aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBartłomiej Piotrowski <bpiotrowski@alpinelinux.org>2014-03-26 10:12:26 +0100
committerBartłomiej Piotrowski <bpiotrowski@alpinelinux.org>2014-03-26 10:27:43 +0100
commite8f74d41f779d7763f3696d4c921bbc884adca02 (patch)
treed12a7265f8261c2c651867f098ccda30d25c12d8
parent5540f95666c86ec3991b4878353646a95dc02768 (diff)
downloadaports-e8f74d41f779d7763f3696d4c921bbc884adca02.tar.bz2
aports-e8f74d41f779d7763f3696d4c921bbc884adca02.tar.xz
main/openssh: security fix for CVE-2014-2532
-rw-r--r--main/openssh/APKBUILD6
-rw-r--r--main/openssh/CVE-2014-2532.patch30
2 files changed, 34 insertions, 2 deletions
diff --git a/main/openssh/APKBUILD b/main/openssh/APKBUILD
index 4f5d86005d..d81da7c050 100644
--- a/main/openssh/APKBUILD
+++ b/main/openssh/APKBUILD
@@ -2,7 +2,7 @@
pkgname=openssh
pkgver=5.9_p1
_myver=${pkgver%_*}${pkgver#*_}
-pkgrel=2
+pkgrel=3
pkgdesc="Port of OpenBSD's free SSH release"
url="http://www.openssh.org/portable.html"
arch="all"
@@ -16,6 +16,7 @@ source="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.
openssh-fix-openssl-abi.diff
sshd.initd
sshd.confd
+ CVE-2014-2532.patch
"
_builddir="$srcdir"/$pkgname-$_myver
@@ -92,4 +93,5 @@ f3db05e57e7af4cb2b55b85117652ed3 openssh5.9-dynwindow_noneswitch.diff
949ff348573438163240c60d6c3618eb openssh5.9-peaktput.diff
c6f0728f19a80f680b0ee3922f3084cf openssh-fix-openssl-abi.diff
cb0dd08c413fad346f0c594107b4a2e0 sshd.initd
-b35e9f3829f4cfca07168fcba98749c7 sshd.confd"
+b35e9f3829f4cfca07168fcba98749c7 sshd.confd
+e4cf579145106ce3d4465453b70ea50d CVE-2014-2532.patch"
diff --git a/main/openssh/CVE-2014-2532.patch b/main/openssh/CVE-2014-2532.patch
new file mode 100644
index 0000000000..49cccbd274
--- /dev/null
+++ b/main/openssh/CVE-2014-2532.patch
@@ -0,0 +1,30 @@
+Description: fix AcceptEnv wildcard environment restrictions bypass
+Origin: upstream, http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.270;r2=1.271
+
+Index: openssh-6.0p1/session.c
+===================================================================
+--- openssh-6.0p1.orig/session.c 2014-03-21 11:03:33.904069205 -0400
++++ openssh-6.0p1/session.c 2014-03-21 11:03:33.900069205 -0400
+@@ -963,6 +963,11 @@
+ *envsizep = 1;
+ }
+
++ if (strchr(name, '=') != NULL) {
++ error("Invalid environment variable \"%.100s\"", name);
++ return;
++ }
++
+ /*
+ * Find the slot where the value should be stored. If the variable
+ * already exists, we reuse the slot; otherwise we append a new slot
+@@ -2186,8 +2191,8 @@
+ char *name, *val;
+ u_int name_len, val_len, i;
+
+- name = packet_get_string(&name_len);
+- val = packet_get_string(&val_len);
++ name = packet_get_cstring(&name_len);
++ val = packet_get_cstring(&val_len);
+ packet_check_eom();
+
+ /* Don't set too many environment variables */