summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsevan <sevan@pkgsrc.org>2015-05-16 14:43:02 +0000
committersevan <sevan@pkgsrc.org>2015-05-16 14:43:02 +0000
commit236972aa5e01d4d48be0e33c32c9eed91363b7cd (patch)
tree4df0cc7decd79c4f5f145044f90dcf784b03fb27
parent00a64236111b2ca15a4ed3b921c78c37b1fe264c (diff)
downloadpkgsrc-236972aa5e01d4d48be0e33c32c9eed91363b7cd.tar.gz
Use the correct buffer when calling strlen
http://www.openwall.com/lists/oss-security/2015/05/16/3 Reviewed by wiz@
-rw-r--r--security/openssh/Makefile4
-rw-r--r--security/openssh/distinfo3
-rw-r--r--security/openssh/patches/patch-compat.c16
3 files changed, 20 insertions, 3 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile
index 59f17bbe990..7a34e0bb785 100644
--- a/security/openssh/Makefile
+++ b/security/openssh/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.228 2015/03/19 20:23:55 tron Exp $
+# $NetBSD: Makefile,v 1.229 2015/05/16 14:43:02 sevan Exp $
DISTNAME= openssh-6.6p1
PKGNAME= openssh-6.6.1
-PKGREVISION= 5
+PKGREVISION= 6
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/}
diff --git a/security/openssh/distinfo b/security/openssh/distinfo
index b68f51fcee6..80178a991fe 100644
--- a/security/openssh/distinfo
+++ b/security/openssh/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.90 2015/03/20 22:41:19 rodent Exp $
+$NetBSD: distinfo,v 1.91 2015/05/16 14:43:02 sevan Exp $
SHA1 (openssh-6.6p1-hpnssh14v4.diff.gz) = 1cb86c7151ea4c805cfb1197eac13844cd8f2f2c
RMD160 (openssh-6.6p1-hpnssh14v4.diff.gz) = 292cea7880ff66040d915f2d5957dd27d0835984
@@ -14,6 +14,7 @@ SHA1 (patch-auth1.c) = 7b0481f445bc85cce9d7539b00bf581b9aa09fea
SHA1 (patch-auth2.c) = 8f4f97516874fc4af5814cbd3a1f59b9ca77b43f
SHA1 (patch-channels.c) = 88af4136f13f93d73c70caacea0a2ded0601d1cf
SHA1 (patch-clientloop.c) = 499f34ce4e067f1da8aca257cfa7dd820efa3504
+SHA1 (patch-compat.c) = 9248aace83134287c1f0b78f2b3b61ad5545f5e2
SHA1 (patch-config.h.in) = 9799f48f204aa213318914f1d6c45e83a8af942f
SHA1 (patch-configure) = 3015dda57a5626667cf5c15c7c7be25f8844cfc6
SHA1 (patch-configure.ac) = 996a3bcf133a0832b9d7fa35cc0983562d9fa60a
diff --git a/security/openssh/patches/patch-compat.c b/security/openssh/patches/patch-compat.c
new file mode 100644
index 00000000000..b5e0a4be2a7
--- /dev/null
+++ b/security/openssh/patches/patch-compat.c
@@ -0,0 +1,16 @@
+$NetBSD: patch-compat.c,v 1.1 2015/05/16 14:43:02 sevan Exp $
+
+Use the correct buffer when calling strlen
+http://www.openwall.com/lists/oss-security/2015/05/16/3
+
+--- compat.c.orig 2015-05-16 13:05:33.000000000 +0000
++++ compat.c
+@@ -223,7 +223,7 @@ filter_proposal(char *proposal, const ch
+ buffer_init(&b);
+ tmp = orig_prop = xstrdup(proposal);
+ while ((cp = strsep(&tmp, ",")) != NULL) {
+- if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) {
++ if (match_pattern_list(cp, filter, strlen(filter), 0) != 1) {
+ if (buffer_len(&b) > 0)
+ buffer_append(&b, ",", 1);
+ buffer_append(&b, cp, strlen(cp));