Upstream fix for CVE-2021-41617
Resolves: rhbz#2008292
This commit is contained in:
Dmitry Belyavskiy
parent
72aea69dd8
commit
c5e4c28ae1
31
openssh-8.7p1-upstream-cve-2021-41617.patch
Normal file
31
openssh-8.7p1-upstream-cve-2021-41617.patch
Normal file
@ -0,0 +1,31 @@
|
||||
diff --git a/misc.c b/misc.c
|
||||
index b8d1040d..0134d694 100644
|
||||
--- a/misc.c
|
||||
+++ b/misc.c
|
||||
@@ -1,4 +1,4 @@
|
||||
-/* $OpenBSD: misc.c,v 1.169 2021/08/09 23:47:44 djm Exp $ */
|
||||
+/* $OpenBSD: misc.c,v 1.170 2021/09/26 14:01:03 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
* Copyright (c) 2005-2020 Damien Miller. All rights reserved.
|
||||
@@ -56,6 +56,7 @@
|
||||
#ifdef HAVE_PATHS_H
|
||||
# include <paths.h>
|
||||
#include <pwd.h>
|
||||
+#include <grp.h>
|
||||
#endif
|
||||
#ifdef SSH_TUN_OPENBSD
|
||||
#include <net/if.h>
|
||||
@@ -2695,6 +2696,12 @@ subprocess(const char *tag, const char *command,
|
||||
}
|
||||
closefrom(STDERR_FILENO + 1);
|
||||
|
||||
+ if (geteuid() == 0 &&
|
||||
+ initgroups(pw->pw_name, pw->pw_gid) == -1) {
|
||||
+ error("%s: initgroups(%s, %u): %s", tag,
|
||||
+ pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
|
||||
+ _exit(1);
|
||||
+ }
|
||||
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
|
||||
error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
|
||||
strerror(errno));
|
||||
@ -51,7 +51,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.7p1
|
||||
%global openssh_rel 2
|
||||
%global openssh_rel 3
|
||||
%global pam_ssh_agent_ver 0.10.4
|
||||
%global pam_ssh_agent_rel 4
|
||||
|
||||
@ -197,6 +197,8 @@ Patch975: openssh-8.0p1-preserve-pam-errors.patch
|
||||
Patch976: openssh-8.7p1-sftp-default-protocol.patch
|
||||
# Implement kill switch for SCP protocol
|
||||
Patch977: openssh-8.7p1-scp-kill-switch.patch
|
||||
# CVE-2021-41617
|
||||
Patch978: openssh-8.7p1-upstream-cve-2021-41617.patch
|
||||
|
||||
License: BSD
|
||||
Requires: /sbin/nologin
|
||||
@ -375,6 +377,7 @@ popd
|
||||
%patch975 -p1 -b .preserve-pam-errors
|
||||
%patch976 -p1 -b .sftp-by-default
|
||||
%patch977 -p1 -b .kill-scp
|
||||
%patch978 -p1 -b .cve-2021-41617
|
||||
|
||||
%patch200 -p1 -b .audit
|
||||
%patch201 -p1 -b .audit-race
|
||||
@ -660,6 +663,9 @@ test -f %{sysconfig_anaconda} && \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Sep 29 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-3
|
||||
- CVE-2021-41617 fix (#2008292)
|
||||
|
||||
* Thu Sep 16 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-2
|
||||
- Use SFTP protocol for scp by default (#2004956)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user