Skip to content

Commit

Permalink
import openssh-8.7p1-38.el9_4.4
Browse files Browse the repository at this point in the history
  • Loading branch information
@openela-mship
openela-mship[bot] committed Jul 10, 2024
1 parent e1f4389 commit c00da77
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .openssh.metadata
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
9d440de6627940c09eadc342cc7d8bc9823654fd1a2be11c4f5820dd073054e0 SOURCES/pam_ssh_agent_auth-0.10.4.tar.gz
b07d34756be72d4e294c05a91590355b68bbf3c3b466ea88d21aae168e97c7dc SOURCES/sshd-keygen.target
7ca34b8bb24ae9e50f33792b7091b3841d7e1b440ff57bc9fabddf01e2ed1e24 SOURCES/openssh-8.7p1.tar.gz
bb18c454a3e5d3738cb26a1c89e17c467d7a59529ec92251b26461ae04771eba SOURCES/openssh-8.7p1.tar.gz.asc
9d440de6627940c09eadc342cc7d8bc9823654fd1a2be11c4f5820dd073054e0 SOURCES/pam_ssh_agent_auth-0.10.4.tar.gz
12 changes: 12 additions & 0 deletions SOURCES/openssh-9.8p1-upstream-cve-2024-6387.patch
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,15 @@ diff -up openssh-8.7p1/log.c.xxx openssh-8.7p1/log.c
_exit(1);
}

diff -up openssh-8.7p1/sshd.c.xxx openssh-8.7p1/sshd.c
--- openssh-8.7p1/sshd.c.xxx 2024-07-01 10:33:04.332907749 +0200
+++ openssh-8.7p1/sshd.c 2024-07-01 10:33:47.843998038 +0200
@@ -384,7 +384,7 @@ grace_alarm_handler(int sig)

/* Log error and exit. */
if (use_privsep && pmonitor != NULL && pmonitor->m_pid <= 0)
- cleanup_exit(255); /* don't log in privsep child */
+ _exit(255); /* don't log in privsep child */
else {
sigdie("Timeout before authentication for %s port %d",
ssh_remote_ipaddr(the_active_state),
14 changes: 12 additions & 2 deletions SPECS/openssh.spec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
Summary: An open source implementation of SSH protocol version 2
Name: openssh
Version: %{openssh_ver}
Release: %{openssh_rel}%{?dist}.1
Release: %{openssh_rel}%{?dist}.4
URL: http://www.openssh.com/portable.html
#URL1: https://github.com/jbeverly/pam_ssh_agent_auth/
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
Expand Down Expand Up @@ -363,7 +363,7 @@ Requires: openssh = %{version}-%{release}
%package -n pam_ssh_agent_auth
Summary: PAM module for authentication with ssh-agent
Version: %{pam_ssh_agent_ver}
Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.1
Release: %{pam_ssh_agent_rel}.%{openssh_rel}%{?dist}.4
License: BSD

%description
Expand Down Expand Up @@ -800,6 +800,16 @@ test -f %{sysconfig_anaconda} && \
%endif

%changelog
* Wed Jul 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38.4
- rebuilt

* Wed Jul 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38.3
- rebuilt

* Mon Jul 01 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38.2
- Possible remote code execution due to a race condition (CVE-2024-6409)
Resolves: RHEL-45740

* Fri Jun 28 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38.1
- Possible remote code execution due to a race condition (CVE-2024-6387)
Resolves: RHEL-45347
Expand Down

0 comments on commit c00da77

Please sign in to comment.