| 1 |
vapier 08/03/29 03:07:26 |
| 2 |
|
| 3 |
Added: openssh-4.7_p1-packet-size.patch |
| 4 |
openssh-4.7_p1-lpk-64bit.patch |
| 5 |
openssh-4.7_p1-CVE-2008-1483.patch |
| 6 |
Log: |
| 7 |
Fix CVE-2008-1483 #214985. Fix from upstream for scp/packet problems #212433 by Steven Parkes. Fix from Piotr Stolc for some LPK configs under 64bit systems #210110. Add gsskex patch (for now) #115553. |
| 8 |
(Portage version: 2.2_pre5) |
| 9 |
|
| 10 |
Revision Changes Path |
| 11 |
1.1 net-misc/openssh/files/openssh-4.7_p1-packet-size.patch |
| 12 |
|
| 13 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-packet-size.patch?rev=1.1&view=markup |
| 14 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-packet-size.patch?rev=1.1&content-type=text/plain |
| 15 |
|
| 16 |
Index: openssh-4.7_p1-packet-size.patch |
| 17 |
=================================================================== |
| 18 |
Fix from upstream |
| 19 |
|
| 20 |
http://bugs.gentoo.org/212433 |
| 21 |
https://bugzilla.mindrot.org/show_bug.cgi?id=1360 |
| 22 |
|
| 23 |
Index: clientloop.c |
| 24 |
=================================================================== |
| 25 |
RCS file: /usr/local/src/security/openssh/cvs/openssh/clientloop.c,v |
| 26 |
retrieving revision 1.170 |
| 27 |
diff -u -p -r1.170 clientloop.c |
| 28 |
--- clientloop.c 28 Dec 2007 15:45:07 -0000 1.170 |
| 29 |
+++ clientloop.c 28 Dec 2007 18:14:10 -0000 |
| 30 |
@@ -1745,7 +1745,7 @@ client_request_forwarded_tcpip(const cha |
| 31 |
} |
| 32 |
c = channel_new("forwarded-tcpip", |
| 33 |
SSH_CHANNEL_CONNECTING, sock, sock, -1, |
| 34 |
- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, |
| 35 |
+ CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, |
| 36 |
originator_address, 1); |
| 37 |
xfree(originator_address); |
| 38 |
xfree(listen_address); |
| 39 |
@@ -1803,7 +1803,7 @@ client_request_agent(const char *request |
| 40 |
return NULL; |
| 41 |
c = channel_new("authentication agent connection", |
| 42 |
SSH_CHANNEL_OPEN, sock, sock, -1, |
| 43 |
- CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, |
| 44 |
+ CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, |
| 45 |
"authentication agent connection", 1); |
| 46 |
c->force_drain = 1; |
| 47 |
return c; |
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
1.1 net-misc/openssh/files/openssh-4.7_p1-lpk-64bit.patch |
| 52 |
|
| 53 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-lpk-64bit.patch?rev=1.1&view=markup |
| 54 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-lpk-64bit.patch?rev=1.1&content-type=text/plain |
| 55 |
|
| 56 |
Index: openssh-4.7_p1-lpk-64bit.patch |
| 57 |
=================================================================== |
| 58 |
http://bugs.gentoo.org/210110 |
| 59 |
|
| 60 |
--- servconf.c |
| 61 |
+++ servconf.c |
| 62 |
@@ -690,6 +690,7 @@ |
| 63 |
{ |
| 64 |
char *cp, **charptr, *arg, *p; |
| 65 |
int cmdline = 0, *intptr, value, n; |
| 66 |
+ unsigned long lvalue, *longptr; |
| 67 |
ServerOpCodes opcode; |
| 68 |
u_short port; |
| 69 |
u_int i, flags = 0; |
| 70 |
@@ -704,6 +705,7 @@ |
| 71 |
if (!arg || !*arg || *arg == '#') |
| 72 |
return 0; |
| 73 |
intptr = NULL; |
| 74 |
+ longptr = NULL; |
| 75 |
charptr = NULL; |
| 76 |
opcode = parse_token(arg, filename, linenum, &flags); |
| 77 |
|
| 78 |
@@ -1421,11 +1423,20 @@ |
| 79 |
*intptr = value; |
| 80 |
break; |
| 81 |
case sBindTimeout: |
| 82 |
- intptr = (int *) &options->lpk.b_timeout.tv_sec; |
| 83 |
- goto parse_int; |
| 84 |
+ longptr = (unsigned long *) &options->lpk.b_timeout.tv_sec; |
| 85 |
+parse_ulong: |
| 86 |
+ arg = strdelim(&cp); |
| 87 |
+ if (!arg || *arg == '\0') |
| 88 |
+ fatal("%s line %d: missing integer value.", |
| 89 |
+ filename, linenum); |
| 90 |
+ lvalue = atol(arg); |
| 91 |
+ if (*activep && *longptr == -1) |
| 92 |
+ *longptr = lvalue; |
| 93 |
+ break; |
| 94 |
+ |
| 95 |
case sSearchTimeout: |
| 96 |
- intptr = (int *) &options->lpk.s_timeout.tv_sec; |
| 97 |
- goto parse_int; |
| 98 |
+ longptr = (unsigned long *) &options->lpk.s_timeout.tv_sec; |
| 99 |
+ goto parse_ulong; |
| 100 |
break; |
| 101 |
case sLdapConf: |
| 102 |
arg = cp; |
| 103 |
|
| 104 |
|
| 105 |
|
| 106 |
1.1 net-misc/openssh/files/openssh-4.7_p1-CVE-2008-1483.patch |
| 107 |
|
| 108 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-CVE-2008-1483.patch?rev=1.1&view=markup |
| 109 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-4.7_p1-CVE-2008-1483.patch?rev=1.1&content-type=text/plain |
| 110 |
|
| 111 |
Index: openssh-4.7_p1-CVE-2008-1483.patch |
| 112 |
=================================================================== |
| 113 |
Ripped from Fedora for CVE-2008-1483 |
| 114 |
|
| 115 |
http://bugs.gentoo.org/214985 |
| 116 |
|
| 117 |
--- openssh-3.9p1/channels.c |
| 118 |
+++ openssh-3.9p1/channels.c |
| 119 |
@@ -2653,9 +2653,6 @@ |
| 120 |
debug2("bind port %d: %.100s", port, strerror(errno)); |
| 121 |
close(sock); |
| 122 |
|
| 123 |
- if (ai->ai_next) |
| 124 |
- continue; |
| 125 |
- |
| 126 |
for (n = 0; n < num_socks; n++) { |
| 127 |
close(socks[n]); |
| 128 |
} |
| 129 |
|
| 130 |
|
| 131 |
|
| 132 |
-- |
| 133 |
gentoo-commits@l.g.o mailing list |
Archives