All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH][fido] openssh: CVE-2016-077x
@ 2016-01-18  5:26 Armin Kuster
  2016-01-20 11:34 ` Joshua G Lock
  0 siblings, 1 reply; 2+ messages in thread
From: Armin Kuster @ 2016-01-18  5:26 UTC (permalink / raw)
  To: openembedded-core; +Cc: Armin Kuster

From: Armin Kuster <akuster@mvista.com>

this address two CVE's.
CVE-2016-0777 and CVE-2016-0778

Signed-off-by: Armin Kuster <akuster@mvista.com>
---
 .../openssh/openssh/CVE-2016-077x.patch            | 56 ++++++++++++++++++++++
 meta/recipes-connectivity/openssh/openssh_6.7p1.bb |  1 +
 2 files changed, 57 insertions(+)
 create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-077x.patch

diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2016-077x.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2016-077x.patch
new file mode 100644
index 0000000..4cc462d
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/CVE-2016-077x.patch
@@ -0,0 +1,56 @@
+From e6c85f8889c5c9eb04796fdb76d2807636b9eef5 Mon Sep 17 00:00:00 2001
+From: Damien Miller <djm@mindrot.org>
+Date: Fri, 15 Jan 2016 01:30:36 +1100
+Subject: [PATCH] forcibly disable roaming support in the client
+
+
+Upstream-Status: Backport
+CVE: CVE-2016-0777
+CVE: CVE-2016-0778
+
+[Yocto #8935]
+
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ readconf.c | 5 ++---
+ ssh.c      | 3 ---
+ 2 files changed, 2 insertions(+), 6 deletions(-)
+
+Index: openssh-6.7p1/readconf.c
+===================================================================
+--- openssh-6.7p1.orig/readconf.c
++++ openssh-6.7p1/readconf.c
+@@ -1597,7 +1597,7 @@ initialize_options(Options * options)
+ 	options->tun_remote = -1;
+ 	options->local_command = NULL;
+ 	options->permit_local_command = -1;
+-	options->use_roaming = -1;
++	options->use_roaming = 0;
+ 	options->visual_host_key = -1;
+ 	options->ip_qos_interactive = -1;
+ 	options->ip_qos_bulk = -1;
+@@ -1768,8 +1768,7 @@ fill_default_options(Options * options)
+ 		options->tun_remote = SSH_TUNID_ANY;
+ 	if (options->permit_local_command == -1)
+ 		options->permit_local_command = 0;
+-	if (options->use_roaming == -1)
+-		options->use_roaming = 1;
++	options->use_roaming = 0;
+ 	if (options->visual_host_key == -1)
+ 		options->visual_host_key = 0;
+ 	if (options->ip_qos_interactive == -1)
+Index: openssh-6.7p1/ssh.c
+===================================================================
+--- openssh-6.7p1.orig/ssh.c
++++ openssh-6.7p1/ssh.c
+@@ -1800,9 +1800,6 @@ ssh_session2(void)
+ 			fork_postauth();
+ 	}
+ 
+-	if (options.use_roaming)
+-		request_roaming();
+-
+ 	return client_loop(tty_flag, tty_flag ?
+ 	    options.escape_char : SSH_ESCAPECHAR_NONE, id);
+ }
diff --git a/meta/recipes-connectivity/openssh/openssh_6.7p1.bb b/meta/recipes-connectivity/openssh/openssh_6.7p1.bb
index 9246284..700bf7f 100644
--- a/meta/recipes-connectivity/openssh/openssh_6.7p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_6.7p1.bb
@@ -26,6 +26,7 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.
            file://CVE-2015-6564.patch \
            file://CVE-2015-6565.patch \
            file://CVE-2015-5600.patch \
+           file://CVE-2016-077x.patch \
            "
 
 PAM_SRC_URI = "file://sshd"
-- 
1.9.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-01-20 11:34 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-18  5:26 [PATCH][fido] openssh: CVE-2016-077x Armin Kuster
2016-01-20 11:34 ` Joshua G Lock

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.