diff options
| author | marius <marius@FreeBSD.org> | 2006-03-05 01:36:07 +0800 |
|---|---|---|
| committer | marius <marius@FreeBSD.org> | 2006-03-05 01:36:07 +0800 |
| commit | 9bdd2f8fbe0abe40cf5a2646562ef300b1208b9b (patch) | |
| tree | cba50d87b38b36847f4f8c81c7f696ac2d8b4ac2 /security/ssh2 | |
| parent | cf4778f7a484d27e8b674c2f4fc0f57fd14f99d5 (diff) | |
| download | freebsd-ports-gnome-9bdd2f8fbe0abe40cf5a2646562ef300b1208b9b.tar.gz freebsd-ports-gnome-9bdd2f8fbe0abe40cf5a2646562ef300b1208b9b.tar.zst freebsd-ports-gnome-9bdd2f8fbe0abe40cf5a2646562ef300b1208b9b.zip | |
Add a patch which fixes a format string vulnerability in the SFTP server.
Submitted by: Jarkko Santala <jake@iki.fi>
Approved by: portmgr (erwin)
Security: http://vuxml.freebsd.org/594ad3c5-a39b-11da-926c-0800209adf0e.html
Diffstat (limited to 'security/ssh2')
| -rw-r--r-- | security/ssh2/Makefile | 2 | ||||
| -rw-r--r-- | security/ssh2/files/patch-lib::sshfilexfer::sshfilexfers.c | 21 |
2 files changed, 22 insertions, 1 deletions
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile index e4a27d82f7a5..ba2483ccee49 100644 --- a/security/ssh2/Makefile +++ b/security/ssh2/Makefile @@ -7,7 +7,7 @@ PORTNAME= ssh2 PORTVERSION= 3.2.9.1 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security ipv6 # The list of official mirror sites is at: # http://www.ssh.com/support/downloads/secureshellserver/non-commercial.html diff --git a/security/ssh2/files/patch-lib::sshfilexfer::sshfilexfers.c b/security/ssh2/files/patch-lib::sshfilexfer::sshfilexfers.c new file mode 100644 index 000000000000..cb6133c7bebf --- /dev/null +++ b/security/ssh2/files/patch-lib::sshfilexfer::sshfilexfers.c @@ -0,0 +1,21 @@ +--- lib/sshfilexfer/sshfilexfers.c.orig 2003-12-03 15:17:22.000000000 +0200 ++++ lib/sshfilexfer/sshfilexfers.c 2006-02-22 10:44:25.000000000 +0200 +@@ -5,7 +5,7 @@ + Authors: Tatu Ylonen <ylo@ssh.com> + Sami Lehtinen <sjl@ssh.com> + +- Copyright (c) 1998-2001 SSH Communications Security Corp, Finland ++ Copyright (c) 1998-2001, 2006 SSH Communications Security Corp, Finland + All rights reserved + + Generic file transfer module, server side. +@@ -115,7 +115,8 @@ + if (server->log_facility >= 0) \ + { \ + char *msg = ssh_debug_format varcall; \ +- ssh_log_event(det_fac(category, server->log_facility), severity, msg); \ ++ ssh_log_event(det_fac(category, server->log_facility), severity, \ ++ "%s", msg); \ + ssh_xfree(msg); \ + } \ + } while (0) |