diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2015-05-16 19:48:50 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2015-05-16 19:48:50 +0000 |
| commit | f2f8369997ca645552e352daecf4d0276893a046 (patch) | |
| tree | 1f1cf90ac5aa455b523d0ecc666f49633779bf95 | |
| parent | 399f4d9b316fee8bd6d53f7d6a124b2e5a5cb631 (diff) | |
| download | pkgsrc-f2f8369997ca645552e352daecf4d0276893a046.tar.gz | |
Pullup ticket #4719 - requested by sevan
security/openssh: security fix
Revisions pulled up:
- security/openssh/Makefile 1.229
- security/openssh/distinfo 1.91
- security/openssh/patches/patch-compat.c 1.1
---
Module Name: pkgsrc
Committed By: sevan
Date: Sat May 16 14:43:02 UTC 2015
Modified Files:
pkgsrc/security/openssh: Makefile distinfo
Added Files:
pkgsrc/security/openssh/patches: patch-compat.c
Log Message:
Use the correct buffer when calling strlen
http://www.openwall.com/lists/oss-security/2015/05/16/3
Reviewed by wiz@
| -rw-r--r-- | security/openssh/Makefile | 4 | ||||
| -rw-r--r-- | security/openssh/distinfo | 3 | ||||
| -rw-r--r-- | security/openssh/patches/patch-compat.c | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 59f17bbe990..add7374bf9f 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.228 2015/03/19 20:23:55 tron Exp $ +# $NetBSD: Makefile,v 1.228.2.1 2015/05/16 19:48:50 bsiegert Exp $ DISTNAME= openssh-6.6p1 PKGNAME= openssh-6.6.1 -PKGREVISION= 5 +PKGREVISION= 6 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/} diff --git a/security/openssh/distinfo b/security/openssh/distinfo index b68f51fcee6..382288bfa46 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.90 2015/03/20 22:41:19 rodent Exp $ +$NetBSD: distinfo,v 1.90.2.1 2015/05/16 19:48:50 bsiegert Exp $ SHA1 (openssh-6.6p1-hpnssh14v4.diff.gz) = 1cb86c7151ea4c805cfb1197eac13844cd8f2f2c RMD160 (openssh-6.6p1-hpnssh14v4.diff.gz) = 292cea7880ff66040d915f2d5957dd27d0835984 @@ -14,6 +14,7 @@ SHA1 (patch-auth1.c) = 7b0481f445bc85cce9d7539b00bf581b9aa09fea SHA1 (patch-auth2.c) = 8f4f97516874fc4af5814cbd3a1f59b9ca77b43f SHA1 (patch-channels.c) = 88af4136f13f93d73c70caacea0a2ded0601d1cf SHA1 (patch-clientloop.c) = 499f34ce4e067f1da8aca257cfa7dd820efa3504 +SHA1 (patch-compat.c) = 9248aace83134287c1f0b78f2b3b61ad5545f5e2 SHA1 (patch-config.h.in) = 9799f48f204aa213318914f1d6c45e83a8af942f SHA1 (patch-configure) = 3015dda57a5626667cf5c15c7c7be25f8844cfc6 SHA1 (patch-configure.ac) = 996a3bcf133a0832b9d7fa35cc0983562d9fa60a diff --git a/security/openssh/patches/patch-compat.c b/security/openssh/patches/patch-compat.c new file mode 100644 index 00000000000..d8e1fe7af72 --- /dev/null +++ b/security/openssh/patches/patch-compat.c @@ -0,0 +1,16 @@ +$NetBSD: patch-compat.c,v 1.1.2.2 2015/05/16 19:48:50 bsiegert Exp $ + +Use the correct buffer when calling strlen +http://www.openwall.com/lists/oss-security/2015/05/16/3 + +--- compat.c.orig 2015-05-16 13:05:33.000000000 +0000 ++++ compat.c +@@ -223,7 +223,7 @@ filter_proposal(char *proposal, const ch + buffer_init(&b); + tmp = orig_prop = xstrdup(proposal); + while ((cp = strsep(&tmp, ",")) != NULL) { +- if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) { ++ if (match_pattern_list(cp, filter, strlen(filter), 0) != 1) { + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + buffer_append(&b, cp, strlen(cp)); |