Update to version 0.7.6
Fixes CVE-2018-10933
This commit is contained in:
Andreas Schneider
parent
c8b24eba31
commit
ed1e015fcf
2
.gitignore
vendored
2
.gitignore
vendored
@ -25,3 +25,5 @@ libssh-0.4.4.tar.gz.asc
|
||||
/libssh-0.7.3.tar.xz
|
||||
/libssh-0.7.4.tar.xz
|
||||
/libssh-0.7.5.tar.xz
|
||||
/libssh-0.7.6.tar.xz
|
||||
/libssh-0.7.6.tar.xz.asc
|
||||
|
||||
@ -1,32 +0,0 @@
|
||||
From 5333be5988c3789e7011598995f4df90d50d84d0 Mon Sep 17 00:00:00 2001
|
||||
From: "Artyom V. Poptsov" <poptsov.artyom@gmail.com>
|
||||
Date: Sun, 4 Jun 2017 11:54:55 +0300
|
||||
Subject: config: Bugfix: Don't skip unseen opcodes
|
||||
|
||||
libssh fails to read the configuration from a config file due to a
|
||||
wrong check in 'ssh_config_parse_line' procedure in 'config.c'; it's
|
||||
effectively skipping every opcode (and therefore every option) from
|
||||
the file. The change fixes that behaviour.
|
||||
|
||||
Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
---
|
||||
src/config.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/config.c b/src/config.c
|
||||
index 6478fc5f..519926e7 100644
|
||||
--- a/src/config.c
|
||||
+++ b/src/config.c
|
||||
@@ -219,7 +219,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
|
||||
|
||||
opcode = ssh_config_get_opcode(keyword);
|
||||
if (*parsing == 1 && opcode != SOC_HOST) {
|
||||
- if (seen[opcode] == 0) {
|
||||
+ if (seen[opcode] != 0) {
|
||||
return 0;
|
||||
}
|
||||
seen[opcode] = 1;
|
||||
--
|
||||
cgit v1.1
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
14
libssh.spec
14
libssh.spec
@ -1,14 +1,11 @@
|
||||
Name: libssh
|
||||
Version: 0.7.5
|
||||
Release: 6%{?dist}
|
||||
Version: 0.7.6
|
||||
Release: 1%{?dist}
|
||||
Summary: A library implementing the SSH protocol
|
||||
License: LGPLv2+
|
||||
URL: http://www.libssh.org
|
||||
|
||||
Source0: https://red.libssh.org/attachments/download/218/libssh-0.7.5.tar.xz
|
||||
|
||||
Patch0: libssh-0.7.5-fix-config-parsing.patch
|
||||
Patch1: libssh-0.7.5-openssl-1.1.patch
|
||||
Source0: https://www.libssh.org/files/0.7/%{name}-%{version}.tar.xz
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: doxygen
|
||||
@ -87,6 +84,11 @@ popd
|
||||
%{_libdir}/libssh_threads.so
|
||||
|
||||
%changelog
|
||||
* Tue Oct 16 2018 Andreas Schneider <asn@redhat.com> - 0.7.6-1
|
||||
- Update to version 0.7.6
|
||||
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release
|
||||
- Fixes CVE-2018-10933
|
||||
|
||||
* Thu Feb 01 2018 Andreas Schneider <asn@redhat.com> - 0.7.5-6
|
||||
- resolves: #1540021 - Build against OpenSSL 1.1
|
||||
|
||||
|
||||
3
sources
3
sources
@ -1 +1,2 @@
|
||||
SHA512 (libssh-0.7.5.tar.xz) = 6c7f539899caaedf13d66fa2e0fac1a475ecdfe389131abcbdf908bdebc50a0b9e6b0d43e67e52aea85c32f6aa68e46ca2f50695992f82ded83489f445a8e775
|
||||
SHA512 (libssh-0.7.6.tar.xz) = 2a01402b5a9fab9ecc29200544ed45d3f2c40871ed1c8241ca793f8dc7fdb3ad2150f6a522c4321affa9b8778e280dc7ed10f76adfc4a73f0751ae735a42f56c
|
||||
SHA512 (libssh-0.7.6.tar.xz.asc) = 775626340ff5d5207a62ead47cf0baf908c89bdd2b8c4cca4671191310cde55d83b402d7e88564aab62d551267de692e0a5e2a7337a8f8a8e08a0af05b355c78
|
||||
|
||||
Loading…
Reference in New Issue
Block a user