pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2015Q1]: pkgsrc/security/openssh Pullup ticket #4719 - request...

details:   https://anonhg.NetBSD.org/pkgsrc/rev/ef763137fd67
branches:  pkgsrc-2015Q1
changeset: 649244:ef763137fd67
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sat May 16 19:48:50 2015 +0000

description:
Pullup ticket #4719 - requested by sevan
security/openssh: security fix

Revisions pulled up:
- security/openssh/Makefile                                     1.229
- security/openssh/distinfo                                     1.91
- security/openssh/patches/patch-compat.c                       1.1

---
   Module Name:    pkgsrc
   Committed By:   sevan
   Date:           Sat May 16 14:43:02 UTC 2015

   Modified Files:
           pkgsrc/security/openssh: Makefile distinfo
   Added Files:
           pkgsrc/security/openssh/patches: patch-compat.c

   Log Message:
   Use the correct buffer when calling strlen
   http://www.openwall.com/lists/oss-security/2015/05/16/3

   Reviewed by wiz@

diffstat:

 security/openssh/Makefile               |   4 ++--
 security/openssh/distinfo               |   3 ++-
 security/openssh/patches/patch-compat.c |  16 ++++++++++++++++
 3 files changed, 20 insertions(+), 3 deletions(-)

diffs (51 lines):

diff -r 179411fed941 -r ef763137fd67 security/openssh/Makefile
--- a/security/openssh/Makefile Sat May 16 19:41:54 2015 +0000
+++ b/security/openssh/Makefile Sat May 16 19:48:50 2015 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.228 2015/03/19 20:23:55 tron Exp $
+# $NetBSD: Makefile,v 1.228.2.1 2015/05/16 19:48:50 bsiegert Exp $
 
 DISTNAME=              openssh-6.6p1
 PKGNAME=               openssh-6.6.1
-PKGREVISION=           5
+PKGREVISION=           6
 CATEGORIES=            security
 MASTER_SITES=          ${MASTER_SITE_OPENBSD:=OpenSSH/portable/}
 
diff -r 179411fed941 -r ef763137fd67 security/openssh/distinfo
--- a/security/openssh/distinfo Sat May 16 19:41:54 2015 +0000
+++ b/security/openssh/distinfo Sat May 16 19:48:50 2015 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.90 2015/03/20 22:41:19 rodent Exp $
+$NetBSD: distinfo,v 1.90.2.1 2015/05/16 19:48:50 bsiegert Exp $
 
 SHA1 (openssh-6.6p1-hpnssh14v4.diff.gz) = 1cb86c7151ea4c805cfb1197eac13844cd8f2f2c
 RMD160 (openssh-6.6p1-hpnssh14v4.diff.gz) = 292cea7880ff66040d915f2d5957dd27d0835984
@@ -14,6 +14,7 @@
 SHA1 (patch-auth2.c) = 8f4f97516874fc4af5814cbd3a1f59b9ca77b43f
 SHA1 (patch-channels.c) = 88af4136f13f93d73c70caacea0a2ded0601d1cf
 SHA1 (patch-clientloop.c) = 499f34ce4e067f1da8aca257cfa7dd820efa3504
+SHA1 (patch-compat.c) = 9248aace83134287c1f0b78f2b3b61ad5545f5e2
 SHA1 (patch-config.h.in) = 9799f48f204aa213318914f1d6c45e83a8af942f
 SHA1 (patch-configure) = 3015dda57a5626667cf5c15c7c7be25f8844cfc6
 SHA1 (patch-configure.ac) = 996a3bcf133a0832b9d7fa35cc0983562d9fa60a
diff -r 179411fed941 -r ef763137fd67 security/openssh/patches/patch-compat.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh/patches/patch-compat.c   Sat May 16 19:48:50 2015 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-compat.c,v 1.1.2.2 2015/05/16 19:48:50 bsiegert Exp $
+
+Use the correct buffer when calling strlen
+http://www.openwall.com/lists/oss-security/2015/05/16/3
+
+--- compat.c.orig      2015-05-16 13:05:33.000000000 +0000
++++ compat.c
+@@ -223,7 +223,7 @@ filter_proposal(char *proposal, const ch
+       buffer_init(&b);
+       tmp = orig_prop = xstrdup(proposal);
+       while ((cp = strsep(&tmp, ",")) != NULL) {
+-              if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) {
++              if (match_pattern_list(cp, filter, strlen(filter), 0) != 1) {
+                       if (buffer_len(&b) > 0)
+                               buffer_append(&b, ",", 1);
+                       buffer_append(&b, cp, strlen(cp));
Home | Main Index | Thread Index | Old Index