tmate-ssh-server: CVE-2021-44512 CVE-2021-44513

[df7cb]

Forwarding from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001225:

From: Salvatore Bonaccorso <carnil@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: tmate-ssh-server: CVE-2021-44512 CVE-2021-44513
Date: Mon, 06 Dec 2021 17:09:52 +0100

Source: tmate-ssh-server
Version: 2.3.0-49-g97d20249-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerabilities were published for tmate-ssh-server.

CVE-2021-44512[0], CVE-2021-44513[1].

Note that there are as well other issues which do not have a CVE which are mentioned in the oss-security[2] post.

If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-44512 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44512 [1] https://security-tracker.debian.org/tracker/CVE-2021-44513 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44513 [2] https://www.openwall.com/lists/oss-security/2021/12/06/2

Regards, Salvatore

---

Once the issues are resolved, please tag a new release so distributions can update the tmate-ssh-server packages. Thanks!

[defdefred]

There is no signature verification for user public keys or i miss something? https://github.com/tmate-io/tmate-ssh-server/blob/master/tmate-ssh-server.c

[df7cb]

Seems to be already fixed with 1c020d1f5ca. Please consider tagging a new release with the fixes. Thanks.