aboutsummaryrefslogtreecommitdiffstats
path: root/main/openssh/CVE-2021-28041.patch
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2021-03-24 09:54:09 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2021-03-24 09:54:09 +0100
commit548780934cd17a38c845008479f636f02458b43a (patch)
treec08be0c2ef604197a7e512d4f9a6a15af11ee4dc /main/openssh/CVE-2021-28041.patch
parent9aa39020e25d7f8041ee4cd30e4ee9581a337352 (diff)
downloadaports-548780934cd17a38c845008479f636f02458b43a.tar.gz
aports-548780934cd17a38c845008479f636f02458b43a.tar.bz2
aports-548780934cd17a38c845008479f636f02458b43a.tar.xz
main/openssh: fix CVE-2021-28041
Patch found from upstream: https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/015_sshagent.patch.sig fixes #12514
Diffstat (limited to 'main/openssh/CVE-2021-28041.patch')
-rw-r--r--main/openssh/CVE-2021-28041.patch32
1 files changed, 32 insertions, 0 deletions
diff --git a/main/openssh/CVE-2021-28041.patch b/main/openssh/CVE-2021-28041.patch
new file mode 100644
index 0000000000..e35ec18f5b
--- /dev/null
+++ b/main/openssh/CVE-2021-28041.patch
@@ -0,0 +1,32 @@
+untrusted comment: verify with openbsd-68-base.pub
+RWQZj25CSG5R2lgsgSLgQjjy3/BFahe7C64NJOej05Naf0mm//TKykuXL7pxOVsY5rnXH0A6vBdO5UNx7PkuTxLOACHx5xV7Gws=
+
+OpenBSD 6.8 errata 015, March 4, 2021:
+
+Double free in ssh-agent(1)
+
+Apply by doing:
+ signify -Vep /etc/signify/openbsd-68-base.pub -x 015_sshagent.patch.sig \
+ -m - | (cd /usr/src && patch -p0)
+
+And then rebuild and install ssh (as well as ssh-agent)
+ cd /usr/src/usr.bin/ssh
+ make obj
+ make clean
+ make
+ make install
+
+Index: usr.bin/ssh/ssh-agent.c
+===================================================================
+RCS file: /cvs/src/usr.bin/ssh/ssh-agent.c,v
+diff -u -p -u -r1.264 ssh-agent.c
+--- ./ssh-agent.c 18 Sep 2020 08:16:38 -0000 1.264
++++ ./ssh-agent.c 3 Mar 2021 01:08:25 -0000
+@@ -567,6 +567,7 @@ process_add_identity(SocketEntry *e)
+ goto err;
+ }
+ free(ext_name);
++ ext_name = NULL;
+ break;
+ default:
+ error("%s: Unknown constraint %d", __func__, ctype);