diff options
author | sevan <sevan@pkgsrc.org> | 2015-05-16 14:43:02 +0000 |
---|---|---|
committer | sevan <sevan@pkgsrc.org> | 2015-05-16 14:43:02 +0000 |
commit | 236972aa5e01d4d48be0e33c32c9eed91363b7cd (patch) | |
tree | 4df0cc7decd79c4f5f145044f90dcf784b03fb27 | |
parent | 00a64236111b2ca15a4ed3b921c78c37b1fe264c (diff) | |
download | pkgsrc-236972aa5e01d4d48be0e33c32c9eed91363b7cd.tar.gz |
Use the correct buffer when calling strlen
http://www.openwall.com/lists/oss-security/2015/05/16/3
Reviewed by wiz@
-rw-r--r-- | security/openssh/Makefile | 4 | ||||
-rw-r--r-- | security/openssh/distinfo | 3 | ||||
-rw-r--r-- | security/openssh/patches/patch-compat.c | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 59f17bbe990..7a34e0bb785 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.228 2015/03/19 20:23:55 tron Exp $ +# $NetBSD: Makefile,v 1.229 2015/05/16 14:43:02 sevan Exp $ DISTNAME= openssh-6.6p1 PKGNAME= openssh-6.6.1 -PKGREVISION= 5 +PKGREVISION= 6 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/} diff --git a/security/openssh/distinfo b/security/openssh/distinfo index b68f51fcee6..80178a991fe 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.90 2015/03/20 22:41:19 rodent Exp $ +$NetBSD: distinfo,v 1.91 2015/05/16 14:43:02 sevan Exp $ SHA1 (openssh-6.6p1-hpnssh14v4.diff.gz) = 1cb86c7151ea4c805cfb1197eac13844cd8f2f2c RMD160 (openssh-6.6p1-hpnssh14v4.diff.gz) = 292cea7880ff66040d915f2d5957dd27d0835984 @@ -14,6 +14,7 @@ SHA1 (patch-auth1.c) = 7b0481f445bc85cce9d7539b00bf581b9aa09fea SHA1 (patch-auth2.c) = 8f4f97516874fc4af5814cbd3a1f59b9ca77b43f SHA1 (patch-channels.c) = 88af4136f13f93d73c70caacea0a2ded0601d1cf SHA1 (patch-clientloop.c) = 499f34ce4e067f1da8aca257cfa7dd820efa3504 +SHA1 (patch-compat.c) = 9248aace83134287c1f0b78f2b3b61ad5545f5e2 SHA1 (patch-config.h.in) = 9799f48f204aa213318914f1d6c45e83a8af942f SHA1 (patch-configure) = 3015dda57a5626667cf5c15c7c7be25f8844cfc6 SHA1 (patch-configure.ac) = 996a3bcf133a0832b9d7fa35cc0983562d9fa60a diff --git a/security/openssh/patches/patch-compat.c b/security/openssh/patches/patch-compat.c new file mode 100644 index 00000000000..b5e0a4be2a7 --- /dev/null +++ b/security/openssh/patches/patch-compat.c @@ -0,0 +1,16 @@ +$NetBSD: patch-compat.c,v 1.1 2015/05/16 14:43:02 sevan Exp $ + +Use the correct buffer when calling strlen +http://www.openwall.com/lists/oss-security/2015/05/16/3 + +--- compat.c.orig 2015-05-16 13:05:33.000000000 +0000 ++++ compat.c +@@ -223,7 +223,7 @@ filter_proposal(char *proposal, const ch + buffer_init(&b); + tmp = orig_prop = xstrdup(proposal); + while ((cp = strsep(&tmp, ",")) != NULL) { +- if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) { ++ if (match_pattern_list(cp, filter, strlen(filter), 0) != 1) { + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + buffer_append(&b, cp, strlen(cp)); |