[Buildroot] [PATCH 1/1] package/openssh: security bump to version 8.5p1
Yann E. MORIN
yann.morin.1998 at free.fr
Sun Mar 28 08:29:38 UTC 2021
Fabrice, All,
On 2021-03-22 20:00 +0100, Fabrice Fontaine spake thusly:
> * ssh-agent(1): fixed a double-free memory corruption that was
> introduced in OpenSSH 8.2 . We treat all such memory faults as
> potentially exploitable. This bug could be reached by an attacker
> with access to the agent socket.
>
> On modern operating systems where the OS can provide information
> about the user identity connected to a socket, OpenSSH ssh-agent
> and sshd limit agent socket access only to the originating user
> and root. Additional mitigation may be afforded by the system's
> malloc(3)/free(3) implementation, if it detects double-free
> conditions.
>
> The most likely scenario for exploitation is a user forwarding an
> agent either to an account shared with a malicious user or to a
> host with an attacker holding root access.
>
> * Portable sshd(8): Prevent excessively long username going to PAM.
> This is a mitigation for a buffer overflow in Solaris' PAM username
> handling (CVE-2020-14871), and is only enabled for Sun-derived PAM
> implementations. This is not a problem in sshd itself, it only
> prevents sshd from being used as a vector to attack Solaris' PAM.
> It does not prevent the bug in PAM from being exploited via some
> other PAM application. GHPR#212
>
> Also license has been updated to add some openbsd-compat licenses:
> https://github.com/openssh/openssh-portable/commit/922cfac5ed5ead9f796f7d39f012dd653dc5c173
>
> https://www.openssh.com/txt/release-8.5
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Applied to master, thanks.
Regards,
Yann E. MORIN.
> ---
> package/openssh/openssh.hash | 6 +++---
> package/openssh/openssh.mk | 10 ++++++----
> 2 files changed, 9 insertions(+), 7 deletions(-)
>
> diff --git a/package/openssh/openssh.hash b/package/openssh/openssh.hash
> index 840467f50a..c50a49896c 100644
> --- a/package/openssh/openssh.hash
> +++ b/package/openssh/openssh.hash
> @@ -1,4 +1,4 @@
> -# From https://www.openssh.com/txt/release-8.4 (base64 encoded)
> -sha256 5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24 openssh-8.4p1.tar.gz
> +# From https://www.openssh.com/txt/release-8.5 (base64 encoded)
> +sha256 f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25 openssh-8.5p1.tar.gz
> # Locally calculated
> -sha256 73d0db766229670c7b4e1ec5e6baed54977a0694a565e7cc878c45ee834045d7 LICENCE
> +sha256 432abf7480fb31473a6706627212913fc70032e3fb71b90fecb28ae26a2d741d LICENCE
> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
> index 64e3084ca1..055c024cab 100644
> --- a/package/openssh/openssh.mk
> +++ b/package/openssh/openssh.mk
> @@ -4,11 +4,13 @@
> #
> ################################################################################
>
> -OPENSSH_VERSION = 8.4p1
> -OPENSSH_CPE_ID_VERSION = 8.4
> -OPENSSH_CPE_ID_UPDATE = p1
> +OPENSSH_VERSION_MAJOR = 8.5
> +OPENSSH_VERSION_MINOR = p1
> +OPENSSH_VERSION = $(OPENSSH_VERSION_MAJOR)$(OPENSSH_VERSION_MINOR)
> +OPENSSH_CPE_ID_VERSION = $(OPENSSH_VERSION_MAJOR)
> +OPENSSH_CPE_ID_UPDATE = $(OPENSSH_VERSION_MINOR)
> OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
> -OPENSSH_LICENSE = BSD-3-Clause, BSD-2-Clause, Public Domain
> +OPENSSH_LICENSE = BSD-4-Clause, BSD-3-Clause, BSD-2-Clause, Public Domain
> OPENSSH_LICENSE_FILES = LICENCE
> OPENSSH_CONF_ENV = \
> LD="$(TARGET_CC)" \
> --
> 2.30.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
More information about the buildroot
mailing list