to
f2199f6
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
f2199f6
to
79dd0ac
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
79dd0ac
to
5836107
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
5836107
to
1463f0b
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
1463f0b
to
2682ebe
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
2682ebe
to
5c1911b
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
5c1911b
to
664cbec
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
664cbec
to
cca6805
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
cca6805
to
e83d6dd
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
e83d6dd
to
6ae8f51
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
6ae8f51
to
93f19a7
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
93f19a7
to
5fbdef8
Compare
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
3d24ab5
to
c933565
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
c933565
to
7a966dc
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
7a966dc
to
cf7f1e1
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
cf7f1e1
to
1c0340a
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
1c0340a
to
9a2147d
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
9a2147d
to
2dd7143
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
2dd7143
to
9a58394
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
9a58394
to
806f1ed
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
806f1ed
to
27a8e92
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
27a8e92
to
45c3e71
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
45c3e71
to
7c72bc7
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
7c72bc7
to
1a56d40
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
1a56d40
to
3c4e85b
Compare
renovate
bot
changed the title
renovate
bot
changed the title
renovate
bot
deleted the
renovate/go-golang.org/x/crypto-vulnerability
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.0.0-20201112155050-0c6587e931a9->v0.17.0GitHub Vulnerability Alerts
CVE-2022-27191
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
CVE-2021-43565
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an unauthenticated attacker to panic an SSH server. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic.
CVE-2020-29652
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. An attacker can craft an authentication request message for the
gssapi-with-micmethod which will cause NewServerConn to panic via a nil pointer dereference if ServerConfig.GSSAPIWithMICConfig is nil.CVE-2023-48795
Summary
Terrapin is a prefix truncation attack targeting the SSH protocol. More precisely, Terrapin breaks the integrity of SSH's secure channel. By carefully adjusting the sequence numbers during the handshake, an attacker can remove an arbitrary amount of messages sent by the client or server at the beginning of the secure channel without the client or server noticing it.
Mitigations
To mitigate this protocol vulnerability, OpenSSH suggested a so-called "strict kex" which alters the SSH handshake to ensure a Man-in-the-Middle attacker cannot introduce unauthenticated messages as well as convey sequence number manipulation across handshakes.
Warning: To take effect, both the client and server must support this countermeasure.
As a stop-gap measure, peers may also (temporarily) disable the affected algorithms and use unaffected alternatives like AES-GCM instead until patches are available.
Details
The SSH specifications of ChaCha20-Poly1305 (chacha20-poly1305@openssh.com) and Encrypt-then-MAC (*-etm@openssh.com MACs) are vulnerable against an arbitrary prefix truncation attack (a.k.a. Terrapin attack). This allows for an extension negotiation downgrade by stripping the SSH_MSG_EXT_INFO sent after the first message after SSH_MSG_NEWKEYS, downgrading security, and disabling attack countermeasures in some versions of OpenSSH. When targeting Encrypt-then-MAC, this attack requires the use of a CBC cipher to be practically exploitable due to the internal workings of the cipher mode. Additionally, this novel attack technique can be used to exploit previously unexploitable implementation flaws in a Man-in-the-Middle scenario.
The attack works by an attacker injecting an arbitrary number of SSH_MSG_IGNORE messages during the initial key exchange and consequently removing the same number of messages just after the initial key exchange has concluded. This is possible due to missing authentication of the excess SSH_MSG_IGNORE messages and the fact that the implicit sequence numbers used within the SSH protocol are only checked after the initial key exchange.
In the case of ChaCha20-Poly1305, the attack is guaranteed to work on every connection as this cipher does not maintain an internal state other than the message's sequence number. In the case of Encrypt-Then-MAC, practical exploitation requires the use of a CBC cipher; while theoretical integrity is broken for all ciphers when using this mode, message processing will fail at the application layer for CTR and stream ciphers.
For more details see https://terrapin-attack.com.
Impact
This attack targets the specification of ChaCha20-Poly1305 (chacha20-poly1305@openssh.com) and Encrypt-then-MAC (*-etm@openssh.com), which are widely adopted by well-known SSH implementations and can be considered de-facto standard. These algorithms can be practically exploited; however, in the case of Encrypt-Then-MAC, we additionally require the use of a CBC cipher. As a consequence, this attack works against all well-behaving SSH implementations supporting either of those algorithms and can be used to downgrade (but not fully strip) connection security in case SSH extension negotiation (RFC8308) is supported. The attack may also enable attackers to exploit certain implementation flaws in a man-in-the-middle (MitM) scenario.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.