fix(deps): update module golang.org/x/crypto to v0.17.0 [security] - autoclosed #242
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
97cfc48 to
2fffcad
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
2fffcad to
48d6510
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
48d6510 to
6fffa2d
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
6fffa2d to
f4c34e1
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
f4c34e1 to
9b9263a
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
9b9263a to
c00818c
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
c00818c to
2f1c23a
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
2f1c23a to
a2decbe
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
a2decbe to
f9ba335
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
f9ba335 to
03ebf14
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
03ebf14 to
aa19c3f
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
aa19c3f to
184c65c
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
184c65c to
d104fda
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
d104fda to
932d93e
Compare
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
3cbd601 to
9f8d4e3
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
9f8d4e3 to
22b1cd9
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
22b1cd9 to
25814ca
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
25814ca to
c08ec83
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
c08ec83 to
6c101e8
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
6c101e8 to
4036b67
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
4036b67 to
65a56b8
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
65a56b8 to
27b89b3
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
27b89b3 to
caf974e
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
caf974e to
0efc205
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
2 times, most recently
from
b9a786d to
a3c52af
Compare
renovate
bot
changed the title
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/go-golang.org/x/crypto-vulnerability
branch
from
a3c52af to
1d19dce
Compare
renovate
bot
changed the title
renovate
bot
changed the title
renovate
bot
deleted the
renovate/go-golang.org/x/crypto-vulnerability
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.0.0-20210513164829-c07d793c2f9a->v0.17.0GitHub Vulnerability Alerts
CVE-2022-27191
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
CVE-2021-43565
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an unauthenticated attacker to panic an SSH server. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic.
CVE-2023-48795
Summary
Terrapin is a prefix truncation attack targeting the SSH protocol. More precisely, Terrapin breaks the integrity of SSH's secure channel. By carefully adjusting the sequence numbers during the handshake, an attacker can remove an arbitrary amount of messages sent by the client or server at the beginning of the secure channel without the client or server noticing it.
Mitigations
To mitigate this protocol vulnerability, OpenSSH suggested a so-called "strict kex" which alters the SSH handshake to ensure a Man-in-the-Middle attacker cannot introduce unauthenticated messages as well as convey sequence number manipulation across handshakes.
Warning: To take effect, both the client and server must support this countermeasure.
As a stop-gap measure, peers may also (temporarily) disable the affected algorithms and use unaffected alternatives like AES-GCM instead until patches are available.
Details
The SSH specifications of ChaCha20-Poly1305 (chacha20-poly1305@openssh.com) and Encrypt-then-MAC (*-etm@openssh.com MACs) are vulnerable against an arbitrary prefix truncation attack (a.k.a. Terrapin attack). This allows for an extension negotiation downgrade by stripping the SSH_MSG_EXT_INFO sent after the first message after SSH_MSG_NEWKEYS, downgrading security, and disabling attack countermeasures in some versions of OpenSSH. When targeting Encrypt-then-MAC, this attack requires the use of a CBC cipher to be practically exploitable due to the internal workings of the cipher mode. Additionally, this novel attack technique can be used to exploit previously unexploitable implementation flaws in a Man-in-the-Middle scenario.
The attack works by an attacker injecting an arbitrary number of SSH_MSG_IGNORE messages during the initial key exchange and consequently removing the same number of messages just after the initial key exchange has concluded. This is possible due to missing authentication of the excess SSH_MSG_IGNORE messages and the fact that the implicit sequence numbers used within the SSH protocol are only checked after the initial key exchange.
In the case of ChaCha20-Poly1305, the attack is guaranteed to work on every connection as this cipher does not maintain an internal state other than the message's sequence number. In the case of Encrypt-Then-MAC, practical exploitation requires the use of a CBC cipher; while theoretical integrity is broken for all ciphers when using this mode, message processing will fail at the application layer for CTR and stream ciphers.
For more details see https://terrapin-attack.com.
Impact
This attack targets the specification of ChaCha20-Poly1305 (chacha20-poly1305@openssh.com) and Encrypt-then-MAC (*-etm@openssh.com), which are widely adopted by well-known SSH implementations and can be considered de-facto standard. These algorithms can be practically exploited; however, in the case of Encrypt-Then-MAC, we additionally require the use of a CBC cipher. As a consequence, this attack works against all well-behaving SSH implementations supporting either of those algorithms and can be used to downgrade (but not fully strip) connection security in case SSH extension negotiation (RFC8308) is supported. The attack may also enable attackers to exploit certain implementation flaws in a man-in-the-middle (MitM) scenario.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.