aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/openssh-portable/Makefile2
-rw-r--r--security/openssh-portable/files/patch-compat.c17
2 files changed, 18 insertions, 1 deletions
diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile
index d9bd0aa755eb..1727fdcf863b 100644
--- a/security/openssh-portable/Makefile
+++ b/security/openssh-portable/Makefile
@@ -3,7 +3,7 @@
PORTNAME= openssh
DISTVERSION= 6.8p1
-PORTREVISION= 6
+PORTREVISION= 7
PORTEPOCH= 1
CATEGORIES= security ipv6
MASTER_SITES= OPENBSD/OpenSSH/portable
diff --git a/security/openssh-portable/files/patch-compat.c b/security/openssh-portable/files/patch-compat.c
new file mode 100644
index 000000000000..a0a873efb89c
--- /dev/null
+++ b/security/openssh-portable/files/patch-compat.c
@@ -0,0 +1,17 @@
+Avoid a heap overflow. Upstream did not deem this a security issue. It appears
+to be mostly harmless too.
+
+http://www.openwall.com/lists/oss-security/2015/05/16/3
+https://anongit.mindrot.org/openssh.git/commit/?id=77199d6ec8986d470487e66f8ea8f4cf43d2e20c
+
+--- compat.c 2015-03-17 06:49:20.000000000 +0100
++++ compat.c 2015-05-03 17:51:32.251293388 +0200
+@@ -229,7 +229,7 @@
+ buffer_init(&b);
+ tmp = orig_prop = xstrdup(proposal);
+ while ((cp = strsep(&tmp, ",")) != NULL) {
+- if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) {
++ if (match_pattern_list(cp, filter, strlen(filter), 0) != 1) {
+ if (buffer_len(&b) > 0)
+ buffer_append(&b, ",", 1);
+ buffer_append(&b, cp, strlen(cp));