[putty/el6] Scrub private keys from memory after use
Jaroslav Škarvada
jskarvad at fedoraproject.org
Tue Mar 3 17:05:57 UTC 2015
commit e93f75de7f1ae1c5eeecc7a044a937620204858b
Author: Jaroslav Škarvada <jskarvad at redhat.com>
Date: Tue Mar 3 18:05:54 2015 +0100
Scrub private keys from memory after use
Resolves: CVE-2015-2157
putty-0.63-CVE-2015-2157.patch | 50 ++++++++++++++++++++++++++++++++++++++++++
putty.spec | 8 ++++++-
2 files changed, 57 insertions(+), 1 deletion(-)
---
diff --git a/putty-0.63-CVE-2015-2157.patch b/putty-0.63-CVE-2015-2157.patch
new file mode 100644
index 0000000..d00f6a5
--- /dev/null
+++ b/putty-0.63-CVE-2015-2157.patch
@@ -0,0 +1,50 @@
+diff --git a/sshpubk.c b/sshpubk.c
+index ac9e0fa..2b5213b 100644
+--- a/sshpubk.c
++++ b/sshpubk.c
+@@ -844,6 +844,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
+ goto error;
+ }
+ sfree(public_blob);
++ smemclr(private_blob, private_blob_len);
+ sfree(private_blob);
+ sfree(encryption);
+ if (errorstr)
+@@ -864,8 +865,10 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
+ sfree(mac);
+ if (public_blob)
+ sfree(public_blob);
+- if (private_blob)
+- sfree(private_blob);
++ if (private_blob) {
++ smemclr(private_blob, private_blob_len);
++ sfree(private_blob);
++ }
+ if (errorstr)
+ *errorstr = error;
+ return ret;
+@@ -1154,8 +1157,14 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
+ }
+
+ fp = f_open(filename, "w", TRUE);
+- if (!fp)
+- return 0;
++ if (!fp) {
++ sfree(pub_blob);
++ smemclr(priv_blob, priv_blob_len);
++ sfree(priv_blob);
++ smemclr(priv_blob_encrypted, priv_blob_len);
++ sfree(priv_blob_encrypted);
++ return 0;
++ }
+ fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);
+ fprintf(fp, "Encryption: %s\n", cipherstr);
+ fprintf(fp, "Comment: %s\n", key->comment);
+@@ -1172,6 +1181,7 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
+ sfree(pub_blob);
+ smemclr(priv_blob, priv_blob_len);
+ sfree(priv_blob);
++ smemclr(priv_blob_encrypted, priv_blob_len);
+ sfree(priv_blob_encrypted);
+ return 1;
+ }
diff --git a/putty.spec b/putty.spec
index b100372..8ee8be5 100644
--- a/putty.spec
+++ b/putty.spec
@@ -1,12 +1,13 @@
Name: putty
Version: 0.63
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: SSH, Telnet and Rlogin client
License: MIT
Group: Applications/Internet
URL: http://www.chiark.greenend.org.uk/~sgtatham/putty/
Source0: http://the.earth.li/~sgtatham/putty/latest/%{name}-%{version}.tar.gz
Source2: %{name}.desktop
+Patch0: putty-0.63-CVE-2015-2157.patch
# By default create new files as non-executables
BuildRequires: gtk2-devel krb5-devel halibut desktop-file-utils
BuildRequires: ImageMagick
@@ -17,6 +18,7 @@ Putty is a SSH, Telnet & Rlogin client - this time for Linux.
%prep
%setup -q
+%patch0 -p1 -b .CVE-2015-2157
%build
./mkfiles.pl
@@ -56,6 +58,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Tue Mar 3 2015 Jaroslav Škarvada <jskarvad at redhat.com> - 0.63-4
+- Scrub private keys from memory after use
+ Resolves: CVE-2015-2157
+
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.63-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
More information about the scm-commits
mailing list