aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-10-05 11:47:38 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-10-05 11:59:13 -0600
commita0a210815e1e1a1524dd6a640185a5c81d056a88 (patch)
tree88c61f8c0be24852256d38fb6e5eeaa49c93a115
parentb0e083e89d73f5accccbd9c3f691ac38aa03ee58 (diff)
downloadaports-a0a210815e1e1a1524dd6a640185a5c81d056a88.tar.gz
aports-a0a210815e1e1a1524dd6a640185a5c81d056a88.tar.bz2
aports-a0a210815e1e1a1524dd6a640185a5c81d056a88.tar.xz
main/openssh: add mitigation for CVE-2021-41617
-rw-r--r--main/openssh/APKBUILD13
-rw-r--r--main/openssh/CVE-2021-41617.patch25
2 files changed, 35 insertions, 3 deletions
diff --git a/main/openssh/APKBUILD b/main/openssh/APKBUILD
index bba95c9a60..0e2ea02907 100644
--- a/main/openssh/APKBUILD
+++ b/main/openssh/APKBUILD
@@ -4,7 +4,7 @@
pkgname=openssh
pkgver=8.3_p1
_myver=${pkgver%_*}${pkgver#*_}
-pkgrel=2
+pkgrel=3
pkgdesc="Port of OpenBSD's free SSH release"
url="https://www.openssh.com/portable.html"
arch="all"
@@ -38,10 +38,14 @@ source="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-$_myver.tar
CVE-2020-14145.patch
CVE-2021-28041.patch
+ CVE-2021-41617.patch
+
sshd.initd
sshd.confd
"
# secfixes:
+# 8.3_p1-r3:
+# - CVE-2021-41617
# 8.3_p1-r2:
# - CVE-2021-28041
# 8.3_p1-r1:
@@ -209,12 +213,15 @@ _pkg_flavour() {
done
}
-sha512sums="b5232f7c85bf59ae2ff9d17b030117012e257e3b8c0d5ac60bb139a85b1fbf298b40f2e04203a2e13ca7273053ed668b9dedd54d3a67a7cb8e8e58c0228c5f40 openssh-8.3p1.tar.gz
+sha512sums="
+b5232f7c85bf59ae2ff9d17b030117012e257e3b8c0d5ac60bb139a85b1fbf298b40f2e04203a2e13ca7273053ed668b9dedd54d3a67a7cb8e8e58c0228c5f40 openssh-8.3p1.tar.gz
f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 fix-utmp.patch
c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 sftp-interactive.patch
8df35d72224cd255eb0685d2c707b24e5eb24f0fdd67ca6cc0f615bdbd3eeeea2d18674a6af0c6dab74c2d8247e2370d0b755a84c99f766a431bc50c40b557de disable-forwarding-by-default.patch
b0d1fc89bd46ebfc8c7c00fd897732e67a6cda996811c14d99392685bb0b508b52c9dc3188b1a84c0ffa3f72f57189cc615a76b81796dd1b5f552542bd53f84d fix-verify-dns-segfault.patch
367c4f4e2777cd4608a9a7455c1d9744683938fab9b07333af8bbe26aef30091040e69b6ee84dee82c09d50d93e15a9c005cc799b5d15d40d2fa31f879ba0850 CVE-2020-14145.patch
927863c0778d4933d90d5cbd97ba2d6f6deb3c44def522bfb764103e72320512d91a4d4f21ae46b46e72c5fd379d523511f3827b7b0834862483eb3796916bf9 CVE-2021-28041.patch
+25f73470597d2281ab4f13e992b5d56630c12c6f0b65507ebfa60b31003c828e8098012d2561f23f99858e430af67b178df0e94e0116a02e559e427cc287899f CVE-2021-41617.patch
8122ac1838586a1487dad1f70ed2ec8161ae57b4a7ee8bfef9757b590aa76a887a6c5e5f2575728da4c6c2f00d2a924360e23d84a4df204d7021b44b690cb2f8 sshd.initd
-ec506156c286e5b28a530e9964dd68b7f6c9e881fbc47247a988e52a1f9cd50cbfaf4955c96774f9e2508d8b734c4abf98785fbaa75ae6249e3464b5495f1afc sshd.confd"
+ec506156c286e5b28a530e9964dd68b7f6c9e881fbc47247a988e52a1f9cd50cbfaf4955c96774f9e2508d8b734c4abf98785fbaa75ae6249e3464b5495f1afc sshd.confd
+"
diff --git a/main/openssh/CVE-2021-41617.patch b/main/openssh/CVE-2021-41617.patch
new file mode 100644
index 0000000000..ec9b8392b4
--- /dev/null
+++ b/main/openssh/CVE-2021-41617.patch
@@ -0,0 +1,25 @@
+diff --git a/auth.c b/auth.c
+index b8d1040d..0134d694 100644
+--- a/auth.c
++++ b/auth.c
+@@ -56,6 +56,7 @@
+ # include <paths.h>
+ #endif
+ #include <pwd.h>
++#include <grp.h>
+ #ifdef HAVE_LOGIN_H
+ #include <login.h>
+ #endif
+@@ -2695,6 +2696,12 @@ subprocess(const char *tag, const char *command,
+ }
+ closefrom(STDERR_FILENO + 1);
+
++ if (geteuid() == 0 &&
++ initgroups(pw->pw_name, pw->pw_gid) == -1) {
++ error("%s: initgroups(%s, %u): %s", tag,
++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
++ _exit(1);
++ }
+ /* Don't use permanently_set_uid() here to avoid fatal() */
+ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
+ error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,