Merge branch '3.4' into 3.5
This commit is contained in:
commit
9b40ede8f3
@ -1,7 +1,6 @@
|
||||
untrusted comment: verify with /etc/ports/core.pub
|
||||
RWRJc1FUaeVeqh/5l9mXUVHkgalsQ5Cwa+YDc8w3lOCkjVbtP23XeCFrVEqpARDrlYWRfYlCt93PAg31KIVzAaImIHnpfYVoQwQ=
|
||||
SHA256 (Pkgfile) = 7dabfc94184cee52c6dacf3138b06dac42fbcdf176abb26e261989bdbe35cdd7
|
||||
RWRJc1FUaeVeqhoK8um94GkK0m0c6B9XGv40UViwvAoG8w53AtBtpyd3afkAH5YRs35UE7BQGnG2dH1cv4SmJrqPHiz0Y24IdwI=
|
||||
SHA256 (Pkgfile) = 8d4780845d19d2539fdca5aa14405b38bed0f6c86a2619fe01f5bf0ec6a71feb
|
||||
SHA256 (.footprint) = 49ebea9770f893cbe403018d12a23303ae4652d2af3f1128b25c23df27282324
|
||||
SHA256 (openssh-7.9p1.tar.gz) = 6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad
|
||||
SHA256 (openssh-8.0p1.tar.gz) = bd943879e69498e8031eb6b7f44d08cdc37d59a7ab689aa0b437320c3481fd68
|
||||
SHA256 (sshd) = 59cb8cff9890e9f5c617c5bd4e5a15e5e4bcc4bf35eb73a80322825db60bbfd4
|
||||
SHA256 (CVE-2018-20685.patch) = 310347b0173cd97c996a63f703040be07d87ea1a5f4cbe81a3cbdf409b36f7e2
|
||||
|
@ -1,33 +0,0 @@
|
||||
From 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Fri, 16 Nov 2018 03:03:10 +0000
|
||||
Subject: [PATCH] upstream: disallow empty incoming filename or ones that refer
|
||||
to the
|
||||
|
||||
current directory; based on report/patch from Harry Sintonen
|
||||
|
||||
OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9
|
||||
---
|
||||
scp.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/scp.c b/scp.c
|
||||
index 60682c687..4f3fdcd3d 100644
|
||||
--- a/scp.c
|
||||
+++ b/scp.c
|
||||
@@ -1,4 +1,4 @@
|
||||
-/* $OpenBSD: scp.c,v 1.197 2018/06/01 04:31:48 dtucker Exp $ */
|
||||
+/* $OpenBSD: scp.c,v 1.198 2018/11/16 03:03:10 djm Exp $ */
|
||||
/*
|
||||
* scp - secure remote copy. This is basically patched BSD rcp which
|
||||
* uses ssh to do the data transfer (instead of using rcmd).
|
||||
@@ -1106,7 +1106,8 @@ sink(int argc, char **argv)
|
||||
SCREWUP("size out of range");
|
||||
size = (off_t)ull;
|
||||
|
||||
- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
|
||||
+ if (*cp == '\0' || strchr(cp, '/') != NULL ||
|
||||
+ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
|
||||
run_err("error: unexpected filename: %s", cp);
|
||||
exit(1);
|
||||
}
|
@ -4,16 +4,14 @@
|
||||
# Depends on: openssl zlib
|
||||
|
||||
name=openssh
|
||||
version=7.9p1
|
||||
release=2
|
||||
version=8.0p1
|
||||
release=1
|
||||
source=(http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$name-$version.tar.gz
|
||||
sshd CVE-2018-20685.patch)
|
||||
sshd)
|
||||
|
||||
build() {
|
||||
cd $name-$version
|
||||
|
||||
patch -p1 -i $SRC/CVE-2018-20685.patch
|
||||
|
||||
./configure --prefix=/usr \
|
||||
--libexecdir=/usr/lib/ssh \
|
||||
--sysconfdir=/etc/ssh \
|
||||
|
Loading…
Reference in New Issue
Block a user