[notify] dropbear: fix for CVE-2018-15599

2018-08-30 11:13:01 +02:00 · 2018-08-30 11:13:01 +02:00 · af91638817
commit af91638817
parent 7ac715e121
2 changed files with 7 additions and 4 deletions
--- a/dropbear/.signature
+++ b/dropbear/.signature
@ -1,6 +1,7 @@
 untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/aM/VCJQcchPZByyjLXWkIpUr9BU9OPBVGaP40mqd6c7pefQUHp4QSyQeoiFKqIwvmqQwPK21r30Ans7MktfLAE=
-SHA256 (Pkgfile) = e59a8afd742c5470beefb72d51d9251fd520f77a0a3f4bd9711294d9c3337410
+RWSE3ohX2g5d/fYoSjOlXrVgdVZjSJWCm9ISaxGKVH365kFEj0OWUVRz5fTnuy3CfkroLhr8DzWaVMFqavELeCW0PE2EXJhHpwc=
+SHA256 (Pkgfile) = 6e5947b4c0a75449ab2677121757588e436f4420278b90f2427ddf43f2a338f2
 SHA256 (.footprint) = 62bfe7191a20fcd5f6ec3511c951dee47aefdae734f7d616302e6bfc3a0c1923
 SHA256 (dropbear-2018.76.tar.bz2) = f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65
 SHA256 (dropbear) = def8d4ebda5759a3bc55055957235fa47f7e40216badf07830f487f05e7fbd42
+SHA256 (CVE-2018-15599.diff) = 42b5720cf6c888638cfb84fdd862fc0d323b2e023cbe5f9ccdaa2e0c35b6873e
--- a/dropbear/Pkgfile
+++ b/dropbear/Pkgfile
@ -5,13 +5,15 @@

 name=dropbear
 version=2018.76
-release=1
+release=2
 source=(http://matt.ucc.asn.au/$name/releases/$name-$version.tar.bz2 \
-        $name)
+        $name CVE-2018-15599.diff)

 build () {
    cd $name-$version

+    patch -p1 -i $SRC/CVE-2018-15599.diff
+
    echo '#define SFTPSERVER_PATH "/usr/lib/ssh/sftp-server"' > localoptions.h

    ./configure --prefix=/usr