ports/core
4
3
Fork 0
Code Issues Pull Requests Activity

openssh: update to 8.0p1

Browse Source
This commit is contained in:
Juergen Daubert 2019-04-21 13:35:50 +02:00
parent 02cd4f54c4
commit 2addaea288
3 changed files with 6 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
openssh/.signature
View File

@ -1,7 +1,6 @@
untrusted comment: verify with /etc/ports/core.pub
RWRJc1FUaeVeqh/5l9mXUVHkgalsQ5Cwa+YDc8w3lOCkjVbtP23XeCFrVEqpARDrlYWRfYlCt93PAg31KIVzAaImIHnpfYVoQwQ=
SHA256 (Pkgfile) = 7dabfc94184cee52c6dacf3138b06dac42fbcdf176abb26e261989bdbe35cdd7
RWRJc1FUaeVeqhoK8um94GkK0m0c6B9XGv40UViwvAoG8w53AtBtpyd3afkAH5YRs35UE7BQGnG2dH1cv4SmJrqPHiz0Y24IdwI=
SHA256 (Pkgfile) = 8d4780845d19d2539fdca5aa14405b38bed0f6c86a2619fe01f5bf0ec6a71feb
SHA256 (.footprint) = 49ebea9770f893cbe403018d12a23303ae4652d2af3f1128b25c23df27282324
SHA256 (openssh-7.9p1.tar.gz) = 6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad
SHA256 (openssh-8.0p1.tar.gz) = bd943879e69498e8031eb6b7f44d08cdc37d59a7ab689aa0b437320c3481fd68
SHA256 (sshd) = 59cb8cff9890e9f5c617c5bd4e5a15e5e4bcc4bf35eb73a80322825db60bbfd4
SHA256 (CVE-2018-20685.patch) = 310347b0173cd97c996a63f703040be07d87ea1a5f4cbe81a3cbdf409b36f7e2

33
openssh/CVE-2018-20685.patch
View File

@ -1,33 +0,0 @@
From 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 16 Nov 2018 03:03:10 +0000
Subject: [PATCH] upstream: disallow empty incoming filename or ones that refer
to the
current directory; based on report/patch from Harry Sintonen
OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9
---
scp.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/scp.c b/scp.c
index 60682c687..4f3fdcd3d 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */
+/* $OpenBSD: scp.c,v 1.198 2018/11/16 03:03:10 djm Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
* uses ssh to do the data transfer (instead of using rcmd).
@@ -1106,7 +1106,8 @@ sink(int argc, char **argv)
SCREWUP("size out of range");
size = (off_t)ull;
- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+ if (*cp == '\0' || strchr(cp, '/') != NULL ||
+ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
run_err("error: unexpected filename: %s", cp);
exit(1);
}

8
openssh/Pkgfile
View File

@ -4,16 +4,14 @@
# Depends on: openssl zlib
name=openssh
version=7.9p1
release=2
version=8.0p1
release=1
source=(http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$name-$version.tar.gz
sshd CVE-2018-20685.patch)
sshd)
build() {
cd $name-$version
patch -p1 -i $SRC/CVE-2018-20685.patch
./configure --prefix=/usr \
--libexecdir=/usr/lib/ssh \
--sysconfdir=/etc/ssh \