guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: OpenSSH: Update to 7.8p1.


From: Leo Famulari
Subject: 01/01: gnu: OpenSSH: Update to 7.8p1.
Date: Fri, 24 Aug 2018 17:05:06 -0400 (EDT)

lfam pushed a commit to branch master
in repository guix.

commit 36a8d5cdf40c3a760615eddc7f0d44c91369eb68
Author: Leo Famulari <address@hidden>
Date:   Fri Aug 24 16:27:19 2018 -0400

    gnu: OpenSSH: Update to 7.8p1.
    
    * gnu/packages/ssh.scm (openssh): Update to 7.8p1.
    [source]: Remove 'openssh-CVE-2018-15473.patch'.
    * gnu/packages/patches/openssh-CVE-2018-15473.patch: Delete file.
    * gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/local.mk                                      |   1 -
 gnu/packages/patches/openssh-CVE-2018-15473.patch | 165 ----------------------
 gnu/packages/ssh.scm                              |   5 +-
 3 files changed, 2 insertions(+), 169 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 71f3583..60db25a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -997,7 +997,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/openldap-CVE-2017-9287.patch            \
   %D%/packages/patches/openocd-nrf52.patch                     \
   %D%/packages/patches/opensmtpd-fix-crash.patch               \
-  %D%/packages/patches/openssh-CVE-2018-15473.patch            \
   %D%/packages/patches/openssl-runpath.patch                   \
   %D%/packages/patches/openssl-1.0.2-CVE-2018-0495.patch       \
   %D%/packages/patches/openssl-1.0.2-CVE-2018-0732.patch       \
diff --git a/gnu/packages/patches/openssh-CVE-2018-15473.patch 
b/gnu/packages/patches/openssh-CVE-2018-15473.patch
deleted file mode 100644
index 26b2dc5..0000000
--- a/gnu/packages/patches/openssh-CVE-2018-15473.patch
+++ /dev/null
@@ -1,165 +0,0 @@
-Fix CVE-2018-15473, a method by which remote clients can enumerate
-usernames on the server:
-
-http://seclists.org/oss-sec/2018/q3/124
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15473
-
-Patch adapted from upstream source repository:
-
-https://anongit.mindrot.org/openssh.git/commit/?id=74287f5df9966a0648b4a68417451dd18f079ab8
-
-From 74287f5df9966a0648b4a68417451dd18f079ab8 Mon Sep 17 00:00:00 2001
-From: "address@hidden" <address@hidden>
-Date: Tue, 31 Jul 2018 03:10:27 +0000
-Subject: [PATCH] upstream: delay bailout for invalid authentic
-
-=?UTF-8?q?ating=20user=20until=20after=20the=20packet=20containing=20the?=
-=?UTF-8?q?=20request=20has=20been=20fully=20parsed.=20Reported=20by=20Dar?=
-=?UTF-8?q?iusz=20Tytko=20and=20Micha=C5=82=20Sajdak;=20ok=20deraadt?=
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-OpenBSD-Commit-ID: b4891882fbe413f230fe8ac8a37349b03bd0b70d
----
- auth2-gss.c       | 11 +++++++----
- auth2-hostbased.c | 11 ++++++-----
- auth2-pubkey.c    | 25 +++++++++++++++----------
- 3 files changed, 28 insertions(+), 19 deletions(-)
-
-# Adapted from upstream to apply to OpenSSH 7.7p1.
-diff --git a/auth2-gss.c b/auth2-gss.c
-index 589283b7..1d7cfb39 100644
---- a/auth2-gss.c
-+++ b/auth2-gss.c
-@@ -69,9 +69,6 @@ userauth_gssapi(struct ssh *ssh)
-       u_int len;
-       u_char *doid = NULL;
- 
--      if (!authctxt->valid || authctxt->user == NULL)
--              return (0);
--
-       mechs = packet_get_int();
-       if (mechs == 0) {
-               debug("Mechanism negotiation is not supported");
-diff --git a/auth2-gss.c b/auth2-gss.c
-index 47308c5c..9351e042 100644
---- a/auth2-gss.c
-+++ b/auth2-gss.c
-@@ -106,6 +103,12 @@ userauth_gssapi(struct ssh *ssh)
-               return (0);
-       }
- 
-+      if (!authctxt->valid || authctxt->user == NULL) {
-+              debug2("%s: disabled because of invalid user", __func__);
-+              free(doid);
-+              return (0);
-+      }
-+
-       if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
-               if (ctxt != NULL)
-                       ssh_gssapi_delete_ctx(&ctxt);
-diff --git a/auth2-hostbased.c b/auth2-hostbased.c
-index 60159a56..35939329 100644
---- a/auth2-hostbased.c
-+++ b/auth2-hostbased.c
-@@ -67,10 +67,6 @@ userauth_hostbased(struct ssh *ssh)
-       size_t alen, blen, slen;
-       int r, pktype, authenticated = 0;
- 
--      if (!authctxt->valid) {
--              debug2("%s: disabled because of invalid user", __func__);
--              return 0;
--      }
-       /* XXX use sshkey_froms() */
-       if ((r = sshpkt_get_cstring(ssh, &pkalg, &alen)) != 0 ||
-           (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0 ||
-@@ -117,6 +113,11 @@ userauth_hostbased(struct ssh *ssh)
-               goto done;
-       }
- 
-+      if (!authctxt->valid || authctxt->user == NULL) {
-+              debug2("%s: disabled because of invalid user", __func__);
-+              goto done;
-+      }
-+
-       if ((b = sshbuf_new()) == NULL)
-               fatal("%s: sshbuf_new failed", __func__);
-       /* reconstruct packet */
-diff --git a/auth2-pubkey.c b/auth2-pubkey.c
-index c4d0f790..e1c15040 100644
---- a/auth2-pubkey.c
-+++ b/auth2-pubkey.c
-@@ -89,19 +89,15 @@ userauth_pubkey(struct ssh *ssh)
- {
-       Authctxt *authctxt = ssh->authctxt;
-       struct passwd *pw = authctxt->pw;
--      struct sshbuf *b;
-+      struct sshbuf *b = NULL;
-       struct sshkey *key = NULL;
--      char *pkalg, *userstyle = NULL, *key_s = NULL, *ca_s = NULL;
--      u_char *pkblob, *sig, have_sig;
-+      char *pkalg = NULL, *userstyle = NULL, *key_s = NULL, *ca_s = NULL;
-+      u_char *pkblob = NULL, *sig = NULL, have_sig;
-       size_t blen, slen;
-       int r, pktype;
-       int authenticated = 0;
-       struct sshauthopt *authopts = NULL;
- 
--      if (!authctxt->valid) {
--              debug2("%s: disabled because of invalid user", __func__);
--              return 0;
--      }
-       if ((r = sshpkt_get_u8(ssh, &have_sig)) != 0 ||
-           (r = sshpkt_get_cstring(ssh, &pkalg, NULL)) != 0 ||
-           (r = sshpkt_get_string(ssh, &pkblob, &blen)) != 0)
-@@ -167,6 +163,11 @@ userauth_pubkey(struct ssh *ssh)
-                               fatal("%s: sshbuf_put_string session id: %s",
-                                   __func__, ssh_err(r));
-               }
-+              if (!authctxt->valid || authctxt->user == NULL) {
-+                      debug2("%s: disabled because of invalid user",
-+                          __func__);
-+                      goto done;
-+              }
-               /* reconstruct packet */
-               xasprintf(&userstyle, "%s%s%s", authctxt->user,
-                   authctxt->style ? ":" : "",
-@@ -183,7 +184,6 @@ userauth_pubkey(struct ssh *ssh)
- #ifdef DEBUG_PK
-               sshbuf_dump(b, stderr);
- #endif
--
-               /* test for correct signature */
-               authenticated = 0;
-               if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
-@@ -194,7 +194,6 @@ userauth_pubkey(struct ssh *ssh)
-                       authenticated = 1;
-               }
-               sshbuf_free(b);
--              free(sig);
-               auth2_record_key(authctxt, authenticated, key);
-       } else {
-               debug("%s: test pkalg %s pkblob %s%s%s",
-@@ -205,6 +204,11 @@ userauth_pubkey(struct ssh *ssh)
-               if ((r = sshpkt_get_end(ssh)) != 0)
-                       fatal("%s: %s", __func__, ssh_err(r));
- 
-+              if (!authctxt->valid || authctxt->user == NULL) {
-+                      debug2("%s: disabled because of invalid user",
-+                          __func__);
-+                      goto done;
-+              }
-               /* XXX fake reply and always send PK_OK ? */
-               /*
-                * XXX this allows testing whether a user is allowed
-@@ -238,6 +242,7 @@ done:
-       free(pkblob);
-       free(key_s);
-       free(ca_s);
-+      free(sig);
-       return authenticated;
- }
- 
--- 
-2.18.0
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index 0d9bd5a..a58ebff 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -148,15 +148,14 @@ a server that supports the SSH-2 protocol.")
 (define-public openssh
   (package
    (name "openssh")
-   (version "7.7p1")
+   (version "7.8p1")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://openbsd/OpenSSH/portable/"
                                  name "-" version ".tar.gz"))
-             (patches (search-patches "openssh-CVE-2018-15473.patch"))
              (sha256
               (base32
-               "13vbbrvj3mmfhj83qyrg5c0ipr6bzw5s65dy4k8gr7p9hkkfffyp"))))
+               "1jj4f586r9lhakp2w0zv7j616d6x62m15q8l4nxq7haja6qlnj0s"))))
    (build-system gnu-build-system)
    (native-inputs `(("groff" ,groff)))
    (inputs `(("openssl" ,openssl)



reply via email to

[Prev in Thread] Current Thread [Next in Thread]