Version in base suite: 1.0.20-1+deb12u2
Version in overlay suite: 1.0.20-1+deb12u3

Base version: phpseclib_1.0.20-1+deb12u3
Target version: phpseclib_1.0.20-1+deb12u5
Base file: /srv/ftp-master.debian.org/ftp/pool/main/p/phpseclib/phpseclib_1.0.20-1+deb12u3.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/p/phpseclib/phpseclib_1.0.20-1+deb12u5.dsc

 changelog                                                               |   17 ++
 patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch |   58 ++++++++++
 patches/0017-ASN1-reduce-length-of-supported-OIDs-from-4096-bytes.patch |   26 ++++
 patches/series                                                          |    2 
 4 files changed, 102 insertions(+), 1 deletion(-)

dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp9zp2hw72/phpseclib_1.0.20-1+deb12u3.dsc: no acceptable signature found
dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp9zp2hw72/phpseclib_1.0.20-1+deb12u5.dsc: no acceptable signature found
diff -Nru phpseclib-1.0.20/debian/changelog phpseclib-1.0.20/debian/changelog
--- phpseclib-1.0.20/debian/changelog	2026-03-24 17:16:23.000000000 +0000
+++ phpseclib-1.0.20/debian/changelog	2026-04-28 12:34:19.000000000 +0000
@@ -1,6 +1,21 @@
+phpseclib (1.0.20-1+deb12u5) bookworm; urgency=medium
+
+  * ASN1: reduce length of supported OIDs from 4096 bytes to 128 bytes
+    [CVE-2024-27355]
+
+ -- David Prévot <taffit@debian.org>  Tue, 28 Apr 2026 14:34:19 +0200
+
+phpseclib (1.0.20-1+deb12u4) bookworm; urgency=medium
+
+  * Fix bug number in previous changelog entry
+  * SSH2: use constant time string comparison in get_binary_packet()
+    [CVE-2026-40194]
+
+ -- David Prévot <taffit@debian.org>  Sun, 19 Apr 2026 11:37:43 +0200
+
 phpseclib (1.0.20-1+deb12u3) bookworm-security; urgency=medium
 
-  * make unpadding constant time [CVE-2026-32935] (Closes: #1131485)
+  * make unpadding constant time [CVE-2026-32935] (Closes: #1131484)
   * X509: fix for weird characters in subjaltname [CVE-2023-52892]
 
  -- David Prévot <taffit@debian.org>  Tue, 24 Mar 2026 18:16:23 +0100
diff -Nru phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch
--- phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch	1970-01-01 00:00:00.000000000 +0000
+++ phpseclib-1.0.20/debian/patches/0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch	2026-04-28 12:34:01.000000000 +0000
@@ -0,0 +1,58 @@
+From: terrafrost <terrafrost@php.net>
+Date: Thu, 9 Apr 2026 18:14:19 -0500
+Subject: SSH2: use constant time string comparison in get_binary_packet():
+
+Origin: backport, https://github.com/phpseclib/phpseclib/commit/ffe48b6b1b1af6963327f0a5330e3aa004a194ac
+Bug: https://github.com/phpseclib/phpseclib/security/advisories/GHSA-r854-jrxh-36qx
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2026-40194
+---
+ phpseclib/Net/SSH2.php | 31 ++++++++++++++++++++++++++++++-
+ 1 file changed, 30 insertions(+), 1 deletion(-)
+
+diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php
+index 93375df..c90c0e2 100644
+--- a/phpseclib/Net/SSH2.php
++++ b/phpseclib/Net/SSH2.php
+@@ -3686,7 +3686,7 @@ class Net_SSH2
+                 $this->bitmap = 0;
+                 user_error('Error reading socket');
+                 return false;
+-            } elseif ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) {
++            } elseif (!$this->_equals($hmac, $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding)))) {
+                 user_error('Invalid HMAC');
+                 return false;
+             }
+@@ -5488,4 +5488,33 @@ class Net_SSH2
+     {
+         $this->smartMFA = false;
+     }
++
++    /**
++     * Constant time equality testing
++     *
++     * Pretty much copy / pasted from Crypt/RSA.php
++     *
++     * @access private
++     * @param string $x
++     * @param string $y
++     * @return bool
++     */
++    function _equals($x, $y)
++    {
++        if (function_exists('hash_equals')) {
++            return hash_equals($x, $y);
++        }
++
++        if (strlen($x) != strlen($y)) {
++            return false;
++        }
++
++        $result = "\0";
++        $x^= $y;
++        for ($i = 0; $i < strlen($x); $i++) {
++            $result|= $x[$i];
++        }
++
++        return $result === "\0";
++    }
+ }
diff -Nru phpseclib-1.0.20/debian/patches/0017-ASN1-reduce-length-of-supported-OIDs-from-4096-bytes.patch phpseclib-1.0.20/debian/patches/0017-ASN1-reduce-length-of-supported-OIDs-from-4096-bytes.patch
--- phpseclib-1.0.20/debian/patches/0017-ASN1-reduce-length-of-supported-OIDs-from-4096-bytes.patch	1970-01-01 00:00:00.000000000 +0000
+++ phpseclib-1.0.20/debian/patches/0017-ASN1-reduce-length-of-supported-OIDs-from-4096-bytes.patch	2026-04-28 12:34:01.000000000 +0000
@@ -0,0 +1,26 @@
+From: terrafrost <terrafrost@php.net>
+Date: Mon, 27 Apr 2026 01:00:37 -0500
+Subject: ASN1: reduce length of supported OIDs from 4096 bytes to 128 bytes
+
+Origin: upstream, https://github.com/phpseclib/phpseclib/commit/d53d2021bcb9f6a04d5d44ec99e6bbef219a71bc
+Bug: https://github.com/phpseclib/phpseclib/security/advisories/GHSA-2528-jw5q-ww88
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2024-27355
+---
+ phpseclib/File/ASN1.php | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php
+index e5fa17d..8b249a4 100644
+--- a/phpseclib/File/ASN1.php
++++ b/phpseclib/File/ASN1.php
+@@ -1268,8 +1268,8 @@ class File_ASN1
+         $pos = 0;
+         $len = strlen($content);
+         // see https://github.com/openjdk/jdk/blob/2deb318c9f047ec5a4b160d66a4b52f93688ec42/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java#L55
+-        if ($len > 4096) {
+-            //user_error('Object Identifier size is limited to 4096 bytes');
++        if ($len > 128) {
++            //user_error('Object Identifier size is limited to 128 bytes');
+             return false;
+         }
+ 
diff -Nru phpseclib-1.0.20/debian/patches/series phpseclib-1.0.20/debian/patches/series
--- phpseclib-1.0.20/debian/patches/series	2026-03-24 17:16:23.000000000 +0000
+++ phpseclib-1.0.20/debian/patches/series	2026-04-28 12:34:01.000000000 +0000
@@ -13,3 +13,5 @@
 0013-BigInteger-fix-getLength.patch
 0014-make-unpadding-constant-time.patch
 0015-X509-fix-for-weird-characters-in-subjaltname.patch
+0016-SSH2-use-constant-time-string-comparison-in-get_bina.patch
+0017-ASN1-reduce-length-of-supported-OIDs-from-4096-bytes.patch