Update to version 0.7.6

Fixes CVE-2018-10933
This commit is contained in:
Andreas Schneider 2018-10-16 15:52:28 +02:00
parent c8b24eba31
commit ed1e015fcf
5 changed files with 12 additions and 1385 deletions

2
.gitignore vendored
View File

@ -25,3 +25,5 @@ libssh-0.4.4.tar.gz.asc
/libssh-0.7.3.tar.xz
/libssh-0.7.4.tar.xz
/libssh-0.7.5.tar.xz
/libssh-0.7.6.tar.xz
/libssh-0.7.6.tar.xz.asc

View File

@ -1,32 +0,0 @@
From 5333be5988c3789e7011598995f4df90d50d84d0 Mon Sep 17 00:00:00 2001
From: "Artyom V. Poptsov" <poptsov.artyom@gmail.com>
Date: Sun, 4 Jun 2017 11:54:55 +0300
Subject: config: Bugfix: Don't skip unseen opcodes
libssh fails to read the configuration from a config file due to a
wrong check in 'ssh_config_parse_line' procedure in 'config.c'; it's
effectively skipping every opcode (and therefore every option) from
the file. The change fixes that behaviour.
Signed-off-by: Artyom V. Poptsov <poptsov.artyom@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
src/config.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/config.c b/src/config.c
index 6478fc5f..519926e7 100644
--- a/src/config.c
+++ b/src/config.c
@@ -219,7 +219,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
opcode = ssh_config_get_opcode(keyword);
if (*parsing == 1 && opcode != SOC_HOST) {
- if (seen[opcode] == 0) {
+ if (seen[opcode] != 0) {
return 0;
}
seen[opcode] = 1;
--
cgit v1.1

File diff suppressed because it is too large Load Diff

View File

@ -1,14 +1,11 @@
Name: libssh
Version: 0.7.5
Release: 6%{?dist}
Version: 0.7.6
Release: 1%{?dist}
Summary: A library implementing the SSH protocol
License: LGPLv2+
URL: http://www.libssh.org
Source0: https://red.libssh.org/attachments/download/218/libssh-0.7.5.tar.xz
Patch0: libssh-0.7.5-fix-config-parsing.patch
Patch1: libssh-0.7.5-openssl-1.1.patch
Source0: https://www.libssh.org/files/0.7/%{name}-%{version}.tar.xz
BuildRequires: cmake
BuildRequires: doxygen
@ -87,6 +84,11 @@ popd
%{_libdir}/libssh_threads.so
%changelog
* Tue Oct 16 2018 Andreas Schneider <asn@redhat.com> - 0.7.6-1
- Update to version 0.7.6
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release
- Fixes CVE-2018-10933
* Thu Feb 01 2018 Andreas Schneider <asn@redhat.com> - 0.7.5-6
- resolves: #1540021 - Build against OpenSSL 1.1

View File

@ -1 +1,2 @@
SHA512 (libssh-0.7.5.tar.xz) = 6c7f539899caaedf13d66fa2e0fac1a475ecdfe389131abcbdf908bdebc50a0b9e6b0d43e67e52aea85c32f6aa68e46ca2f50695992f82ded83489f445a8e775
SHA512 (libssh-0.7.6.tar.xz) = 2a01402b5a9fab9ecc29200544ed45d3f2c40871ed1c8241ca793f8dc7fdb3ad2150f6a522c4321affa9b8778e280dc7ed10f76adfc4a73f0751ae735a42f56c
SHA512 (libssh-0.7.6.tar.xz.asc) = 775626340ff5d5207a62ead47cf0baf908c89bdd2b8c4cca4671191310cde55d83b402d7e88564aab62d551267de692e0a5e2a7337a8f8a8e08a0af05b355c78