Sync with c9
This commit is contained in:
parent
4a307908cd
commit
c4d40580f3
@ -1,16 +1,6 @@
|
|||||||
From c5e8a80082efd50234a26b5af28f437f4e54b6a3 Mon Sep 17 00:00:00 2001
|
diff -up openssh-8.7p1/log.c.xxx openssh-8.7p1/log.c
|
||||||
From: Andrew Lukoshko <alukoshko@almalinux.org>
|
--- openssh-8.7p1/log.c.xxx 2024-06-28 11:02:43.949912398 +0200
|
||||||
Date: Mon, 1 Jul 2024 13:53:00 +0000
|
+++ openssh-8.7p1/log.c 2024-06-28 11:02:58.652297885 +0200
|
||||||
Subject: [PATCH] Fix CVE-2024-6387
|
|
||||||
|
|
||||||
---
|
|
||||||
log.c | 2 ++
|
|
||||||
1 file changed, 2 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/log.c b/log.c
|
|
||||||
index a2f9c75..4f04713 100644
|
|
||||||
--- a/log.c
|
|
||||||
+++ b/log.c
|
|
||||||
@@ -455,12 +455,14 @@ void
|
@@ -455,12 +455,14 @@ void
|
||||||
sshsigdie(const char *file, const char *func, int line, int showfunc,
|
sshsigdie(const char *file, const char *func, int line, int showfunc,
|
||||||
LogLevel level, const char *suffix, const char *fmt, ...)
|
LogLevel level, const char *suffix, const char *fmt, ...)
|
||||||
@ -26,6 +16,3 @@ index a2f9c75..4f04713 100644
|
|||||||
_exit(1);
|
_exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
--
|
|
||||||
2.43.5
|
|
||||||
|
|
@ -54,7 +54,7 @@
|
|||||||
Summary: An open source implementation of SSH protocol version 2
|
Summary: An open source implementation of SSH protocol version 2
|
||||||
Name: openssh
|
Name: openssh
|
||||||
Version: %{openssh_ver}
|
Version: %{openssh_ver}
|
||||||
Release: %{openssh_rel}%{?dist}.alma.2
|
Release: %{openssh_rel}%{?dist}.1
|
||||||
URL: http://www.openssh.com/portable.html
|
URL: http://www.openssh.com/portable.html
|
||||||
#URL1: https://github.com/jbeverly/pam_ssh_agent_auth/
|
#URL1: https://github.com/jbeverly/pam_ssh_agent_auth/
|
||||||
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||||
@ -288,10 +288,7 @@ Patch1017: openssh-9.4p2-limit-delay.patch
|
|||||||
Patch1018: openssh-9.6p1-CVE-2023-48795.patch
|
Patch1018: openssh-9.6p1-CVE-2023-48795.patch
|
||||||
#upstream commit 7ef3787c84b6b524501211b11a26c742f829af1a
|
#upstream commit 7ef3787c84b6b524501211b11a26c742f829af1a
|
||||||
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
|
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
|
||||||
|
Patch1020: openssh-9.8p1-upstream-cve-2024-6387.patch
|
||||||
# fix CVE-2024-6387
|
|
||||||
# https://openwall.com/lists/oss-security/2024/07/01/3
|
|
||||||
Patch1020: openssh-8.7p1-CVE-2024-6387.patch
|
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
Requires: /sbin/nologin
|
Requires: /sbin/nologin
|
||||||
@ -366,7 +363,7 @@ Requires: openssh = %{version}-%{release}
|
|||||||
%package -n pam_ssh_agent_auth
|
%package -n pam_ssh_agent_auth
|
||||||
Summary: PAM module for authentication with ssh-agent
|
Summary: PAM module for authentication with ssh-agent
|
||||||
Version: %{pam_ssh_agent_ver}
|
Version: %{pam_ssh_agent_ver}
|
||||||
Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.alma.2
|
Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.1
|
||||||
License: BSD
|
License: BSD
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -515,7 +512,6 @@ popd
|
|||||||
%patch1017 -p1 -b .limitdelay
|
%patch1017 -p1 -b .limitdelay
|
||||||
%patch1018 -p1 -b .cve-2023-48795
|
%patch1018 -p1 -b .cve-2023-48795
|
||||||
%patch1019 -p1 -b .cve-2023-51385
|
%patch1019 -p1 -b .cve-2023-51385
|
||||||
|
|
||||||
%patch1020 -p1 -b .cve-2024-6387
|
%patch1020 -p1 -b .cve-2024-6387
|
||||||
|
|
||||||
autoreconf
|
autoreconf
|
||||||
@ -804,9 +800,9 @@ test -f %{sysconfig_anaconda} && \
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Jul 01 2024 Jonathan Wright <jonathan@almalinux.org> - 8.7p1-38.alma.2
|
* Fri Jun 28 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38.1
|
||||||
- Fix regreSSHion attack
|
- Possible remote code execution due to a race condition (CVE-2024-6387)
|
||||||
Resolves: CVE-2024-6387
|
Resolves: RHEL-45347
|
||||||
|
|
||||||
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
|
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
|
||||||
- Fix Terrapin attack
|
- Fix Terrapin attack
|
||||||
|
Loading…
Reference in New Issue
Block a user