Upstream fix for CVE-2021-41617
Resolves: rhbz#2008292
This commit is contained in:
Dmitry Belyavskiy
parent
72aea69dd8
commit
c5e4c28ae1
31
openssh-8.7p1-upstream-cve-2021-41617.patch
Normal file
31
openssh-8.7p1-upstream-cve-2021-41617.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
diff --git a/misc.c b/misc.c
|
||||||
|
index b8d1040d..0134d694 100644
|
||||||
|
--- a/misc.c
|
||||||
|
+++ b/misc.c
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-/* $OpenBSD: misc.c,v 1.169 2021/08/09 23:47:44 djm Exp $ */
|
||||||
|
+/* $OpenBSD: misc.c,v 1.170 2021/09/26 14:01:03 djm Exp $ */
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
|
* Copyright (c) 2005-2020 Damien Miller. All rights reserved.
|
||||||
|
@@ -56,6 +56,7 @@
|
||||||
|
#ifdef HAVE_PATHS_H
|
||||||
|
# include <paths.h>
|
||||||
|
#include <pwd.h>
|
||||||
|
+#include <grp.h>
|
||||||
|
#endif
|
||||||
|
#ifdef SSH_TUN_OPENBSD
|
||||||
|
#include <net/if.h>
|
||||||
|
@@ -2695,6 +2696,12 @@ subprocess(const char *tag, const char *command,
|
||||||
|
}
|
||||||
|
closefrom(STDERR_FILENO + 1);
|
||||||
|
|
||||||
|
+ if (geteuid() == 0 &&
|
||||||
|
+ initgroups(pw->pw_name, pw->pw_gid) == -1) {
|
||||||
|
+ error("%s: initgroups(%s, %u): %s", tag,
|
||||||
|
+ pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
|
||||||
|
+ _exit(1);
|
||||||
|
+ }
|
||||||
|
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
|
||||||
|
error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
|
||||||
|
strerror(errno));
|
||||||
@ -51,7 +51,7 @@
|
|||||||
|
|
||||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||||
%global openssh_ver 8.7p1
|
%global openssh_ver 8.7p1
|
||||||
%global openssh_rel 2
|
%global openssh_rel 3
|
||||||
%global pam_ssh_agent_ver 0.10.4
|
%global pam_ssh_agent_ver 0.10.4
|
||||||
%global pam_ssh_agent_rel 4
|
%global pam_ssh_agent_rel 4
|
||||||
|
|
||||||
@ -197,6 +197,8 @@ Patch975: openssh-8.0p1-preserve-pam-errors.patch
|
|||||||
Patch976: openssh-8.7p1-sftp-default-protocol.patch
|
Patch976: openssh-8.7p1-sftp-default-protocol.patch
|
||||||
# Implement kill switch for SCP protocol
|
# Implement kill switch for SCP protocol
|
||||||
Patch977: openssh-8.7p1-scp-kill-switch.patch
|
Patch977: openssh-8.7p1-scp-kill-switch.patch
|
||||||
|
# CVE-2021-41617
|
||||||
|
Patch978: openssh-8.7p1-upstream-cve-2021-41617.patch
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
Requires: /sbin/nologin
|
Requires: /sbin/nologin
|
||||||
@ -375,6 +377,7 @@ popd
|
|||||||
%patch975 -p1 -b .preserve-pam-errors
|
%patch975 -p1 -b .preserve-pam-errors
|
||||||
%patch976 -p1 -b .sftp-by-default
|
%patch976 -p1 -b .sftp-by-default
|
||||||
%patch977 -p1 -b .kill-scp
|
%patch977 -p1 -b .kill-scp
|
||||||
|
%patch978 -p1 -b .cve-2021-41617
|
||||||
|
|
||||||
%patch200 -p1 -b .audit
|
%patch200 -p1 -b .audit
|
||||||
%patch201 -p1 -b .audit-race
|
%patch201 -p1 -b .audit-race
|
||||||
@ -660,6 +663,9 @@ test -f %{sysconfig_anaconda} && \
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Sep 29 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-3
|
||||||
|
- CVE-2021-41617 fix (#2008292)
|
||||||
|
|
||||||
* Thu Sep 16 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-2
|
* Thu Sep 16 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-2
|
||||||
- Use SFTP protocol for scp by default (#2004956)
|
- Use SFTP protocol for scp by default (#2004956)
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user