packages/openssh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bugfixCVE-2018-15919

Browse Source
This commit is contained in:
songnannan 2020-03-18 20:05:14 +08:00
parent 8769b4a82a
commit 29ee5f4511
2 changed files with 66 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
bugfix-CVE-2018-15919.patch Normal file
View File

@ -0,0 +1,60 @@
From 1a3f3190a287cc24fe2b7a47f420d03fba76b353 Mon Sep 17 00:00:00 2001
From: majun <majun65@huawei.com>
Date: Wed, 18 Mar 2020 19:23:15 +0800
Subject: [PATCH] CVE-2018-15919
---
auth.h | 1 +
auth2-gss.c | 1 +
auth2.c | 4 ++++
3 files changed, 6 insertions(+)
diff --git a/auth.h b/auth.h
index 1d9cf66..51b27c7 100644
--- a/auth.h
+++ b/auth.h
@@ -60,6 +60,7 @@ struct Authctxt {
int attempt;
int failures;
int server_caused_failure;
+ int server_caused_gssapi_failure;
int force_pwchange;
char *user; /* username sent by the client */
char *service;
diff --git a/auth2-gss.c b/auth2-gss.c
index 764d509..9690f8a 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -153,6 +153,7 @@ userauth_gssapi(struct ssh *ssh)
ssh_gssapi_delete_ctx(&ctxt);
free(doid);
authctxt->server_caused_failure = 1;
+ authctxt->server_caused_gssapi_failure = 1;
return (0);
}
diff --git a/auth2.c b/auth2.c
index f0b61ce..14db54a 100644
--- a/auth2.c
+++ b/auth2.c
@@ -336,6 +336,7 @@ if (options.check_user_splash)
auth2_authctxt_reset_info(authctxt);
authctxt->postponed = 0;
authctxt->server_caused_failure = 0;
+ authctxt->server_caused_gssapi_failure = 0;
/* try to authenticate user */
m = authmethod_lookup(authctxt, method);
@@ -427,6 +428,9 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
if (!partial && !authctxt->server_caused_failure &&
(authctxt->attempt > 1 || strcmp(method, "none") != 0))
authctxt->failures++;
+ if (!partial && authctxt->server_caused_gssapi_failure &&
+ (authctxt->attempt > 1 || strcmp(method, "none") != 0))
+ authctxt->failures++;
if (authctxt->failures >= options.max_authtries) {
#ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
--
1.8.3.1

9
openssh.spec
View File

@ -10,7 +10,7 @@
Name: openssh
Version: 7.8p1
Release: 7
Release: 8
URL: https://www.openssh.com/portable.html
License: BSD
Summary: An open source implementation of SSH protocol version 2
@ -131,6 +131,7 @@ Patch9006: bugfix-openssh-add-option-check-username-splash.patch
Patch9007: feature-openssh-7.4-hima-sftpserver-oom-and-fix.patch
Patch9008: bugfix-supply-callback-to-PEM-read-bio-PrivateKey.patch
Patch9009: bugfix-openssh-fix-sftpserver.patch
Patch9010: bugfix-CVE-2018-15919.patch
Requires: /sbin/nologin libselinux >= 2.3-5 audit-libs >= 1.0.8
Requires: fipscheck-lib >= 1.3.0
@ -140,8 +141,6 @@ Requires: pam >= 1.0.1-3
Requires: fipscheck-lib >= 1.3.0
Requires: crypto-policies >= 20180306-1
Obsoletes: openssh-clients-fips openssh-server-fips openssh-server-sysvinit openssh-cavs openssh-askpass-gnome
Obsoletes: openssh-clients openssh-server openssh-ldap openssh-keycat openssh-askpass
Provides: openssh-clients openssh-server openssh-ldap openssh-keycat openssh-askpass openssh-cavs openssh-askpass-gnome
@ -277,6 +276,7 @@ popd
%patch9009 -p1
%patch6030 -p1
%patch9010 -p1
autoreconf
pushd pam_ssh_agent_auth-0.10.3
@ -463,6 +463,9 @@ getent passwd sshd >/dev/null || \
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%changelog
* Wed Mar 18 2020 songnannan <songnannan2@huawei.com> - 7.8P1-8
- bugfix CVE-2018-15919
* Tue Jan 21 2020 openEuler Buildteam <buildteam@openeuler.org> - 7.8P1-7
- Type:bugfix
- ID:NA