[Bug 1310781] Re: bad bignum encoding for curve25519-sha256 at libssh.org

Brian Murray brian at ubuntu.com
Mon May 12 16:00:16 UTC 2014 

Hello Colin, or anyone else affected,

Accepted openssh into trusty-proposed. The package will build now and be
available at
http://launchpad.net/ubuntu/+source/openssh/1:6.6p1-2ubuntu2 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: openssh (Ubuntu Trusty)
       Status: In Progress => Fix Committed

** Tags added: verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1310781

Title:
  bad bignum encoding for curve25519-sha256 at libssh.org

Status in “openssh” package in Ubuntu:
  Fix Released
Status in “openssh” source package in Trusty:
  Fix Committed

Bug description:
  [Impact] Occasional key exchange failure with ED25519.
  [Test Case] I don't have a clear one, but perhaps attempting lots of connections to a fixed server would do it.
  [Regression Potential] We should test with an unpatched server to make sure that it properly falls back to skipping that key exchange method.

  There's an occasional (one in 512 or so) key exchange failure in the
  curve25519-sha256 key exchange method, which affects OpenSSH 6.5 and
  6.6.  Upstream gives more details here and has recommended that
  distributors apply this patch:

    https://lists.mindrot.org/pipermail/openssh-unix-
  dev/2014-April/032494.html

  We should issue this as an update for trusty.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1310781/+subscriptions

More information about the foundations-bugs mailing list