- Add patch to fix a race condition in a signal handler by removing
the async-signal-unsafe code (CVE-2024-6387, bsc#1226642): * fix-CVE-2024-6387.patch OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=269
This commit is contained in:
parent
b4dab4a6f7
commit
0aa4b1876f
19
fix-CVE-2024-6387.patch
Normal file
19
fix-CVE-2024-6387.patch
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
Index: openssh-9.6p1/log.c
|
||||||
|
===================================================================
|
||||||
|
--- openssh-9.6p1.orig/log.c
|
||||||
|
+++ openssh-9.6p1/log.c
|
||||||
|
@@ -451,12 +451,14 @@ void
|
||||||
|
sshsigdie(const char *file, const char *func, int line, int showfunc,
|
||||||
|
LogLevel level, const char *suffix, const char *fmt, ...)
|
||||||
|
{
|
||||||
|
+#if 0
|
||||||
|
va_list args;
|
||||||
|
|
||||||
|
va_start(args, fmt);
|
||||||
|
sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
|
||||||
|
suffix, fmt, args);
|
||||||
|
va_end(args);
|
||||||
|
+#endif
|
||||||
|
_exit(1);
|
||||||
|
}
|
||||||
|
|
@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jul 1 07:50:28 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
|
||||||
|
|
||||||
|
- Add patch to fix a race condition in a signal handler by removing
|
||||||
|
the async-signal-unsafe code (CVE-2024-6387, bsc#1226642):
|
||||||
|
* fix-CVE-2024-6387.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Jun 10 07:10:48 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
|
Mon Jun 10 07:10:48 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
|
||||||
|
|
||||||
|
@ -128,6 +128,8 @@ Patch106: openssh-7.6p1-cleanup-selinux.patch
|
|||||||
# PATCH-FIX-OPENSUSE bsc#1211301 Add crypto-policies support
|
# PATCH-FIX-OPENSUSE bsc#1211301 Add crypto-policies support
|
||||||
Patch107: openssh-9.6p1-crypto-policies.patch
|
Patch107: openssh-9.6p1-crypto-policies.patch
|
||||||
Patch108: openssh-9.6p1-crypto-policies-man.patch
|
Patch108: openssh-9.6p1-crypto-policies-man.patch
|
||||||
|
# PATCH-FIX-SUSE bsc#1226642 fix CVE-2024-6387
|
||||||
|
Patch109: fix-CVE-2024-6387.patch
|
||||||
%if 0%{with allow_root_password_login_by_default}
|
%if 0%{with allow_root_password_login_by_default}
|
||||||
Patch1000: openssh-7.7p1-allow_root_password_login.patch
|
Patch1000: openssh-7.7p1-allow_root_password_login.patch
|
||||||
%endif
|
%endif
|
||||||
|
Loading…
Reference in New Issue
Block a user