CVE-2021-30130

Name	CVE-2021-30130
Description	phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signature verification.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-3197-1, DLA-3198-1, ELA-869-1, ELA-903-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
php-phpseclib (PTS)	stretch (lts), stretch	2.0.30-2~deb9u1	fixed
	buster (security), buster, buster (lts)	2.0.30-2~deb10u3	fixed
	bullseye	2.0.30-2+deb11u2	fixed
	bullseye (security)	2.0.30-2+deb11u1	fixed
	bookworm	2.0.42-1+deb12u2	fixed
	bookworm (security)	2.0.42-1+deb12u1	fixed
	sid, trixie	2.0.47-3	fixed
php-phpseclib3 (PTS)	bookworm	3.0.19-1+deb12u3	fixed
	bookworm (security)	3.0.19-1+deb12u2	fixed
	sid, trixie	3.0.42-1	fixed
phpseclib (PTS)	jessie	0.3.8-1	vulnerable
	stretch (lts), stretch	1.0.19-1~deb9u2	fixed
	buster (security), buster, buster (lts)	1.0.19-3~deb10u3	fixed
	bullseye	1.0.19-3+deb11u2	fixed
	bullseye (security)	1.0.19-3+deb11u1	fixed
	bookworm	1.0.20-1+deb12u2	fixed
	bookworm (security)	1.0.20-1+deb12u1	fixed
	sid, trixie	1.0.23-3	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin
php-phpseclib	source	stretch	2.0.4-1		ELA-869-1
php-phpseclib	source	buster	2.0.30-2~deb10u1		DLA-3198-1
php-phpseclib	source	(unstable)	2.0.30-2
php-phpseclib3	source	(unstable)	3.0.7-1
phpseclib	source	jessie	(unfixed)	end-of-life
phpseclib	source	stretch	1.0.19-1~deb9u1		ELA-903-1
phpseclib	source	buster	1.0.19-3~deb10u1		DLA-3197-1
phpseclib	source	(unstable)	1.0.19-3

Notes

https://github.com/phpseclib/phpseclib/pull/1635#issuecomment-826994890
Introduced by: https://github.com/phpseclib/phpseclib/commit/cc32cd2e95b18a0c0118bbf1928327675c9e64a9 (v3.0 / RSA::SIGNATURE_RELAXED_PKCS1)
Fixed by: https://github.com/phpseclib/phpseclib/commit/05550b9c490bf342bce66de75d127d2f75c48bdd (1.0.20, 2.0.31, 3.0.7)
Fixed by: https://github.com/phpseclib/phpseclib/commit/42fc46e9a92c2ce5b10d2fbfb00b630417d6dfbe (3.0.7)
According to upstream in #1635, "v2.0 does not have a vulnerability" (only non-security bugs).
However, a lot of identical fixes were applied to all 1.x/2.x/3.x branches upstream.
They were also backported in bullseye/testing in 1.x/2.x (claimed as a CVE-2021-30130 fix).
Given the broad scope of this CVE description, let's assume that those fixes are needed in 1.x/2.x.