[gsi-openssh/f17] Security fix for vulnerability
Mattias Ellert
ellert at fedoraproject.org
Sat Apr 6 14:55:58 UTC 2013
commit 20b9c6bf9e4e9a6e421df742bf763acd3dce3f8e
Author: Mattias Ellert <mattias.ellert at fysast.uu.se>
Date: Sat Apr 6 16:33:29 2013 +0200
Security fix for vulnerability
http://grid.ncsa.illinois.edu/ssh/pamuserchange-2013-01.adv
https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2013-5168
gsi-openssh.spec | 7 ++++++-
openssh-5.9p1-gsissh.patch | 6 ++++--
2 files changed, 10 insertions(+), 3 deletions(-)
---
diff --git a/gsi-openssh.spec b/gsi-openssh.spec
index 5f769ba..1cf1398 100644
--- a/gsi-openssh.spec
+++ b/gsi-openssh.spec
@@ -32,7 +32,7 @@
%global nologin 1
%global openssh_ver 5.9p1
-%global openssh_rel 10
+%global openssh_rel 11
Summary: An implementation of the SSH protocol with GSI authentication
Name: gsi-openssh
@@ -555,6 +555,11 @@ fi
%attr(0644,root,root) %{_unitdir}/gsisshd.service
%changelog
+* Sat Apr 06 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.9p1-11
+- Security fix for vulnerability
+ http://grid.ncsa.illinois.edu/ssh/pamuserchange-2013-01.adv
+ https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2013-5168
+
* Tue Feb 26 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.9p1-10
- Based on openssh-5.9p1-29.fc17
diff --git a/openssh-5.9p1-gsissh.patch b/openssh-5.9p1-gsissh.patch
index e947dfe..722b2fb 100644
--- a/openssh-5.9p1-gsissh.patch
+++ b/openssh-5.9p1-gsissh.patch
@@ -370,7 +370,7 @@ diff -Nur openssh-5.9p1.orig/auth-pam.c openssh-5.9p1/auth-pam.c
typedef pid_t sp_pthread_t;
#endif
-@@ -277,6 +281,49 @@
+@@ -277,6 +281,51 @@
# define pam_chauthtok(a,b) (sshpam_chauthtok_ruid((a), (b)))
#endif
@@ -410,8 +410,10 @@ diff -Nur openssh-5.9p1.orig/auth-pam.c openssh-5.9p1/auth-pam.c
+ fatal("PAM: could not get passwd entry for user "
+ "'%.100s' provided by PAM_USER", user);
+ pwfree(sshpam_authctxt->pw);
-+ sshpam_authctxt->pw = pw;
++ sshpam_authctxt->pw = pwcopy(pw);
+ sshpam_authctxt->valid = allowed_user(pw);
++ xfree(sshpam_authctxt->user);
++ sshpam_authctxt->user = xstrdup(user);
+ debug("PAM: user '%.100s' now %svalid", user,
+ sshpam_authctxt->valid ? "" : "in");
+ }
More information about the scm-commits
mailing list