[openssh] CVE-2010-4755
Jan F. Chadima
jfch2222 at fedoraproject.org
Mon Mar 7 19:32:08 UTC 2011
commit 71d3d9c6836e407482179b1716e38ce131edd83f
Author: Jan F <jfch at kerberos.example.com>
Date: Mon Mar 7 20:31:52 2011 +0100
CVE-2010-4755
openssh-5.8p1-glob.patch | 10 ++++++++++
openssh.spec | 8 +++++++-
2 files changed, 17 insertions(+), 1 deletions(-)
---
diff --git a/openssh-5.8p1-glob.patch b/openssh-5.8p1-glob.patch
new file mode 100644
index 0000000..cb45cd1
--- /dev/null
+++ b/openssh-5.8p1-glob.patch
@@ -0,0 +1,10 @@
+diff -up openssh-5.8p1/sftp-glob.c.glob openssh-5.8p1/sftp-glob.c
+--- openssh-5.8p1/sftp-glob.c.glob 2011-03-07 20:17:34.000000000 +0100
++++ openssh-5.8p1/sftp-glob.c 2011-03-07 20:18:47.000000000 +0100
+@@ -145,5 +145,5 @@ remote_glob(struct sftp_conn *conn, cons
+ memset(&cur, 0, sizeof(cur));
+ cur.conn = conn;
+
+- return(glob(pattern, flags | GLOB_ALTDIRFUNC, errfunc, pglob));
++ return(glob(pattern, flags | GLOB_LIMIT | GLOB_ALTDIRFUNC, errfunc, pglob));
+ }
diff --git a/openssh.spec b/openssh.spec
index aa54611..6300d54 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -71,7 +71,7 @@
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
%define openssh_ver 5.8p1
-%define openssh_rel 14
+%define openssh_rel 15
%define pam_ssh_agent_ver 0.9.2
%define pam_ssh_agent_rel 30
@@ -138,6 +138,8 @@ Patch32: openssh-5.8p1-randclean.patch
# Patch33: openssh-5.1p1-log-in-chroot.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1780
Patch34: openssh-5.8p1-kuserok.patch
+#http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c.diff?r1=1.13&r2=1.13.12.1&f=h
+Patch35: openssh-5.8p1-glob.patch
#?
Patch50: openssh-5.8p1-fips.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1789
@@ -346,6 +348,7 @@ popd
%patch31 -p1 -b .ip-opts
%patch32 -p1 -b .randclean
%patch34 -p1 -b .kuserok
+%patch35 -p1 -b .glob
%patch50 -p1 -b .fips
%patch51 -p1 -b .x11
%patch52 -p1 -b .exit-deadlock
@@ -649,6 +652,9 @@ fi
%endif
%changelog
+* Mon Mar 7 2011 Jan F. Chadima <jchadima at redhat.com> - 5.8p1-15 + 0.9.2-30
+- CVE-2010-4755
+
* Fri Mar 4 2011 Jan F. Chadima <jchadima at redhat.com> - 5.8p1-14 + 0.9.2-30
- improove ssk-keycat (documentation)
More information about the scm-commits
mailing list