Avoid sshd_config 256K limit

Resolves: RHEL-5279
This commit is contained in:
Dmitry Belyavskiy 2023-10-31 13:42:04 +01:00
parent ed9948fc28
commit c06e3e9d62
2 changed files with 18 additions and 0 deletions

View File

@ -0,0 +1,13 @@
diff --git a/msg.c b/msg.c
index 99c25cd2..574a566e 100644
--- a/msg.c
+++ b/msg.c
@@ -77,7 +77,7 @@ ssh_msg_recv(int fd, struct sshbuf *m)
return (-1);
}
msg_len = get_u32(buf);
- if (msg_len > 256 * 1024) {
+ if (msg_len > sshbuf_max_size(m)) {
error("ssh_msg_recv: read: bad msg_len %u", msg_len);
return (-1);
}

View File

@ -279,6 +279,8 @@ Patch986: openssh-9.1p1-sshbanner.patch
Patch987: openssh-8.0p1-ipv6-process.patch
# Upstream 4332b4fe49360679647a8705bc08f4e81323f6b4
Patch988: openssh-8.0p1-avoidkillall.patch
# Upstream 89b54900ac61986760452f132bbe3fb7249cfdac
Patch989: openssh-8.0p1-bigsshdconfig.patch
# upsream commit
# b23fe83f06ee7e721033769cfa03ae840476d280
Patch1015: openssh-9.3p1-upstream-cve-2023-38408.patch
@ -518,6 +520,7 @@ popd
%patch986 -p1 -b .banner
%patch987 -p1 -b .sftp_ipv6
%patch988 -p1 -b .killall
%patch989 -p1 -b .bigsshdconfig
%patch200 -p1 -b .audit
%patch201 -p1 -b .audit-race
@ -819,6 +822,8 @@ getent passwd sshd >/dev/null || \
Resolves: RHEL-5221
- Avoid killing all processes on system in case of race condition
Resolves: RHEL-11548
- Avoid sshd_config 256K limit
Resolves: RHEL-5279
* Thu Aug 24 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-19
- rebuilt