Update to 0.10.5 (CVE-2023-1667 CVE-2023-2283)
Have libssh-devel require cmake-filesystem
This commit is contained in:
parent
26da1b5f58
commit
471d720f0c
2
.gitignore
vendored
2
.gitignore
vendored
@ -66,3 +66,5 @@ libssh-0.4.4.tar.gz.asc
|
|||||||
/libssh-0.10.3.tar.xz.asc
|
/libssh-0.10.3.tar.xz.asc
|
||||||
/libssh-0.10.4.tar.xz
|
/libssh-0.10.4.tar.xz
|
||||||
/libssh-0.10.4.tar.xz.asc
|
/libssh-0.10.4.tar.xz.asc
|
||||||
|
/libssh-0.10.5.tar.xz
|
||||||
|
/libssh-0.10.5.tar.xz.asc
|
||||||
|
13
libssh.spec
13
libssh.spec
@ -1,6 +1,6 @@
|
|||||||
Name: libssh
|
Name: libssh
|
||||||
Version: 0.10.4
|
Version: 0.10.5
|
||||||
Release: 4%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: A library implementing the SSH protocol
|
Summary: A library implementing the SSH protocol
|
||||||
License: LGPL-2.1-or-later
|
License: LGPL-2.1-or-later
|
||||||
URL: http://www.libssh.org
|
URL: http://www.libssh.org
|
||||||
@ -40,8 +40,6 @@ Provides: libssh_threads.so.4()(64bit)
|
|||||||
Provides: libssh_threads.so.4
|
Provides: libssh_threads.so.4
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
Patch1: pkcs11_test_fix.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
The ssh library was designed to be used by programmers needing a working SSH
|
The ssh library was designed to be used by programmers needing a working SSH
|
||||||
implementation by the mean of a library. The complete control of the client is
|
implementation by the mean of a library. The complete control of the client is
|
||||||
@ -53,6 +51,7 @@ third-party programs others than libcrypto (from openssl).
|
|||||||
%package devel
|
%package devel
|
||||||
Summary: Development files for %{name}
|
Summary: Development files for %{name}
|
||||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||||
|
Requires: cmake-filesystem
|
||||||
|
|
||||||
%description devel
|
%description devel
|
||||||
The %{name}-devel package contains libraries and header files for developing
|
The %{name}-devel package contains libraries and header files for developing
|
||||||
@ -120,8 +119,6 @@ popd
|
|||||||
|
|
||||||
%files devel
|
%files devel
|
||||||
%{_includedir}/libssh/
|
%{_includedir}/libssh/
|
||||||
# own this to avoid dep on cmake -- rex
|
|
||||||
%dir %{_libdir}/cmake/
|
|
||||||
%{_libdir}/cmake/libssh/
|
%{_libdir}/cmake/libssh/
|
||||||
%{_libdir}/pkgconfig/libssh.pc
|
%{_libdir}/pkgconfig/libssh.pc
|
||||||
%{_libdir}/libssh.so
|
%{_libdir}/libssh.so
|
||||||
@ -133,6 +130,10 @@ popd
|
|||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri May 05 2023 Orion Poplawski <orion@nwra.com> - 0.10.5-1
|
||||||
|
- Update to 0.10.5 (CVE-2023-1667 CVE-2023-2283)
|
||||||
|
- Have libssh-devel require cmake-filesystem
|
||||||
|
|
||||||
* Sun Mar 05 2023 Andreas Schneider <asn@redhat.com> - 0.10.4-4
|
* Sun Mar 05 2023 Andreas Schneider <asn@redhat.com> - 0.10.4-4
|
||||||
- Update License to SPDX expression
|
- Update License to SPDX expression
|
||||||
|
|
||||||
|
@ -1,98 +0,0 @@
|
|||||||
diff --git a/tests/pkcs11/setup-softhsm-tokens.sh b/tests/pkcs11/setup-softhsm-tokens.sh
|
|
||||||
index 532c86a7..9050cea6 100755
|
|
||||||
--- a/tests/pkcs11/setup-softhsm-tokens.sh
|
|
||||||
+++ b/tests/pkcs11/setup-softhsm-tokens.sh
|
|
||||||
@@ -17,10 +17,10 @@ echo "OBJNAME: $OBJNAME"
|
|
||||||
echo "LOADPUBLIC: $LOADPUBLIC"
|
|
||||||
|
|
||||||
# Create temporary directory for tokens
|
|
||||||
-install -d -m 0755 $TESTDIR/db
|
|
||||||
+install -d -m 0755 "$TESTDIR/db"
|
|
||||||
|
|
||||||
# Create SoftHSM configuration file
|
|
||||||
-cat >$TESTDIR/softhsm.conf <<EOF
|
|
||||||
+cat >"$TESTDIR/softhsm.conf" <<EOF
|
|
||||||
directories.tokendir = $TESTDIR/db
|
|
||||||
objectstore.backend = file
|
|
||||||
log.level = DEBUG
|
|
||||||
@@ -28,12 +28,12 @@ EOF
|
|
||||||
|
|
||||||
export SOFTHSM2_CONF=$TESTDIR/softhsm.conf
|
|
||||||
|
|
||||||
-cat $TESTDIR/softhsm.conf
|
|
||||||
+cat "$TESTDIR/softhsm.conf"
|
|
||||||
|
|
||||||
#init
|
|
||||||
-cmd='softhsm2-util --init-token --label "$OBJNAME" --free --pin 1234 --so-pin 1234'
|
|
||||||
+cmd="softhsm2-util --init-token --label $OBJNAME --free --pin 1234 --so-pin 1234"
|
|
||||||
eval echo "$cmd"
|
|
||||||
-out=$(eval $cmd)
|
|
||||||
+out=$(eval "$cmd")
|
|
||||||
ret=$?
|
|
||||||
if [ $ret -ne 0 ]; then
|
|
||||||
echo "Init token failed"
|
|
||||||
@@ -41,10 +41,29 @@ if [ $ret -ne 0 ]; then
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
+find_library_path() {
|
|
||||||
+ echo "$@"
|
|
||||||
+ for _lib in "$@" ; do
|
|
||||||
+ if test -f "$_lib" ; then
|
|
||||||
+ LIBSOFTHSM_PATH="$_lib"
|
|
||||||
+ echo "Using libsofthsm path: $LIBSOFTHSM_PATH"
|
|
||||||
+ return
|
|
||||||
+ fi
|
|
||||||
+ done
|
|
||||||
+ echo "libsofthsm2.so not found"
|
|
||||||
+ exit 1
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+find_library_path \
|
|
||||||
+ /usr/lib64/libsofthsm2.so \
|
|
||||||
+ /usr/lib/libsofthsm2.so \
|
|
||||||
+ /usr/local/lib/softhsm/libsofthsm2.so \
|
|
||||||
+ /usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so
|
|
||||||
+
|
|
||||||
#load private key
|
|
||||||
-cmd='p11tool --provider /usr/lib64/pkcs11/libsofthsm2.so --write --load-privkey "$PRIVKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""'
|
|
||||||
+cmd="p11tool --provider $LIBSOFTHSM_PATH --write --load-privkey $PRIVKEY --label $OBJNAME --login --set-pin=1234 \"pkcs11:token=$OBJNAME\""
|
|
||||||
eval echo "$cmd"
|
|
||||||
-out=$(eval $cmd)
|
|
||||||
+out=$(eval "$cmd")
|
|
||||||
ret=$?
|
|
||||||
if [ $ret -ne 0 ]; then
|
|
||||||
echo "Loading privkey failed"
|
|
||||||
@@ -52,15 +71,15 @@ if [ $ret -ne 0 ]; then
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
-cat $PUBKEY
|
|
||||||
+cat "$PUBKEY"
|
|
||||||
|
|
||||||
-ls -l $TESTDIR
|
|
||||||
+ls -l "$TESTDIR"
|
|
||||||
|
|
||||||
-if [ $LOADPUBLIC -ne 0 ]; then
|
|
||||||
+if [ "$LOADPUBLIC" -ne 0 ]; then
|
|
||||||
#load public key
|
|
||||||
- cmd='p11tool --provider /usr/lib64/pkcs11/libsofthsm2.so --write --load-pubkey "$PUBKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""'
|
|
||||||
+ cmd="p11tool --provider $LIBSOFTHSM_PATH --write --load-pubkey $PUBKEY --label $OBJNAME --login --set-pin=1234 \"pkcs11:token=$OBJNAME\""
|
|
||||||
eval echo "$cmd"
|
|
||||||
- out=$(eval $cmd)
|
|
||||||
+ out=$(eval "$cmd")
|
|
||||||
ret=$?
|
|
||||||
if [ $ret -ne 0 ]; then
|
|
||||||
echo "Loading pubkey failed"
|
|
||||||
@@ -69,9 +88,9 @@ if [ $LOADPUBLIC -ne 0 ]; then
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
-cmd='p11tool --list-all --login "pkcs11:token="$OBJNAME"" --set-pin=1234'
|
|
||||||
+cmd="p11tool --list-all --login \"pkcs11:token=$OBJNAME\" --set-pin=1234"
|
|
||||||
eval echo "$cmd"
|
|
||||||
-out=$(eval $cmd)
|
|
||||||
+out=$(eval "$cmd")
|
|
||||||
ret=$?
|
|
||||||
if [ $ret -ne 0 ]; then
|
|
||||||
echo "Loging failed"
|
|
4
sources
4
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (libssh-0.10.4.tar.xz) = 01ee52d480201d9886c15e81137c185334b404d1c8e8b743ddf58e95fe8619c8c013616a49807bd1111fde72fa177cd35f3c22b66cbf5d720b5abfacdf7601ed
|
SHA512 (libssh-0.10.5.tar.xz) = 2b758f9df2b5937865d4aee775ffeafafe3ae6739a89dfc470e38c7394e3c3cb5fcf8f842fdae04929890ee7e47bf8f50e3a38e82dfd26a009f3aae009d589e0
|
||||||
SHA512 (libssh-0.10.4.tar.xz.asc) = 8200215d6471851dac8cd8efd07400b9bc4403cf5406a9fdb28a68ef8fe85c227f92a26071fb32d9396b91661568333b5ceb9b23665d22e761b981dd880bbbc8
|
SHA512 (libssh-0.10.5.tar.xz.asc) = aad5e75d0a5b2e93c6de08f2b6953f05dbef47e14a08eb75c57d3f519a8323064454ba5fbc86b3538489f571a5e446ed942f2b1cea2063c8645ef36815dd2511
|
||||||
|
Loading…
Reference in New Issue
Block a user