packages/openssh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!166 回合openssh社区补丁:修复整型下溢问题

Browse Source 
From: @renmingshuai 
Reviewed-by: @kircher 
Signed-off-by: @kircher
This commit is contained in:
openeuler-ci-bot 2023-01-03 01:36:07 +00:00 committed by Gitee
commit 4d1e62e8b0
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 53 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
backport-upstream-avoid-integer-overflow-of-auth-attempts-har.patch Normal file
View File

@ -0,0 +1,44 @@
From 32ebaa0dbca5d0bb86e384e72bebc153f48413e4 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Wed, 23 Feb 2022 11:18:13 +0000
Subject: [PATCH] upstream: avoid integer overflow of auth attempts
(harmless,caught by monitor)
OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
Reference:https://github.com/openssh/openssh-portable/commit/32ebaa0dbca5d0
Conflict:NA
---
auth2.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/auth2.c b/auth2.c
index 7290d54..0de58e6 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.161 2021/04/03 06:18:40 djm Exp $ */
+/* $OpenBSD: auth2.c,v 1.164 2022/02/23 11:18:13 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -290,6 +290,8 @@ if (options.check_user_splash)
if ((style = strchr(user, ':')) != NULL)
*style++ = 0;
+ if (authctxt->attempt >= 1024)
+ auth_maxtries_exceeded(ssh);
if (authctxt->attempt++ == 0) {
/* setup auth context */
authctxt->pw = PRIVSEP(getpwnamallow(ssh, user));
@@ -298,6 +300,7 @@ if (options.check_user_splash)
authctxt->valid = 1;
debug2_f("setting up authctxt for %s", user);
} else {
+ authctxt->valid = 0;
/* Invalid user, fake password information */
authctxt->pw = fakepw();
}
--
2.23.0

10
openssh.spec
View File

@ -6,7 +6,7 @@
%{?no_gtk2:%global gtk2 0} %{?no_gtk2:%global gtk2 0}
%global sshd_uid 74 %global sshd_uid 74
%global openssh_release 14 %global openssh_release 15
Name: openssh Name: openssh
Version: 8.8p1 Version: 8.8p1
@ -102,6 +102,7 @@ Patch71: backport-Don-t-leak-the-strings-allocated-by-order_h.patch
Patch72: backport-Return-ERANGE-from-getcwd-if-buffer-size-is-1.patch Patch72: backport-Return-ERANGE-from-getcwd-if-buffer-size-is-1.patch
Patch73: backport-upstream-double-free-in-error-path-from-Eusgor-via-G.patch Patch73: backport-upstream-double-free-in-error-path-from-Eusgor-via-G.patch
Patch74: add-strict-scp-check-for-CVE-2020-15778.patch Patch74: add-strict-scp-check-for-CVE-2020-15778.patch
Patch75: backport-upstream-avoid-integer-overflow-of-auth-attempts-har.patch
Requires: /sbin/nologin Requires: /sbin/nologin
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8 Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
@ -254,6 +255,7 @@ popd
%patch72 -p1 %patch72 -p1
%patch73 -p1 %patch73 -p1
%patch74 -p1 %patch74 -p1
%patch75 -p1
autoreconf autoreconf
pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4 pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4
@ -455,6 +457,12 @@ getent passwd sshd >/dev/null || \
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8* %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%changelog %changelog
* Thu Dec 29 2022 renmingshuai <renmingshuai@huawei.com> - 8.8p1-15
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:avoid integer overflow of auth attempts
* Thu Dec 29 2022 renmingshuai <renmingshuai@huawei.com> - 8.8p1-14 * Thu Dec 29 2022 renmingshuai <renmingshuai@huawei.com> - 8.8p1-14
- Type:bugfix - Type:bugfix
- CVE:NA - CVE:NA