openssh: patch for CVE-2015-5600 via Alpine.

This commit is contained in:
Juan RP 2015-07-31 08:15:40 +02:00
parent dde2b589f7
commit 38bd0070c3
2 changed files with 35 additions and 1 deletions

View file

@ -0,0 +1,34 @@
--- auth2-chall.c 2015/01/19 20:07:45 1.42
+++ auth2-chall.c 2015/07/18 07:57:14 1.43
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2001 Per Allansson. All rights reserved.
@@ -57,6 +57,7 @@
void *ctxt;
KbdintDevice *device;
u_int nreq;
+ u_int devices_done;
};
static KbdintAuthctxt *
@@ -123,11 +124,15 @@
if (len == 0)
break;
for (i = 0; devices[i]; i++) {
- if (!auth2_method_allowed(authctxt,
+ if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
+ !auth2_method_allowed(authctxt,
"keyboard-interactive", devices[i]->name))
continue;
- if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
+ if (strncmp(kbdintctxt->devices, devices[i]->name,
+ len) == 0) {
kbdintctxt->device = devices[i];
+ kbdintctxt->devices_done |= 1 << i;
+ }
}
t = kbdintctxt->devices;
kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;

View file

@ -1,7 +1,7 @@
# Template file for 'openssh'
pkgname=openssh
version=6.9p1
revision=2
revision=3
build_style=gnu-configure
configure_args="--sbindir=/usr/bin --datadir=/usr/share/openssh
--sysconfdir=/etc/ssh --without-selinux --with-privsep-user=nobody