import CS libssh-0.10.4-11.el9
This commit is contained in:
parent
971b70a71b
commit
436ae8d33a
82
SOURCES/auth_bypass.patch
Normal file
82
SOURCES/auth_bypass.patch
Normal file
@ -0,0 +1,82 @@
|
|||||||
|
diff --color -ru ../libssh-0.10.4/src/pki_crypto.c ./src/pki_crypto.c
|
||||||
|
--- ../libssh-0.10.4/src/pki_crypto.c 2023-04-27 13:24:03.105744519 +0200
|
||||||
|
+++ ./src/pki_crypto.c 2023-04-27 13:30:24.016756496 +0200
|
||||||
|
@@ -3186,8 +3186,12 @@
|
||||||
|
unsigned char *raw_sig_data = NULL;
|
||||||
|
unsigned int raw_sig_len;
|
||||||
|
|
||||||
|
+ /* Function return code
|
||||||
|
+ * Do not change this variable throughout the function until the signature
|
||||||
|
+ * is successfully verified!
|
||||||
|
+ */
|
||||||
|
int rc = SSH_ERROR;
|
||||||
|
- int evp_rc;
|
||||||
|
+ int ok;
|
||||||
|
|
||||||
|
if (pubkey == NULL || ssh_key_is_private(pubkey) || input == NULL ||
|
||||||
|
signature == NULL || (signature->raw_sig == NULL
|
||||||
|
@@ -3202,8 +3206,8 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Check if public key and hash type are compatible */
|
||||||
|
- rc = pki_key_check_hash_compatible(pubkey, signature->hash_type);
|
||||||
|
- if (rc != SSH_OK) {
|
||||||
|
+ ok = pki_key_check_hash_compatible(pubkey, signature->hash_type);
|
||||||
|
+ if (ok != SSH_OK) {
|
||||||
|
return SSH_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -3248,8 +3252,8 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Verify the signature */
|
||||||
|
- evp_rc = EVP_DigestVerifyInit(ctx, NULL, md, NULL, pkey);
|
||||||
|
- if (evp_rc != 1){
|
||||||
|
+ ok = EVP_DigestVerifyInit(ctx, NULL, md, NULL, pkey);
|
||||||
|
+ if (ok != 1){
|
||||||
|
SSH_LOG(SSH_LOG_TRACE,
|
||||||
|
"EVP_DigestVerifyInit() failed: %s",
|
||||||
|
ERR_error_string(ERR_get_error(), NULL));
|
||||||
|
@@ -3257,32 +3261,30 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef HAVE_OPENSSL_EVP_DIGESTVERIFY
|
||||||
|
- evp_rc = EVP_DigestVerify(ctx, raw_sig_data, raw_sig_len, input, input_len);
|
||||||
|
+ ok = EVP_DigestVerify(ctx, raw_sig_data, raw_sig_len, input, input_len);
|
||||||
|
#else
|
||||||
|
- evp_rc = EVP_DigestVerifyUpdate(ctx, input, input_len);
|
||||||
|
- if (evp_rc != 1) {
|
||||||
|
+ ok = EVP_DigestVerifyUpdate(ctx, input, input_len);
|
||||||
|
+ if (ok != 1) {
|
||||||
|
SSH_LOG(SSH_LOG_TRACE,
|
||||||
|
"EVP_DigestVerifyUpdate() failed: %s",
|
||||||
|
ERR_error_string(ERR_get_error(), NULL));
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
- evp_rc = EVP_DigestVerifyFinal(ctx, raw_sig_data, raw_sig_len);
|
||||||
|
+ ok = EVP_DigestVerifyFinal(ctx, raw_sig_data, raw_sig_len);
|
||||||
|
#endif
|
||||||
|
- if (evp_rc == 1) {
|
||||||
|
- SSH_LOG(SSH_LOG_TRACE, "Signature valid");
|
||||||
|
- rc = SSH_OK;
|
||||||
|
- } else {
|
||||||
|
+ if (ok != 1) {
|
||||||
|
SSH_LOG(SSH_LOG_TRACE,
|
||||||
|
"Signature invalid: %s",
|
||||||
|
ERR_error_string(ERR_get_error(), NULL));
|
||||||
|
- rc = SSH_ERROR;
|
||||||
|
+ goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ SSH_LOG(SSH_LOG_TRACE, "Signature valid");
|
||||||
|
+ rc = SSH_OK;
|
||||||
|
+
|
||||||
|
out:
|
||||||
|
- if (ctx != NULL) {
|
||||||
|
- EVP_MD_CTX_free(ctx);
|
||||||
|
- }
|
||||||
|
+ EVP_MD_CTX_free(ctx);
|
||||||
|
EVP_PKEY_free(pkey);
|
||||||
|
return rc;
|
||||||
|
}
|
228
SOURCES/covscan23.patch
Normal file
228
SOURCES/covscan23.patch
Normal file
@ -0,0 +1,228 @@
|
|||||||
|
diff --color -ru ../libssh-0.10.4/src/buffer.c ./src/buffer.c
|
||||||
|
--- ../libssh-0.10.4/src/buffer.c 2023-05-03 12:22:40.304114511 +0200
|
||||||
|
+++ ./src/buffer.c 2023-05-03 12:24:11.578110236 +0200
|
||||||
|
@@ -747,7 +747,8 @@
|
||||||
|
*/
|
||||||
|
int ssh_buffer_validate_length(struct ssh_buffer_struct *buffer, size_t len)
|
||||||
|
{
|
||||||
|
- if (buffer->pos + len < len || buffer->pos + len > buffer->used) {
|
||||||
|
+ if (buffer == NULL || buffer->pos + len < len ||
|
||||||
|
+ buffer->pos + len > buffer->used) {
|
||||||
|
return SSH_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --color -ru ../libssh-0.10.4/src/gssapi.c ./src/gssapi.c
|
||||||
|
--- ../libssh-0.10.4/src/gssapi.c 2023-05-03 12:22:40.356115078 +0200
|
||||||
|
+++ ./src/gssapi.c 2023-05-03 12:24:11.566110105 +0200
|
||||||
|
@@ -444,11 +444,18 @@
|
||||||
|
hexa = ssh_get_hexa(output_token.value, output_token.length);
|
||||||
|
SSH_LOG(SSH_LOG_PACKET, "GSSAPI: sending token %s",hexa);
|
||||||
|
SAFE_FREE(hexa);
|
||||||
|
- ssh_buffer_pack(session->out_buffer,
|
||||||
|
- "bdP",
|
||||||
|
- SSH2_MSG_USERAUTH_GSSAPI_TOKEN,
|
||||||
|
- output_token.length,
|
||||||
|
- (size_t)output_token.length, output_token.value);
|
||||||
|
+ rc = ssh_buffer_pack(session->out_buffer,
|
||||||
|
+ "bdP",
|
||||||
|
+ SSH2_MSG_USERAUTH_GSSAPI_TOKEN,
|
||||||
|
+ output_token.length,
|
||||||
|
+ (size_t)output_token.length, output_token.value);
|
||||||
|
+ if (rc != SSH_OK) {
|
||||||
|
+ ssh_set_error_oom(session);
|
||||||
|
+ ssh_auth_reply_default(session, 0);
|
||||||
|
+ ssh_gssapi_free(session);
|
||||||
|
+ session->gssapi = NULL;
|
||||||
|
+ return SSH_PACKET_USED;
|
||||||
|
+ }
|
||||||
|
ssh_packet_send(session);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -857,6 +864,7 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
|
||||||
|
+ int rc;
|
||||||
|
ssh_string oid_s;
|
||||||
|
gss_uint32 maj_stat, min_stat;
|
||||||
|
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
|
||||||
|
@@ -908,11 +916,15 @@
|
||||||
|
hexa = ssh_get_hexa(output_token.value, output_token.length);
|
||||||
|
SSH_LOG(SSH_LOG_PACKET, "GSSAPI: sending token %s", hexa);
|
||||||
|
SAFE_FREE(hexa);
|
||||||
|
- ssh_buffer_pack(session->out_buffer,
|
||||||
|
- "bdP",
|
||||||
|
- SSH2_MSG_USERAUTH_GSSAPI_TOKEN,
|
||||||
|
- output_token.length,
|
||||||
|
- (size_t)output_token.length, output_token.value);
|
||||||
|
+ rc = ssh_buffer_pack(session->out_buffer,
|
||||||
|
+ "bdP",
|
||||||
|
+ SSH2_MSG_USERAUTH_GSSAPI_TOKEN,
|
||||||
|
+ output_token.length,
|
||||||
|
+ (size_t)output_token.length, output_token.value);
|
||||||
|
+ if (rc != SSH_OK) {
|
||||||
|
+ ssh_set_error_oom(session);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
ssh_packet_send(session);
|
||||||
|
session->auth.state = SSH_AUTH_STATE_GSSAPI_TOKEN;
|
||||||
|
}
|
||||||
|
@@ -975,6 +987,7 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
|
||||||
|
+ int rc;
|
||||||
|
ssh_string token;
|
||||||
|
char *hexa;
|
||||||
|
OM_uint32 maj_stat, min_stat;
|
||||||
|
@@ -1027,11 +1040,15 @@
|
||||||
|
hexa = ssh_get_hexa(output_token.value, output_token.length);
|
||||||
|
SSH_LOG(SSH_LOG_PACKET, "GSSAPI: sending token %s",hexa);
|
||||||
|
SAFE_FREE(hexa);
|
||||||
|
- ssh_buffer_pack(session->out_buffer,
|
||||||
|
- "bdP",
|
||||||
|
- SSH2_MSG_USERAUTH_GSSAPI_TOKEN,
|
||||||
|
- output_token.length,
|
||||||
|
- (size_t)output_token.length, output_token.value);
|
||||||
|
+ rc = ssh_buffer_pack(session->out_buffer,
|
||||||
|
+ "bdP",
|
||||||
|
+ SSH2_MSG_USERAUTH_GSSAPI_TOKEN,
|
||||||
|
+ output_token.length,
|
||||||
|
+ (size_t)output_token.length, output_token.value);
|
||||||
|
+ if (rc != SSH_OK) {
|
||||||
|
+ ssh_set_error_oom(session);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
ssh_packet_send(session);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --color -ru ../libssh-0.10.4/src/options.c ./src/options.c
|
||||||
|
--- ../libssh-0.10.4/src/options.c 2023-05-03 12:22:40.342114926 +0200
|
||||||
|
+++ ./src/options.c 2023-05-03 12:24:11.582110280 +0200
|
||||||
|
@@ -614,7 +614,9 @@
|
||||||
|
}
|
||||||
|
i = strtol(q, &p, 10);
|
||||||
|
if (q == p) {
|
||||||
|
+ SSH_LOG(SSH_LOG_DEBUG, "No port number was parsed");
|
||||||
|
SAFE_FREE(q);
|
||||||
|
+ return -1;
|
||||||
|
}
|
||||||
|
SAFE_FREE(q);
|
||||||
|
if (i <= 0) {
|
||||||
|
@@ -816,7 +818,9 @@
|
||||||
|
}
|
||||||
|
i = strtol(q, &p, 10);
|
||||||
|
if (q == p) {
|
||||||
|
+ SSH_LOG(SSH_LOG_DEBUG, "No log verbositiy was parsed");
|
||||||
|
SAFE_FREE(q);
|
||||||
|
+ return -1;
|
||||||
|
}
|
||||||
|
SAFE_FREE(q);
|
||||||
|
if (i < 0) {
|
||||||
|
@@ -2035,7 +2039,9 @@
|
||||||
|
}
|
||||||
|
i = strtol(q, &p, 10);
|
||||||
|
if (q == p) {
|
||||||
|
- SAFE_FREE(q);
|
||||||
|
+ SSH_LOG(SSH_LOG_DEBUG, "No bind port was parsed");
|
||||||
|
+ SAFE_FREE(q);
|
||||||
|
+ return -1;
|
||||||
|
}
|
||||||
|
SAFE_FREE(q);
|
||||||
|
|
||||||
|
@@ -2062,7 +2068,9 @@
|
||||||
|
}
|
||||||
|
i = strtol(q, &p, 10);
|
||||||
|
if (q == p) {
|
||||||
|
- SAFE_FREE(q);
|
||||||
|
+ SSH_LOG(SSH_LOG_DEBUG, "No log verbositiy was parsed");
|
||||||
|
+ SAFE_FREE(q);
|
||||||
|
+ return -1;
|
||||||
|
}
|
||||||
|
SAFE_FREE(q);
|
||||||
|
|
||||||
|
diff --color -ru ../libssh-0.10.4/src/pki_container_openssh.c ./src/pki_container_openssh.c
|
||||||
|
--- ../libssh-0.10.4/src/pki_container_openssh.c 2023-05-03 12:22:40.314114620 +0200
|
||||||
|
+++ ./src/pki_container_openssh.c 2023-05-03 12:24:11.566110105 +0200
|
||||||
|
@@ -630,7 +630,11 @@
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
- ssh_buffer_pack(kdf_buf, "Sd", salt, rounds);
|
||||||
|
+ rc = ssh_buffer_pack(kdf_buf, "Sd", salt, rounds);
|
||||||
|
+ if (rc != SSH_OK) {
|
||||||
|
+ SSH_BUFFER_FREE(kdf_buf);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
kdf_options = ssh_string_new(ssh_buffer_get_len(kdf_buf));
|
||||||
|
if (kdf_options == NULL){
|
||||||
|
SSH_BUFFER_FREE(kdf_buf);
|
||||||
|
diff --color -ru ../libssh-0.10.4/tests/unittests/torture_options.c ./tests/unittests/torture_options.c
|
||||||
|
--- ../libssh-0.10.4/tests/unittests/torture_options.c 2023-05-03 12:22:40.343114937 +0200
|
||||||
|
+++ ./tests/unittests/torture_options.c 2023-05-03 12:24:11.587110335 +0200
|
||||||
|
@@ -319,6 +319,7 @@
|
||||||
|
|
||||||
|
rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "five");
|
||||||
|
assert_true(rc == -1);
|
||||||
|
+ assert_int_not_equal(session->opts.port, 0);
|
||||||
|
|
||||||
|
rc = ssh_options_set(session, SSH_OPTIONS_PORT, NULL);
|
||||||
|
assert_true(rc == -1);
|
||||||
|
@@ -1496,6 +1497,26 @@
|
||||||
|
ssh_list_free(awaited_list);
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void torture_options_set_verbosity (void **state)
|
||||||
|
+{
|
||||||
|
+ ssh_session session = *state;
|
||||||
|
+ int rc, new_level;
|
||||||
|
+
|
||||||
|
+ rc = ssh_options_set(session,
|
||||||
|
+ SSH_OPTIONS_LOG_VERBOSITY_STR,
|
||||||
|
+ "3");
|
||||||
|
+ assert_int_equal(rc, SSH_OK);
|
||||||
|
+ new_level = ssh_get_log_level();
|
||||||
|
+ assert_int_equal(new_level, SSH_LOG_PACKET);
|
||||||
|
+
|
||||||
|
+ rc = ssh_options_set(session,
|
||||||
|
+ SSH_OPTIONS_LOG_VERBOSITY_STR,
|
||||||
|
+ "datsun");
|
||||||
|
+ assert_int_equal(rc, -1);
|
||||||
|
+ new_level = ssh_get_log_level();
|
||||||
|
+ assert_int_not_equal(new_level, 0);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
#ifdef WITH_SERVER
|
||||||
|
const char template[] = "temp_dir_XXXXXX";
|
||||||
|
|
||||||
|
@@ -1750,6 +1771,10 @@
|
||||||
|
rc = ssh_bind_options_set(bind, SSH_BIND_OPTIONS_BINDPORT_STR, "23");
|
||||||
|
assert_int_equal(rc, 0);
|
||||||
|
assert_int_equal(bind->bindport, 23);
|
||||||
|
+
|
||||||
|
+ rc = ssh_bind_options_set(bind, SSH_BIND_OPTIONS_BINDPORT_STR, "twentythree");
|
||||||
|
+ assert_int_equal(rc, -1);
|
||||||
|
+ assert_int_not_equal(bind->bindport, 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void torture_bind_options_log_verbosity(void **state)
|
||||||
|
@@ -1799,6 +1824,11 @@
|
||||||
|
new_level = ssh_get_log_level();
|
||||||
|
assert_int_equal(new_level, SSH_LOG_PACKET);
|
||||||
|
|
||||||
|
+ rc = ssh_bind_options_set(bind, SSH_BIND_OPTIONS_LOG_VERBOSITY_STR, "verbosity");
|
||||||
|
+ assert_int_equal(rc, -1);
|
||||||
|
+ new_level = ssh_get_log_level();
|
||||||
|
+ assert_int_not_equal(new_level, 0);
|
||||||
|
+
|
||||||
|
rc = ssh_set_log_level(previous_level);
|
||||||
|
assert_int_equal(rc, SSH_OK);
|
||||||
|
}
|
||||||
|
@@ -2297,6 +2327,7 @@
|
||||||
|
cmocka_unit_test_setup_teardown(torture_options_caret_sign,
|
||||||
|
setup, teardown),
|
||||||
|
cmocka_unit_test_setup_teardown(torture_options_apply, setup, teardown),
|
||||||
|
+ cmocka_unit_test_setup_teardown(torture_options_set_verbosity, setup, teardown),
|
||||||
|
};
|
||||||
|
|
||||||
|
#ifdef WITH_SERVER
|
57
SOURCES/covscan23_1.patch
Normal file
57
SOURCES/covscan23_1.patch
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
File ../libssh-0.10.4/.git is a regular file while file ./.git is a directory
|
||||||
|
diff --color -ru ../libssh-0.10.4/src/sftp.c ./src/sftp.c
|
||||||
|
--- ../libssh-0.10.4/src/sftp.c 2023-05-22 12:45:48.383509085 +0200
|
||||||
|
+++ ./src/sftp.c 2023-05-22 12:54:31.004037650 +0200
|
||||||
|
@@ -1755,6 +1755,10 @@
|
||||||
|
int sftp_close(sftp_file file){
|
||||||
|
int err = SSH_NO_ERROR;
|
||||||
|
|
||||||
|
+ if (file == NULL) {
|
||||||
|
+ return err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
SAFE_FREE(file->name);
|
||||||
|
if (file->handle){
|
||||||
|
err = sftp_handle_close(file->sftp,file->handle);
|
||||||
|
@@ -1917,7 +1921,7 @@
|
||||||
|
|
||||||
|
/* Read from a file using an opened sftp file handle. */
|
||||||
|
ssize_t sftp_read(sftp_file handle, void *buf, size_t count) {
|
||||||
|
- sftp_session sftp = handle->sftp;
|
||||||
|
+ sftp_session sftp;
|
||||||
|
sftp_message msg = NULL;
|
||||||
|
sftp_status_message status;
|
||||||
|
ssh_string datastring;
|
||||||
|
@@ -1926,6 +1930,11 @@
|
||||||
|
uint32_t id;
|
||||||
|
int rc;
|
||||||
|
|
||||||
|
+ if (handle == NULL) {
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+ sftp = handle->sftp;
|
||||||
|
+
|
||||||
|
if (handle->eof) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
@@ -2147,7 +2156,7 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
ssize_t sftp_write(sftp_file file, const void *buf, size_t count) {
|
||||||
|
- sftp_session sftp = file->sftp;
|
||||||
|
+ sftp_session sftp;
|
||||||
|
sftp_message msg = NULL;
|
||||||
|
sftp_status_message status;
|
||||||
|
ssh_buffer buffer;
|
||||||
|
@@ -2156,6 +2165,11 @@
|
||||||
|
size_t packetlen;
|
||||||
|
int rc;
|
||||||
|
|
||||||
|
+ if (file == NULL) {
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+ sftp = file->sftp;
|
||||||
|
+
|
||||||
|
buffer = ssh_buffer_new();
|
||||||
|
if (buffer == NULL) {
|
||||||
|
ssh_set_error_oom(sftp->session);
|
1861
SOURCES/null_dereference_rekey.patch
Normal file
1861
SOURCES/null_dereference_rekey.patch
Normal file
File diff suppressed because it is too large
Load Diff
21
SOURCES/rekey_test_fixup.patch
Normal file
21
SOURCES/rekey_test_fixup.patch
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
diff --color -ru ../libssh-0.10.4/tests/client/torture_rekey.c ./tests/client/torture_rekey.c
|
||||||
|
--- ../libssh-0.10.4/tests/client/torture_rekey.c 2023-05-17 10:55:23.384684129 +0200
|
||||||
|
+++ ./tests/client/torture_rekey.c 2023-05-17 10:56:29.819334665 +0200
|
||||||
|
@@ -504,7 +504,7 @@
|
||||||
|
memset(data, 'A', 128);
|
||||||
|
for (i = 0; i < KEX_RETRY; i++) {
|
||||||
|
ssh_send_ignore(s->ssh.session, data);
|
||||||
|
- ssh_handle_packets(s->ssh.session, 100);
|
||||||
|
+ ssh_handle_packets(s->ssh.session, 1000);
|
||||||
|
|
||||||
|
c = s->ssh.session->current_crypto;
|
||||||
|
/* SHA256 len */
|
||||||
|
@@ -582,7 +582,7 @@
|
||||||
|
memset(data, 'A', 128);
|
||||||
|
for (i = 0; i < KEX_RETRY; i++) {
|
||||||
|
ssh_send_ignore(s->ssh.session, data);
|
||||||
|
- ssh_handle_packets(s->ssh.session, 100);
|
||||||
|
+ ssh_handle_packets(s->ssh.session, 1000);
|
||||||
|
|
||||||
|
c = s->ssh.session->current_crypto;
|
||||||
|
/* SHA256 len */
|
@ -1,6 +1,6 @@
|
|||||||
Name: libssh
|
Name: libssh
|
||||||
Version: 0.10.4
|
Version: 0.10.4
|
||||||
Release: 8%{?dist}
|
Release: 11%{?dist}
|
||||||
Summary: A library implementing the SSH protocol
|
Summary: A library implementing the SSH protocol
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
URL: http://www.libssh.org
|
URL: http://www.libssh.org
|
||||||
@ -46,6 +46,11 @@ Patch4: plus_sign.patch
|
|||||||
Patch5: memory_leak.patch
|
Patch5: memory_leak.patch
|
||||||
Patch6: options_apply.patch
|
Patch6: options_apply.patch
|
||||||
Patch7: enable_sk_keys_by_config.patch
|
Patch7: enable_sk_keys_by_config.patch
|
||||||
|
Patch8: null_dereference_rekey.patch
|
||||||
|
Patch9: auth_bypass.patch
|
||||||
|
Patch10: covscan23.patch
|
||||||
|
Patch11: rekey_test_fixup.patch
|
||||||
|
Patch12: covscan23_1.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
The ssh library was designed to be used by programmers needing a working SSH
|
The ssh library was designed to be used by programmers needing a working SSH
|
||||||
@ -138,6 +143,19 @@ popd
|
|||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jun 21 2023 Norbert Pocs <npocs@redhat.com> - 0.10.4-11
|
||||||
|
- Fix loglevel regression
|
||||||
|
- Related: rhbz#2182252, rhbz#2189740
|
||||||
|
|
||||||
|
* Mon May 22 2023 Norbert Pocs <npocs@redhat.com> - 0.10.4.10
|
||||||
|
- Fix null dereference issues found by covscan
|
||||||
|
- Related: rhbz#2182252, rhbz#2189740
|
||||||
|
|
||||||
|
* Wed May 10 2023 Norbert Pocs <npocs@redhat.com> - 0.10.4-9
|
||||||
|
- Fix CVE-2023-1667 and CVE-2023-2283
|
||||||
|
- Fix issues found by cosvcan
|
||||||
|
- Resolves: rhbz#2182252, rhbz#2189740
|
||||||
|
|
||||||
* Mon Jan 23 2023 Stanislav Zidek <szidek@redhat.com> - 0.10.4-8
|
* Mon Jan 23 2023 Stanislav Zidek <szidek@redhat.com> - 0.10.4-8
|
||||||
+ libssh-0.10.4-8
|
+ libssh-0.10.4-8
|
||||||
- Extended CI to run internal tests in RHEL
|
- Extended CI to run internal tests in RHEL
|
||||||
|
Loading…
Reference in New Issue
Block a user