Compare commits
3 Commits
Author | SHA1 | Date |
---|---|---|
Andreas Schneider | 4ae70b5949 | |
Andreas Schneider | 18f86f8221 | |
Andreas Schneider | 169f07ac97 |
|
@ -46,3 +46,7 @@ libssh-0.4.4.tar.gz.asc
|
|||
/libssh_server.config
|
||||
/libssh-0.9.0.tar.xz
|
||||
/libssh-0.9.0.tar.xz.asc
|
||||
/libssh-0.9.2.tar.xz
|
||||
/libssh-0.9.2.tar.xz.asc
|
||||
/libssh-0.9.3.tar.xz
|
||||
/libssh-0.9.3.tar.xz.asc
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,46 @@
|
|||
From b33dcda94d313913a877bc8db006ad02141bc695 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Jelen <jjelen@redhat.com>
|
||||
Date: Wed, 11 Dec 2019 11:07:33 +0100
|
||||
Subject: [PATCH] torture: Accept whole pid_t range
|
||||
|
||||
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
(cherry picked from commit d2a32ca6d3c40483a6d10340d3e11da9259e1379)
|
||||
---
|
||||
tests/torture.c | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/tests/torture.c b/tests/torture.c
|
||||
index 360fd02a..907f45b3 100644
|
||||
--- a/tests/torture.c
|
||||
+++ b/tests/torture.c
|
||||
@@ -196,6 +196,7 @@ torture_read_pidfile(const char *pidfile)
|
||||
{
|
||||
char buf[8] = {0};
|
||||
long int tmp;
|
||||
+ pid_t ret;
|
||||
ssize_t rc;
|
||||
int fd;
|
||||
|
||||
@@ -213,11 +214,16 @@ torture_read_pidfile(const char *pidfile)
|
||||
buf[sizeof(buf) - 1] = '\0';
|
||||
|
||||
tmp = strtol(buf, NULL, 10);
|
||||
- if (tmp == 0 || tmp > 0xFFFF || errno == ERANGE) {
|
||||
+ if (tmp == 0 || errno == ERANGE) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+ ret = (pid_t)tmp;
|
||||
+ /* Check if we are out of pid_t range on this system */
|
||||
+ if ((long)ret != tmp) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
- return (pid_t)(tmp & 0xFFFF);
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
int torture_terminate_process(const char *pidfile)
|
||||
--
|
||||
2.23.0
|
||||
|
17
libssh.spec
17
libssh.spec
|
@ -1,6 +1,6 @@
|
|||
Name: libssh
|
||||
Version: 0.9.0
|
||||
Release: 5%{?dist}
|
||||
Version: 0.9.3
|
||||
Release: 1%{?dist}
|
||||
Summary: A library implementing the SSH protocol
|
||||
License: LGPLv2+
|
||||
URL: http://www.libssh.org
|
||||
|
@ -11,10 +11,9 @@ Source2: https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC
|
|||
Source3: libssh_client.config
|
||||
Source4: libssh_server.config
|
||||
|
||||
Patch0: libssh-0.9.0-do-not-ignore-known-hosts-keys.patch
|
||||
Patch0: libssh-0.9.4-torture_fix_pid_range_check.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: doxygen
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: gnupg2
|
||||
BuildRequires: openssl-devel
|
||||
|
@ -82,7 +81,6 @@ pushd obj
|
|||
-DGLOBAL_BIND_CONFIG="%{_sysconfdir}/libssh/libssh_server.config"
|
||||
|
||||
%make_build VERBOSE=1
|
||||
make docs
|
||||
|
||||
popd
|
||||
|
||||
|
@ -124,7 +122,6 @@ popd
|
|||
%{_libdir}/libssh_threads.so.4*
|
||||
|
||||
%files devel
|
||||
%doc obj/doc/html
|
||||
%{_includedir}/libssh/
|
||||
# own this to avoid dep on cmake -- rex
|
||||
%dir %{_libdir}/cmake/
|
||||
|
@ -139,6 +136,14 @@ popd
|
|||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||
|
||||
%changelog
|
||||
* Tue Dec 10 2019 Andreas Schneider <asn@redhat.com> - 0.9.3-1
|
||||
- Update to version 0.9.3
|
||||
- resolves: #1781780 - Fixes CVE-2019-14889
|
||||
|
||||
* Thu Nov 07 2019 Andreas Schneider <asn@redhat.com> - 0.9.2-1
|
||||
- Upate to version 0.9.2
|
||||
- resolves #1769370 - Remove the docs, they can be found on https://api.libssh.org/
|
||||
|
||||
* Thu Jul 11 2019 Anderson Sasaki <ansasaki@redhat.com> - 0.9.0-5
|
||||
- Add Obsoletes in libssh-config to avoid conflict with old libssh which
|
||||
installed the configuration files.
|
||||
|
|
6
sources
6
sources
|
@ -1,4 +1,2 @@
|
|||
SHA512 (libssh-0.9.0.tar.xz) = 8c91b31e49652d93c295ca62c2ff1ae30f26c263195a8bc2390e44f6e688959507f609125d342ee8180fc03cec2d73258ac72f864696281b53ba9ad244060865
|
||||
SHA512 (libssh-0.9.0.tar.xz.asc) = 6d2c516c42bf52dc213a35ba82718ca775291cff3bbb13ff35773d484d7e49202857350345c2efdccc7f42085caef3b7dd20e77610132615c7c0b45de100106c
|
||||
SHA512 (libssh_client.config) = b04fbfda339c4e53df8dd12cc89d4b92bdc94dd79af5799af2e675216fcd071f99bb12e5aed4b5e9848d93faf0e8407019def189eabbeef31a3c20ec799a6868
|
||||
SHA512 (libssh_server.config) = 30cd80669701ff4a7960a193fb141f850cea74c3bdadaec0f63633ff151d8b05430451307237cb88d2eb20000737091a191b06ea62754a2664a8717a11f9a420
|
||||
SHA512 (libssh-0.9.3.tar.xz) = 6e59718565daeca6d224426cc1095a112deff9af8e0b021917e04f08bb7409263c35724de95f591f38e26f0fb3bbbbc69b679b6775edc21dec158d241b076c6f
|
||||
SHA512 (libssh-0.9.3.tar.xz.asc) = 50d3a49274f1f1994451280b568e96144e60e926f9242182a9ff284671dba21c8a92640b2dee27948f2e33616903f16123b2e018a9cc281cf71d417c2715e1ad
|
||||
|
|
Loading…
Reference in New Issue