pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2016Q1]: pkgsrc/security/openssh Pullup ticket #5041 - request...
details: https://anonhg.NetBSD.org/pkgsrc/rev/6503383d670b
branches: pkgsrc-2016Q1
changeset: 408916:6503383d670b
user: spz <spz%pkgsrc.org@localhost>
date: Sat Jun 11 09:53:06 2016 +0000
description:
Pullup ticket #5041 - requested by taca
security/openssh: security patch
Revisions pulled up:
- security/openssh/Makefile 1.244
- security/openssh/distinfo 1.101
- security/openssh/patches/patch-session.c 1.6
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Jun 6 08:55:35 UTC 2016
Modified Files:
pkgsrc/security/openssh: Makefile distinfo
pkgsrc/security/openssh/patches: patch-session.c
Log Message:
Add fix for CVE-2015-8325 from upstream.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.243 -r1.244 pkgsrc/security/openssh/Makefile
cvs rdiff -u -r1.100 -r1.101 pkgsrc/security/openssh/distinfo
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/openssh/patches/patch-session.c
diffstat:
security/openssh/Makefile | 3 ++-
security/openssh/distinfo | 4 ++--
security/openssh/patches/patch-session.c | 28 +++++++++++++++++++---------
3 files changed, 23 insertions(+), 12 deletions(-)
diffs (96 lines):
diff -r 0aae19e83787 -r 6503383d670b security/openssh/Makefile
--- a/security/openssh/Makefile Mon Jun 06 18:38:24 2016 +0000
+++ b/security/openssh/Makefile Sat Jun 11 09:53:06 2016 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.243 2016/03/15 20:54:07 bsiegert Exp $
+# $NetBSD: Makefile,v 1.243.2.1 2016/06/11 09:53:06 spz Exp $
DISTNAME= openssh-7.2p2
PKGNAME= ${DISTNAME:S/p2/.2/}
+PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/}
diff -r 0aae19e83787 -r 6503383d670b security/openssh/distinfo
--- a/security/openssh/distinfo Mon Jun 06 18:38:24 2016 +0000
+++ b/security/openssh/distinfo Sat Jun 11 09:53:06 2016 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.100 2016/03/15 20:54:07 bsiegert Exp $
+$NetBSD: distinfo,v 1.100.2.1 2016/06/11 09:53:06 spz Exp $
SHA1 (openssh-7.2p2.tar.gz) = 70e35d7d6386fe08abbd823b3a12a3ca44ac6d38
RMD160 (openssh-7.2p2.tar.gz) = d18d73719ceeefa5116b5b741124f3604d7ddb99
@@ -23,7 +23,7 @@
SHA1 (patch-platform.c) = f8f211dbc5e596c0f82eb86324d18a84c6151ec5
SHA1 (patch-sandbox-darwin.c) = c9a1fe2e4dbf98e929d983b4206a244e0e354b75
SHA1 (patch-scp.c) = 9c2317b0f796641903a826db355ba06595a26ea1
-SHA1 (patch-session.c) = 2aa1d95a35b52519c4921494855f861dc1380f3b
+SHA1 (patch-session.c) = 2a7276382278f70ac1d8f51f273e8ffa2c0c59d2
SHA1 (patch-sftp-common.c) = 6819aa040c8f1caa30a704cf6f0588e498df8778
SHA1 (patch-ssh.c) = 6877d8205d999906c14240d4d112b084609927ca
SHA1 (patch-sshd.8) = 5bf48cd27cef8e8810b9dc7115f5180102a345d1
diff -r 0aae19e83787 -r 6503383d670b security/openssh/patches/patch-session.c
--- a/security/openssh/patches/patch-session.c Mon Jun 06 18:38:24 2016 +0000
+++ b/security/openssh/patches/patch-session.c Sat Jun 11 09:53:06 2016 +0000
@@ -1,10 +1,11 @@
-$NetBSD: patch-session.c,v 1.5 2016/01/18 12:53:26 jperkin Exp $
-
-Interix support
+$NetBSD: patch-session.c,v 1.5.2.1 2016/06/11 09:53:06 spz Exp $
---- session.c.orig 2015-08-21 04:49:03.000000000 +0000
+* Interix support.
+* Fix for CVE-2015-8325
+
+--- session.c.orig 2016-03-09 18:04:48.000000000 +0000
+++ session.c
-@@ -1093,7 +1093,7 @@ read_etc_default_login(char ***env, u_in
+@@ -1117,7 +1117,7 @@ read_etc_default_login(char ***env, u_in
if (tmpenv == NULL)
return;
@@ -13,7 +14,7 @@
var = child_get_env(tmpenv, "SUPATH");
else
var = child_get_env(tmpenv, "PATH");
-@@ -1202,7 +1202,7 @@ do_setup_env(Session *s, const char *she
+@@ -1226,7 +1226,7 @@ do_setup_env(Session *s, const char *she
# endif /* HAVE_ETC_DEFAULT_LOGIN */
if (path == NULL || *path == '\0') {
child_set_env(&env, &envsize, "PATH",
@@ -22,7 +23,16 @@
SUPERUSER_PATH : _PATH_STDPATH);
}
# endif /* HAVE_CYGWIN */
-@@ -1316,6 +1316,18 @@ do_setup_env(Session *s, const char *she
+@@ -1317,7 +1317,7 @@ do_setup_env(Session *s, const char *she
+ * Pull in any environment variables that may have
+ * been set by PAM.
+ */
+- if (options.use_pam) {
++ if (options.use_pam && !options.use_login) {
+ char **p;
+
+ p = fetch_pam_child_environment();
+@@ -1340,6 +1340,18 @@ do_setup_env(Session *s, const char *she
strcmp(pw->pw_dir, "/") ? pw->pw_dir : "");
read_environment_file(&env, &envsize, buf);
}
@@ -41,7 +51,7 @@
if (debug_flag) {
/* dump the environment */
fprintf(stderr, "Environment:\n");
-@@ -1510,11 +1522,13 @@ do_setusercontext(struct passwd *pw)
+@@ -1531,11 +1543,13 @@ do_setusercontext(struct passwd *pw)
perror("setgid");
exit(1);
}
@@ -55,7 +65,7 @@
endgrent();
#endif
-@@ -2356,7 +2370,7 @@ session_pty_cleanup2(Session *s)
+@@ -2381,7 +2395,7 @@ session_pty_cleanup2(Session *s)
record_logout(s->pid, s->tty, s->pw->pw_name);
/* Release the pseudo-tty. */
Home |
Main Index |
Thread Index |
Old Index