forked from rpms/openssh
import UBI openssh-8.0p1-25.el8_10
This commit is contained in:
parent
6d16bfdb3c
commit
779aabdb52
38
SOURCES/openssh-8.0p1-upstream-ignore-SIGPIPE.patch
Normal file
38
SOURCES/openssh-8.0p1-upstream-ignore-SIGPIPE.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
From d33ff14309e33aa79fdf95e1bc4facafa80b90a9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Stepan Broz <sbroz@redhat.com>
|
||||||
|
Date: Tue, 25 Jun 2024 17:38:22 +0200
|
||||||
|
Subject: [PATCH] upstream: ignore SIGPIPE earlier in main(), specifically
|
||||||
|
before
|
||||||
|
|
||||||
|
muxclient() which performs operations that could cause one; Reported by Noam
|
||||||
|
Lewis via bz3454, ok dtucker@
|
||||||
|
|
||||||
|
OpenBSD-Commit-ID: 63d8e13276869eebac6d7a05d5a96307f9026e47
|
||||||
|
---
|
||||||
|
ssh.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/ssh.c b/ssh.c
|
||||||
|
index 786e26d..e037c66 100644
|
||||||
|
--- a/ssh.c
|
||||||
|
+++ b/ssh.c
|
||||||
|
@@ -1115,6 +1115,8 @@ main(int ac, char **av)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Initialize "log" output. Since we are the client all output
|
||||||
|
* goes to stderr unless otherwise specified by -y or -E.
|
||||||
|
@@ -1545,7 +1547,6 @@ main(int ac, char **av)
|
||||||
|
options.num_system_hostfiles);
|
||||||
|
tilde_expand_paths(options.user_hostfiles, options.num_user_hostfiles);
|
||||||
|
|
||||||
|
- signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
|
||||||
|
signal(SIGCHLD, main_sigchld_handler);
|
||||||
|
|
||||||
|
/* Log into the remote system. Never returns if the login fails. */
|
||||||
|
--
|
||||||
|
2.45.2
|
||||||
|
|
||||||
@ -66,7 +66,7 @@
|
|||||||
|
|
||||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||||
%global openssh_ver 8.0p1
|
%global openssh_ver 8.0p1
|
||||||
%global openssh_rel 24
|
%global openssh_rel 25
|
||||||
%global pam_ssh_agent_ver 0.10.3
|
%global pam_ssh_agent_ver 0.10.3
|
||||||
%global pam_ssh_agent_rel 7
|
%global pam_ssh_agent_rel 7
|
||||||
|
|
||||||
@ -292,6 +292,8 @@ Patch1018: openssh-9.6p1-CVE-2023-48795.patch
|
|||||||
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
|
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
|
||||||
# SCP kill switch
|
# SCP kill switch
|
||||||
Patch1020: openssh-8.7p1-scp-kill-switch.patch
|
Patch1020: openssh-8.7p1-scp-kill-switch.patch
|
||||||
|
#upstream commit 96faa0de6c673a2ce84736eba37fc9fb723d9e5c
|
||||||
|
Patch1021: openssh-8.0p1-upstream-ignore-SIGPIPE.patch
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
@ -539,6 +541,7 @@ popd
|
|||||||
%patch1018 -p1 -b .cve-2023-48795
|
%patch1018 -p1 -b .cve-2023-48795
|
||||||
%patch1019 -p1 -b .cve-2023-51385
|
%patch1019 -p1 -b .cve-2023-51385
|
||||||
%patch1020 -p1 -b .scp-kill-switch
|
%patch1020 -p1 -b .scp-kill-switch
|
||||||
|
%patch1021 -p1 -b .ignore-SIGPIPE
|
||||||
|
|
||||||
autoreconf
|
autoreconf
|
||||||
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
||||||
@ -824,6 +827,10 @@ getent passwd sshd >/dev/null || \
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jun 25 2024 Stepan Broz <sbroz@redhat.com> - 8.0p1-25
|
||||||
|
- Upstream: Ignore SIGPIPE earlier in main()
|
||||||
|
Resolves: RHEL-37743
|
||||||
|
|
||||||
* Tue Feb 06 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-24
|
* Tue Feb 06 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-24
|
||||||
- Providing a kill switch for scp to deal with CVE-2020-15778
|
- Providing a kill switch for scp to deal with CVE-2020-15778
|
||||||
Resolves: RHEL-22870
|
Resolves: RHEL-22870
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user