aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorprspkt <prspkt@protonmail.com>2020-06-18 20:40:04 +0300
committerLeo <thinkabit.ukim@gmail.com>2020-06-19 05:18:35 +0000
commit27213e7a0a336dad498525d7cd8868aa53d25c71 (patch)
treecbefdba04dd0db78307f63c9840d10ea7f752998
parent2347c5642490c5f7dc79c2205fff672b7bf5a3f6 (diff)
downloadaports-27213e7a0a336dad498525d7cd8868aa53d25c71.tar.gz
aports-27213e7a0a336dad498525d7cd8868aa53d25c71.tar.bz2
aports-27213e7a0a336dad498525d7cd8868aa53d25c71.tar.xz
main/dropbear: backport security fixes
-rw-r--r--main/dropbear/APKBUILD8
-rw-r--r--main/dropbear/CVE-2018-20685.patch23
2 files changed, 29 insertions, 2 deletions
diff --git a/main/dropbear/APKBUILD b/main/dropbear/APKBUILD
index 570be69730..8d0fb472be 100644
--- a/main/dropbear/APKBUILD
+++ b/main/dropbear/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=dropbear
pkgver=2018.76
-pkgrel=2
+pkgrel=3
pkgdesc="small SSH 2 client/server designed for small memory environments"
url="http://matt.ucc.asn.au/dropbear/dropbear.html"
arch="all"
@@ -23,9 +23,12 @@ source="https://matt.ucc.asn.au/dropbear/releases/${pkgname}-${pkgver}.tar.bz2
dropbear-0.53.1-static_build_fix.patch
dropbear-options_sftp-server_path.patch
CVE-2018-15599.patch
+ CVE-2018-20685.patch
"
# secfixes:
+# 2018.76-r3:
+# - CVE-2018-20685
# 2018.76-r2:
# - CVE-2018-15599
@@ -89,4 +92,5 @@ sha512sums="82323279f7e78c366ba1ea07ff242259132b2576122429f54326518dd6092aba8ae5
83f2c1eaf7687917a4b2bae7d599d4378c4bd64f9126ba42fc5d235f2b3c9a474d1b3168d70ed64bb4101cc251d30bc9ae20604da9b5d819fcd635ee4d0ebb0f dropbear.confd
c9b0f28eb9653de21da4e8646fc27870a156112bce3d8a13baa6154ebf4baada3dee4f75bd5fdf5b6cd24a43fb80fb009e917d139d9e65d35118b082de0ebfbf dropbear-0.53.1-static_build_fix.patch
e11456ec3bc7e1265727c8921a6eb6151712a9a498c7768e2d4b7f9043256099457cebf29b2d47dd61eb260746d97f4b19e9429443bda1c3e441ea50ced79b48 dropbear-options_sftp-server_path.patch
-f204c2ee5aea8c0962573c4c49479ac17e9f6a9ab9ce21060a252b449323be841c1e64460f0e191fc72c6e213ffe829544418715d120a8f6c40de7b6374428e0 CVE-2018-15599.patch"
+f204c2ee5aea8c0962573c4c49479ac17e9f6a9ab9ce21060a252b449323be841c1e64460f0e191fc72c6e213ffe829544418715d120a8f6c40de7b6374428e0 CVE-2018-15599.patch
+6f17cf2b344b97457d2e0c1588fd285fac9757aa5e46aa2c103783978cc5fd9f7085aba36e7409270380d1250a277b43b0f5ff860d157148c6c28a0bbcbdce4c CVE-2018-20685.patch"
diff --git a/main/dropbear/CVE-2018-20685.patch b/main/dropbear/CVE-2018-20685.patch
new file mode 100644
index 0000000000..a8ea2af85b
--- /dev/null
+++ b/main/dropbear/CVE-2018-20685.patch
@@ -0,0 +1,23 @@
+From 8f8a3dff705fad774a10864a2e3dbcfa9779ceff Mon Sep 17 00:00:00 2001
+From: Haelwenn Monnier <contact+github.com@hacktivis.me>
+Date: Mon, 25 May 2020 14:54:29 +0200
+Subject: [PATCH] scp.c: Port OpenSSH CVE-2018-20685 fix (#80)
+
+---
+ scp.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/scp.c b/scp.c
+index 742ae00f..7b8e7d22 100644
+--- a/scp.c
++++ b/scp.c
+@@ -935,7 +935,8 @@ sink(int argc, char **argv)
+ size = size * 10 + (*cp++ - '0');
+ if (*cp++ != ' ')
+ SCREWUP("size not delimited");
+- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
++ if (*cp == '\0' || strchr(cp, '/') != NULL ||
++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
+ run_err("error: unexpected filename: %s", cp);
+ exit(1);
+ } \ No newline at end of file