openssh: patch for CVE-2015-5600 via Alpine.
This commit is contained in:
parent
dde2b589f7
commit
38bd0070c3
2 changed files with 35 additions and 1 deletions
34
srcpkgs/openssh/patches/CVE-2015-5600.patch
Normal file
34
srcpkgs/openssh/patches/CVE-2015-5600.patch
Normal file
|
@ -0,0 +1,34 @@
|
|||
--- auth2-chall.c 2015/01/19 20:07:45 1.42
|
||||
+++ auth2-chall.c 2015/07/18 07:57:14 1.43
|
||||
@@ -1,4 +1,4 @@
|
||||
-/* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */
|
||||
+/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2001 Markus Friedl. All rights reserved.
|
||||
* Copyright (c) 2001 Per Allansson. All rights reserved.
|
||||
@@ -57,6 +57,7 @@
|
||||
void *ctxt;
|
||||
KbdintDevice *device;
|
||||
u_int nreq;
|
||||
+ u_int devices_done;
|
||||
};
|
||||
|
||||
static KbdintAuthctxt *
|
||||
@@ -123,11 +124,15 @@
|
||||
if (len == 0)
|
||||
break;
|
||||
for (i = 0; devices[i]; i++) {
|
||||
- if (!auth2_method_allowed(authctxt,
|
||||
+ if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
|
||||
+ !auth2_method_allowed(authctxt,
|
||||
"keyboard-interactive", devices[i]->name))
|
||||
continue;
|
||||
- if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
|
||||
+ if (strncmp(kbdintctxt->devices, devices[i]->name,
|
||||
+ len) == 0) {
|
||||
kbdintctxt->device = devices[i];
|
||||
+ kbdintctxt->devices_done |= 1 << i;
|
||||
+ }
|
||||
}
|
||||
t = kbdintctxt->devices;
|
||||
kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'openssh'
|
||||
pkgname=openssh
|
||||
version=6.9p1
|
||||
revision=2
|
||||
revision=3
|
||||
build_style=gnu-configure
|
||||
configure_args="--sbindir=/usr/bin --datadir=/usr/share/openssh
|
||||
--sysconfdir=/etc/ssh --without-selinux --with-privsep-user=nobody
|
||||
|
|
Loading…
Reference in a new issue