[putty/el6] Scrub private keys from memory after use

[Jaroslav Škarvada]

commit e93f75de7f1ae1c5eeecc7a044a937620204858b
Author: Jaroslav Škarvada <jskarvad at redhat.com>
Date:   Tue Mar 3 18:05:54 2015 +0100

    Scrub private keys from memory after use
    
      Resolves: CVE-2015-2157

 putty-0.63-CVE-2015-2157.patch | 50 ++++++++++++++++++++++++++++++++++++++++++
 putty.spec                     |  8 ++++++-
 2 files changed, 57 insertions(+), 1 deletion(-)
---
diff --git a/putty-0.63-CVE-2015-2157.patch b/putty-0.63-CVE-2015-2157.patch
new file mode 100644
index 0000000..d00f6a5
--- /dev/null
+++ b/putty-0.63-CVE-2015-2157.patch
@@ -0,0 +1,50 @@
+diff --git a/sshpubk.c b/sshpubk.c
+index ac9e0fa..2b5213b 100644
+--- a/sshpubk.c
++++ b/sshpubk.c
+@@ -844,6 +844,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
+ 	goto error;
+     }
+     sfree(public_blob);
++    smemclr(private_blob, private_blob_len);
+     sfree(private_blob);
+     sfree(encryption);
+     if (errorstr)
+@@ -864,8 +865,10 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
+ 	sfree(mac);
+     if (public_blob)
+ 	sfree(public_blob);
+-    if (private_blob)
+-	sfree(private_blob);
++    if (private_blob) {
++        smemclr(private_blob, private_blob_len);
++        sfree(private_blob);
++    }
+     if (errorstr)
+ 	*errorstr = error;
+     return ret;
+@@ -1154,8 +1157,14 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
+     }
+ 
+     fp = f_open(filename, "w", TRUE);
+-    if (!fp)
+-	return 0;
++    if (!fp) {
++        sfree(pub_blob);
++        smemclr(priv_blob, priv_blob_len);
++        sfree(priv_blob);
++        smemclr(priv_blob_encrypted, priv_blob_len);
++        sfree(priv_blob_encrypted);
++        return 0;
++    }
+     fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);
+     fprintf(fp, "Encryption: %s\n", cipherstr);
+     fprintf(fp, "Comment: %s\n", key->comment);
+@@ -1172,6 +1181,7 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
+     sfree(pub_blob);
+     smemclr(priv_blob, priv_blob_len);
+     sfree(priv_blob);
++    smemclr(priv_blob_encrypted, priv_blob_len);
+     sfree(priv_blob_encrypted);
+     return 1;
+ }
diff --git a/putty.spec b/putty.spec
index b100372..8ee8be5 100644
--- a/putty.spec
+++ b/putty.spec
@@ -1,12 +1,13 @@
 Name:		putty
 Version:	0.63
-Release:	3%{?dist}
+Release:	4%{?dist}
 Summary:	SSH, Telnet and Rlogin client
 License:	MIT
 Group:		Applications/Internet
 URL:		http://www.chiark.greenend.org.uk/~sgtatham/putty/
 Source0:	http://the.earth.li/~sgtatham/putty/latest/%{name}-%{version}.tar.gz
 Source2:	%{name}.desktop
+Patch0:		putty-0.63-CVE-2015-2157.patch
 # By default create new files as non-executables
 BuildRequires:	gtk2-devel krb5-devel halibut desktop-file-utils
 BuildRequires:	ImageMagick
@@ -17,6 +18,7 @@ Putty is a SSH, Telnet & Rlogin client - this time for Linux.
 %prep
 
 %setup -q
+%patch0 -p1 -b .CVE-2015-2157
 
 %build
 ./mkfiles.pl
@@ -56,6 +58,10 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Tue Mar  3 2015 Jaroslav Škarvada <jskarvad at redhat.com> - 0.63-4
+- Scrub private keys from memory after use
+  Resolves: CVE-2015-2157
+
 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.63-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild