!166 回合openssh社区补丁:修复整型下溢问题
From: @renmingshuai Reviewed-by: @kircher Signed-off-by: @kircher
This commit is contained in:
openeuler-ci-bot
Gitee
commit
4d1e62e8b0
@ -0,0 +1,44 @@
|
||||
From 32ebaa0dbca5d0bb86e384e72bebc153f48413e4 Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Wed, 23 Feb 2022 11:18:13 +0000
|
||||
Subject: [PATCH] upstream: avoid integer overflow of auth attempts
|
||||
(harmless,caught by monitor)
|
||||
|
||||
OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
|
||||
|
||||
Reference:https://github.com/openssh/openssh-portable/commit/32ebaa0dbca5d0
|
||||
Conflict:NA
|
||||
---
|
||||
auth2.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/auth2.c b/auth2.c
|
||||
index 7290d54..0de58e6 100644
|
||||
--- a/auth2.c
|
||||
+++ b/auth2.c
|
||||
@@ -1,4 +1,4 @@
|
||||
-/* $OpenBSD: auth2.c,v 1.161 2021/04/03 06:18:40 djm Exp $ */
|
||||
+/* $OpenBSD: auth2.c,v 1.164 2022/02/23 11:18:13 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@@ -290,6 +290,8 @@ if (options.check_user_splash)
|
||||
if ((style = strchr(user, ':')) != NULL)
|
||||
*style++ = 0;
|
||||
|
||||
+ if (authctxt->attempt >= 1024)
|
||||
+ auth_maxtries_exceeded(ssh);
|
||||
if (authctxt->attempt++ == 0) {
|
||||
/* setup auth context */
|
||||
authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
|
||||
@@ -298,6 +300,7 @@ if (options.check_user_splash)
|
||||
authctxt->valid = 1;
|
||||
debug2_f("setting up authctxt for %s", user);
|
||||
} else {
|
||||
+ authctxt->valid = 0;
|
||||
/* Invalid user, fake password information */
|
||||
authctxt->pw = fakepw();
|
||||
}
|
||||
--
|
||||
2.23.0
|
||||
|
||||
10
openssh.spec
10
openssh.spec
@ -6,7 +6,7 @@
|
||||
%{?no_gtk2:%global gtk2 0}
|
||||
|
||||
%global sshd_uid 74
|
||||
%global openssh_release 14
|
||||
%global openssh_release 15
|
||||
|
||||
Name: openssh
|
||||
Version: 8.8p1
|
||||
@ -102,6 +102,7 @@ Patch71: backport-Don-t-leak-the-strings-allocated-by-order_h.patch
|
||||
Patch72: backport-Return-ERANGE-from-getcwd-if-buffer-size-is-1.patch
|
||||
Patch73: backport-upstream-double-free-in-error-path-from-Eusgor-via-G.patch
|
||||
Patch74: add-strict-scp-check-for-CVE-2020-15778.patch
|
||||
Patch75: backport-upstream-avoid-integer-overflow-of-auth-attempts-har.patch
|
||||
|
||||
Requires: /sbin/nologin
|
||||
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
|
||||
@ -254,6 +255,7 @@ popd
|
||||
%patch72 -p1
|
||||
%patch73 -p1
|
||||
%patch74 -p1
|
||||
%patch75 -p1
|
||||
|
||||
autoreconf
|
||||
pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4
|
||||
@ -455,6 +457,12 @@ getent passwd sshd >/dev/null || \
|
||||
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
||||
|
||||
%changelog
|
||||
* Thu Dec 29 2022 renmingshuai <renmingshuai@huawei.com> - 8.8p1-15
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
- SUG:NA
|
||||
- DESC:avoid integer overflow of auth attempts
|
||||
|
||||
* Thu Dec 29 2022 renmingshuai <renmingshuai@huawei.com> - 8.8p1-14
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user