packages/openssh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2018-15919.patch

Browse Source 
Signed-off-by: liuzy518 <570407222@qq.com>
This commit is contained in:
liuzy518 2020-09-15 16:58:49 +08:00
parent 6992315208
commit 1462ccaac2
2 changed files with 69 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2018-15919.patch Normal file
View File

@ -0,0 +1,60 @@
From 4286e434ab29c077a42d52c97e7a2e92f93fc1c3 Mon Sep 17 00:00:00 2001
From: zhuqingfu <zhuqingfu1@huawei.com>
Date: Tue, 15 Sep 2020 15:09:52 +0800
Subject: [PATCH] CVE-2018-15919
---
auth.h | 1 +
auth2-gss.c | 1 +
auth2.c | 4 ++++
3 files changed, 6 insertions(+)
diff --git a/auth.h b/auth.h
index c3a92df..1127fdf 100644
--- a/auth.h
+++ b/auth.h
@@ -58,6 +58,7 @@ struct Authctxt {
int attempt;
int failures;
int server_caused_failure;
+ int server_caused_gssapi_failure;
int force_pwchange;
char *user; /* username sent by the client */
char *service;
diff --git a/auth2-gss.c b/auth2-gss.c
index 4708375..6008319 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -156,6 +156,7 @@ userauth_gssapi(struct ssh *ssh)
ssh_gssapi_delete_ctx(&ctxt);
free(doid);
authctxt->server_caused_failure = 1;
+ authctxt->server_caused_gssapi_failure = 1;
return (0);
}
diff --git a/auth2.c b/auth2.c
index 956b9cf..2c4fc97 100644
--- a/auth2.c
+++ b/auth2.c
@@ -345,6 +345,7 @@ if (options.check_user_splash)
auth2_authctxt_reset_info(authctxt);
authctxt->postponed = 0;
authctxt->server_caused_failure = 0;
+ authctxt->server_caused_gssapi_failure = 0;
/* try to authenticate user */
m = authmethod_lookup(authctxt, method);
@@ -442,6 +443,9 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
if (!partial && !authctxt->server_caused_failure &&
(authctxt->attempt > 1 || strcmp(method, "none") != 0))
authctxt->failures++;
+ if (!partial && authctxt->server_caused_gssapi_failure &&
+ (authctxt->attempt > 1 || strcmp(method, "none") != 0))
+ authctxt->failures++;
if (authctxt->failures >= options.max_authtries) {
#ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(ssh, SSH_LOGIN_EXCEED_MAXTRIES));
--
1.8.3.1

10
openssh.spec
View File

@ -9,7 +9,7 @@
Name: openssh Name: openssh
Version: 8.2p1 Version: 8.2p1
Release: 5 Release: 6
URL: http://www.openssh.com/portable.html URL: http://www.openssh.com/portable.html
License: BSD License: BSD
Summary: An open source implementation of SSH protocol version 2 Summary: An open source implementation of SSH protocol version 2
@ -88,6 +88,7 @@ Patch56: set-sshd-config.patch
Patch57: CVE-2020-12062-1.patch Patch57: CVE-2020-12062-1.patch
Patch58: CVE-2020-12062-2.patch Patch58: CVE-2020-12062-2.patch
Patch59: upstream-expose-vasnmprintf.patch Patch59: upstream-expose-vasnmprintf.patch
Patch60: CVE-2018-15919.patch
Requires: /sbin/nologin Requires: /sbin/nologin
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8 Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
@ -249,6 +250,7 @@ popd
%patch57 -p1 %patch57 -p1
%patch58 -p1 %patch58 -p1
%patch59 -p1 %patch59 -p1
%patch60 -p1
autoreconf autoreconf
pushd pam_ssh_agent_auth-0.10.3 pushd pam_ssh_agent_auth-0.10.3
@ -464,6 +466,12 @@ getent passwd sshd >/dev/null || \
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8* %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%changelog %changelog
* Thu Sep 15 2020 liulong<liulong20@huawei.com> - 8.2P1-6
- Type:cves
- ID:CVE-2018-15919
- SUG:NA
- DESC:Fix CVE-2018-15919
* Thu Jul 2 2020 zhouyihang<zhouyihang3@huawei.com> - 8.2P1-5 * Thu Jul 2 2020 zhouyihang<zhouyihang3@huawei.com> - 8.2P1-5
- Type:cves - Type:cves
- ID:CVE-2020-12062 - ID:CVE-2020-12062