aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2020-09-11 01:23:46 -0300
committerLeo <thinkabit.ukim@gmail.com>2020-09-11 01:29:28 -0300
commitfeadd8fa34a941c12072287d2d72f6f0950e4359 (patch)
treec2395eaa230d1e085fec1bb2766095ea964162e3
parent977657e5b289c9eb122373900656083c233d3ecc (diff)
downloadaports-feadd8fa34a941c12072287d2d72f6f0950e4359.tar.gz
aports-feadd8fa34a941c12072287d2d72f6f0950e4359.tar.bz2
aports-feadd8fa34a941c12072287d2d72f6f0950e4359.tar.xz
community/libssh: fix CVE-2020-16135
-rw-r--r--community/libssh/APKBUILD8
-rw-r--r--community/libssh/CVE-2020-16135.patch37
-rw-r--r--main/libssh/CVE-2020-16135.patch37
3 files changed, 80 insertions, 2 deletions
diff --git a/community/libssh/APKBUILD b/community/libssh/APKBUILD
index 11dc9f5590..2df88c1ee3 100644
--- a/community/libssh/APKBUILD
+++ b/community/libssh/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libssh
pkgver=0.9.4
-pkgrel=0
+pkgrel=1
pkgdesc="Library for accessing ssh client services through C libraries"
url="https://www.libssh.org/"
arch="all"
@@ -12,9 +12,12 @@ makedepends="$depends_dev cmake doxygen"
checkdepends="cmocka-dev"
subpackages="$pkgname-dev"
source="https://www.libssh.org/files/${pkgver%.*}/libssh-$pkgver.tar.xz
+ CVE-2020-16135.patch
"
# secfixes:
+# 0.9.4-r1:
+# - CVE-2020-16135
# 0.9.4-r0:
# - CVE-2020-1730
# 0.9.3-r0:
@@ -46,4 +49,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="38705c19c293ea5e6d286d22eb17021dbe58d88c1e647b699933aa0db9ca1174d43d1ff76c1a1b17bf2cc1a8297ec02f1a67dd9e969676dd69cf6fbdae9bc8d4 libssh-0.9.4.tar.xz"
+sha512sums="38705c19c293ea5e6d286d22eb17021dbe58d88c1e647b699933aa0db9ca1174d43d1ff76c1a1b17bf2cc1a8297ec02f1a67dd9e969676dd69cf6fbdae9bc8d4 libssh-0.9.4.tar.xz
+db6bc86b982f740b94cbbebd16985faf23fb084b6af38da1f4e1e6ce0783dd9bddd755347a553765d237c338b70f9d12b60a6f7b2b4ddf836dfbeb58005fbb0a CVE-2020-16135.patch"
diff --git a/community/libssh/CVE-2020-16135.patch b/community/libssh/CVE-2020-16135.patch
new file mode 100644
index 0000000000..eae466070c
--- /dev/null
+++ b/community/libssh/CVE-2020-16135.patch
@@ -0,0 +1,37 @@
+From e631ebb3e2247dd25e9678e6827c20dc73b73238 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Wed, 3 Jun 2020 10:04:09 +0200
+Subject: sftpserver: Add missing NULL check for ssh_buffer_new()
+
+Thanks to Ramin Farajpour Cami for spotting this.
+
+Fixes T232
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Reviewed-by: Jakub Jelen <jjelen@redhat.com>
+(cherry picked from commit 533d881b0f4b24c72b35ecc97fa35d295d063e53)
+---
+ src/sftpserver.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/sftpserver.c b/src/sftpserver.c
+index 5a2110e5..b639a2ce 100644
+--- a/src/sftpserver.c
++++ b/src/sftpserver.c
+@@ -67,6 +67,12 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) {
+
+ /* take a copy of the whole packet */
+ msg->complete_message = ssh_buffer_new();
++ if (msg->complete_message == NULL) {
++ ssh_set_error_oom(session);
++ sftp_client_message_free(msg);
++ return NULL;
++ }
++
+ ssh_buffer_add_data(msg->complete_message,
+ ssh_buffer_get(payload),
+ ssh_buffer_get_len(payload));
+--
+cgit v1.2.1
+
diff --git a/main/libssh/CVE-2020-16135.patch b/main/libssh/CVE-2020-16135.patch
new file mode 100644
index 0000000000..eae466070c
--- /dev/null
+++ b/main/libssh/CVE-2020-16135.patch
@@ -0,0 +1,37 @@
+From e631ebb3e2247dd25e9678e6827c20dc73b73238 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Wed, 3 Jun 2020 10:04:09 +0200
+Subject: sftpserver: Add missing NULL check for ssh_buffer_new()
+
+Thanks to Ramin Farajpour Cami for spotting this.
+
+Fixes T232
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Reviewed-by: Jakub Jelen <jjelen@redhat.com>
+(cherry picked from commit 533d881b0f4b24c72b35ecc97fa35d295d063e53)
+---
+ src/sftpserver.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/sftpserver.c b/src/sftpserver.c
+index 5a2110e5..b639a2ce 100644
+--- a/src/sftpserver.c
++++ b/src/sftpserver.c
+@@ -67,6 +67,12 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) {
+
+ /* take a copy of the whole packet */
+ msg->complete_message = ssh_buffer_new();
++ if (msg->complete_message == NULL) {
++ ssh_set_error_oom(session);
++ sftp_client_message_free(msg);
++ return NULL;
++ }
++
+ ssh_buffer_add_data(msg->complete_message,
+ ssh_buffer_get(payload),
+ ssh_buffer_get_len(payload));
+--
+cgit v1.2.1
+