diff options
| author | bdrewery <bdrewery@FreeBSD.org> | 2015-07-28 02:47:55 +0800 |
|---|---|---|
| committer | bdrewery <bdrewery@FreeBSD.org> | 2015-07-28 02:47:55 +0800 |
| commit | 65295debcb34c9389eddbf024fa8699c57c564aa (patch) | |
| tree | 1b55455ca30d487665fb030b4abb59c03ef99d56 /security/openssh-portable | |
| parent | 6e2dee7f3ff08bf1e710dd02a40362680327a5ee (diff) | |
| download | freebsd-ports-gnome-65295debcb34c9389eddbf024fa8699c57c564aa.tar.gz freebsd-ports-gnome-65295debcb34c9389eddbf024fa8699c57c564aa.tar.zst freebsd-ports-gnome-65295debcb34c9389eddbf024fa8699c57c564aa.zip | |
Add upstream fix to address CVE-2015-5600 for MaxAuthTries bypass.
Security: 5b74a5bc-348f-11e5-ba05-c80aa9043978
Diffstat (limited to 'security/openssh-portable')
| -rw-r--r-- | security/openssh-portable/Makefile | 2 | ||||
| -rw-r--r-- | security/openssh-portable/files/patch-auth2-chall.c | 52 |
2 files changed, 53 insertions, 1 deletions
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile index 1e3d9be0c882..88450728b476 100644 --- a/security/openssh-portable/Makefile +++ b/security/openssh-portable/Makefile @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 6.9p1 -PORTREVISION= 1 +PORTREVISION= 2 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= OPENBSD/OpenSSH/portable diff --git a/security/openssh-portable/files/patch-auth2-chall.c b/security/openssh-portable/files/patch-auth2-chall.c new file mode 100644 index 000000000000..2f4984b50bbd --- /dev/null +++ b/security/openssh-portable/files/patch-auth2-chall.c @@ -0,0 +1,52 @@ +From 5b64f85bb811246c59ebab70aed331f26ba37b18 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" <djm@openbsd.org> +Date: Sat, 18 Jul 2015 07:57:14 +0000 +Subject: upstream commit + +only query each keyboard-interactive device once per + authentication request regardless of how many times it is listed; ok markus@ + +Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1 +--- + auth2-chall.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/auth2-chall.c b/auth2-chall.c +index ddabe1a..4aff09d 100644 +--- auth2-chall.c ++++ auth2-chall.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */ ++/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */ + /* + * Copyright (c) 2001 Markus Friedl. All rights reserved. + * Copyright (c) 2001 Per Allansson. All rights reserved. +@@ -83,6 +83,7 @@ struct KbdintAuthctxt + void *ctxt; + KbdintDevice *device; + u_int nreq; ++ u_int devices_done; + }; + + #ifdef USE_PAM +@@ -169,11 +170,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) + if (len == 0) + break; + for (i = 0; devices[i]; i++) { +- if (!auth2_method_allowed(authctxt, ++ if ((kbdintctxt->devices_done & (1 << i)) != 0 || ++ !auth2_method_allowed(authctxt, + "keyboard-interactive", devices[i]->name)) + continue; +- if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) ++ if (strncmp(kbdintctxt->devices, devices[i]->name, ++ len) == 0) { + kbdintctxt->device = devices[i]; ++ kbdintctxt->devices_done |= 1 << i; ++ } + } + t = kbdintctxt->devices; + kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; +-- +cgit v0.11.2 + |