This commit is contained in:
OBS User unknown
Git OBS Bridge
parent
f248bab6fd
commit
cf2a4eda22
@ -16,27 +16,33 @@
|
||||
|
||||
if (level > log_level)
|
||||
return;
|
||||
@@ -351,6 +353,15 @@
|
||||
@@ -351,6 +353,7 @@
|
||||
pri = LOG_ERR;
|
||||
break;
|
||||
}
|
||||
+ /* Prevent a race between the grace_alarm
|
||||
+ * which writes a log message and terminates
|
||||
+ * and main sshd code that leads to deadlock
|
||||
+ * as syslog is not async safe.
|
||||
+ */
|
||||
+ sigemptyset(&nset);
|
||||
+ sigaddset(&nset, SIGALRM);
|
||||
+ sigprocmask(SIG_BLOCK, &nset, &oset);
|
||||
+
|
||||
+
|
||||
if (txt != NULL) {
|
||||
snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt);
|
||||
vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args);
|
||||
@@ -372,5 +383,7 @@
|
||||
@@ -363,6 +366,14 @@
|
||||
snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
|
||||
write(STDERR_FILENO, msgbuf, strlen(msgbuf));
|
||||
} else {
|
||||
+ /* Prevent a race between the grace_alarm
|
||||
+ * which writes a log message and terminates
|
||||
+ * and main sshd code that leads to deadlock
|
||||
+ * as syslog is not async safe.
|
||||
+ */
|
||||
+ sigemptyset(&nset);
|
||||
+ sigaddset(&nset, SIGALRM);
|
||||
+ sigprocmask(SIG_BLOCK, &nset, &oset);
|
||||
#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
|
||||
openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
|
||||
syslog_r(pri, &sdata, "%.500s", fmtbuf);
|
||||
@@ -372,5 +383,6 @@
|
||||
syslog(pri, "%.500s", fmtbuf);
|
||||
closelog();
|
||||
#endif
|
||||
+
|
||||
+ sigprocmask(SIG_SETMASK, &oset, NULL);
|
||||
}
|
||||
+ sigprocmask(SIG_SETMASK, &oset, NULL);
|
||||
}
|
||||
|
||||
@ -15,11 +15,11 @@ BuildRequires: gtk2-devel krb5-devel opensc-devel openssh openssl-devel pam-dev
|
||||
License: BSD 3-Clause
|
||||
Group: Productivity/Networking/SSH
|
||||
Version: 4.6p1
|
||||
Release: 60
|
||||
Release: 67
|
||||
Requires: openssh = %{version} openssh-askpass = %{version}
|
||||
Autoreqprov: on
|
||||
AutoReqProv: on
|
||||
Summary: A GNOME-Based Passphrase Dialog for OpenSSH
|
||||
URL: http://www.openssh.com/
|
||||
Url: http://www.openssh.com/
|
||||
%define _name openssh
|
||||
Source: %{_name}-%{version}.tar.bz2
|
||||
Patch: %{_name}-%{version}.dif
|
||||
@ -109,7 +109,6 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) /usr/%_lib/ssh/gnome-ssh-askpass
|
||||
|
||||
%changelog
|
||||
* Tue Dec 12 2006 - anicka@suse.cz
|
||||
- update to 4.5p1
|
||||
|
||||
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 8 16:34:06 CEST 2007 - anicka@suse.cz
|
||||
|
||||
- block SIGALRM only during calling syslog() [#331032]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 13 15:50:39 CEST 2007 - nadvornik@suse.cz
|
||||
|
||||
|
||||
14
openssh.spec
14
openssh.spec
@ -20,19 +20,19 @@ Name: openssh
|
||||
%define _appdefdir %{_prefix}/share/X11/app-defaults
|
||||
%endif
|
||||
BuildRequires: audit-devel krb5-devel opensc-devel openssl-devel pam-devel tcpd-devel xorg-x11-devel
|
||||
License: BSD 3-Clause, X11/MIT
|
||||
License: BSD 3-Clause; X11/MIT
|
||||
Group: Productivity/Networking/SSH
|
||||
Obsoletes: ssh
|
||||
Provides: ssh
|
||||
Requires: /bin/netstat
|
||||
PreReq: /usr/sbin/groupadd /usr/sbin/useradd %insserv_prereq %fillup_prereq /bin/mkdir /bin/cat permissions
|
||||
Conflicts: nonfreessh
|
||||
Autoreqprov: on
|
||||
AutoReqProv: on
|
||||
Version: 4.6p1
|
||||
Release: 53
|
||||
Release: 60
|
||||
%define xversion 1.2.4.1
|
||||
Summary: Secure Shell Client and Server (Remote Login Program)
|
||||
URL: http://www.openssh.com/
|
||||
Url: http://www.openssh.com/
|
||||
Source: %{name}-%{version}.tar.bz2
|
||||
Source1: %{name}-SuSE.tar.bz2
|
||||
Source2: sshd.pamd
|
||||
@ -66,6 +66,7 @@ Patch44: %{name}-%{version}-audit.patch
|
||||
Patch45: %{name}-%{version}-challenge.patch
|
||||
Patch46: %{name}-%{version}-untrusted-cookie-CVE-2007-4752.diff
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
%package askpass
|
||||
Summary: A passphrase dialog for OpenSSH and the X Window System
|
||||
Requires: openssh = %{version}
|
||||
@ -104,7 +105,6 @@ Authors:
|
||||
Tudor Bosman <tudorb@jm.nu>
|
||||
Damien Miller <djm@ibs.com.au>
|
||||
|
||||
|
||||
%description askpass
|
||||
Ssh (Secure Shell) is a program for logging into a remote machine and
|
||||
for executing commands on a remote machine. This package contains an X
|
||||
@ -241,7 +241,6 @@ install -m 755 %{S:9} $RPM_BUILD_ROOT/%{_fwdefdir}/sshd
|
||||
%post
|
||||
%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
|
||||
%run_permissions
|
||||
|
||||
%verifyscript
|
||||
%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
|
||||
|
||||
@ -298,8 +297,9 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%doc %_mandir/man1/ssh-askpass.1x.gz
|
||||
%doc %_mandir/man1/x11-ssh-askpass.1x.gz
|
||||
%config %_appdefdir/SshAskpass
|
||||
|
||||
%changelog
|
||||
* Mon Oct 08 2007 - anicka@suse.cz
|
||||
- block SIGALRM only during calling syslog() [#331032]
|
||||
* Thu Sep 13 2007 - nadvornik@suse.cz
|
||||
- fixed checking of an untrusted cookie, CVE-2007-4752 [#308521]
|
||||
* Tue Aug 28 2007 - anicka@suse.cz
|
||||
|
||||
Loading…
Reference in New Issue
Block a user