Update to version 0.9.4

Fixes CVE-2020-1730
This commit is contained in:
Anderson Toshiyuki Sasaki 2020-04-09 13:28:36 +02:00
parent 75bacb0234
commit 57b527a2bb
4 changed files with 29 additions and 51 deletions

View File

@ -0,0 +1,18 @@
--- a/tests/torture.c 2020-04-09 16:16:07.691894761 +0200
+++ b/tests/torture.c 2020-04-09 20:11:50.577962771 +0200
@@ -636,6 +636,15 @@
# else /* HAVE_DSA */
"HostKeyAlgorithms +ssh-rsa\n"
# endif /* HAVE_DSA */
+/* Add back algorithms removed from default in OpenSSH-8.2 due to SHA1
+ * deprecation*/
+# if (OPENSSH_VERSION_MAJOR == 8 && OPENSSH_VERSION_MINOR >= 2)
+ "KexAlgorithms +diffie-hellman-group14-sha1,"
+ "diffie-hellman-group-exchange-sha1,"
+ "diffie-hellman-group1-sha1\n"
+ "HostKeyAlgorithms +ssh-rsa\n"
+ "CASignatureAlgorithms +ssh-rsa\n"
+#endif
# if (OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6)
"Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc\n"
# else /* OPENSSH_VERSION 7.0 - 7.5 */

View File

@ -1,46 +0,0 @@
From b33dcda94d313913a877bc8db006ad02141bc695 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Wed, 11 Dec 2019 11:07:33 +0100
Subject: [PATCH] torture: Accept whole pid_t range
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit d2a32ca6d3c40483a6d10340d3e11da9259e1379)
---
tests/torture.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/tests/torture.c b/tests/torture.c
index 360fd02a..907f45b3 100644
--- a/tests/torture.c
+++ b/tests/torture.c
@@ -196,6 +196,7 @@ torture_read_pidfile(const char *pidfile)
{
char buf[8] = {0};
long int tmp;
+ pid_t ret;
ssize_t rc;
int fd;
@@ -213,11 +214,16 @@ torture_read_pidfile(const char *pidfile)
buf[sizeof(buf) - 1] = '\0';
tmp = strtol(buf, NULL, 10);
- if (tmp == 0 || tmp > 0xFFFF || errno == ERANGE) {
+ if (tmp == 0 || errno == ERANGE) {
+ return -1;
+ }
+ ret = (pid_t)tmp;
+ /* Check if we are out of pid_t range on this system */
+ if ((long)ret != tmp) {
return -1;
}
- return (pid_t)(tmp & 0xFFFF);
+ return ret;
}
int torture_terminate_process(const char *pidfile)
--
2.23.0

View File

@ -1,6 +1,6 @@
Name: libssh Name: libssh
Version: 0.9.3 Version: 0.9.4
Release: 2%{?dist} Release: 1%{?dist}
Summary: A library implementing the SSH protocol Summary: A library implementing the SSH protocol
License: LGPLv2+ License: LGPLv2+
URL: http://www.libssh.org URL: http://www.libssh.org
@ -11,7 +11,7 @@ Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC
Source3: libssh_client.config Source3: libssh_client.config
Source4: libssh_server.config Source4: libssh_server.config
Patch0: libssh-0.9.4-torture_fix_pid_range_check.patch Patch0: libssh-0.9.4-enable-sshd-sha1-algorithms.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: gcc-c++ BuildRequires: gcc-c++
@ -136,6 +136,14 @@ popd
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
%changelog %changelog
* Thu Apr 09 2020 Anderson Sasaki <ansasaki@redhat.com> - 0.9.4-1
- Update to version 0.9.4
https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
- Removed inclusion of OpenSSH server configuration file from
libssh_server.config
- Added patch to re-enable algorithms using sha1 in sshd for testing
- resolves: #1822529 - CVE-2020-1730
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.3-2 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

View File

@ -1,4 +1,2 @@
# Parse system-wide crypto configuration file # Parse system-wide crypto configuration file
Include /etc/crypto-policies/back-ends/libssh.config Include /etc/crypto-policies/back-ends/libssh.config
# Parse OpenSSH configuration file for consistency
Include /etc/ssh/sshd_config