How to find a commit with a fix for a vulnerability on github?

D

DVoropaev2019-02-14 16:20:43

GitHub

DVoropaev, 2019-02-14 16:20:43

in 2018, a vulnerability in libssh CVE-2018-10933 was published.

In versions of libssh 0.6 and higher, there is an authentication bypass vulnerability in
the server code. By presenting the server with an SSH2_MSG_USERAUTH_SUCCESS message
instead of the SSH2_MSG_USERAUTH_REQUEST message that the server expects
to initiate authentication, an attacker can successfully authenticate
without any authority.
...
To solve this problem, libssh version 0.8.4 and libssh 0.7.6 were released.

I want to find the section of code that contains the vulnerability and study it. how to find it?
I found a repository with libSSH on github, I looked through all the commits for 2018, but I did not find a single commit related to this vulnerability

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

I

Igor Deyashkin, 2019-02-14
@DVoropaev

As I understand it, your problem is that you are looking in the wrong repository =) This is the libssh2 repository.
Here is the news about fixing the vulnerability at the office. libsh site. From there we can get a link to clone the repository:

git clone https://git.libssh.org/projects/libssh.git libssh

In addition, viewing through the web interface is available. You can find the libssh-0.8.4 tag there and see the relevant commits: https://git.libssh.org/projects/libssh.git/log/?h=...

D

Dmitrij Shovery, 2019-02-14
@Shovery

One option is to clone the repo to yourself and use Sourcetree's commit and file search
Via the console is less visual, but you can also try:
$ git grep -n SSH2_MSG_USERAUTH_SUCCESS