Update to 1.8.2
- New upstream release 1.8.2 - Fixed the misapplied userauth patch that broke 1.8.1 - Moved the MAX size declarations from the public header
This commit is contained in:
parent
7dfb17d3cb
commit
69ee8f7637
|
@ -1,50 +0,0 @@
|
||||||
From 74ecd0e10ced2237f32d273784ef8eaf553b9c30 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Will Cosgrove <will@panic.com>
|
|
||||||
Date: Mon, 18 Mar 2019 17:36:04 -0700
|
|
||||||
Subject: [PATCH] Fixed misapplied patch
|
|
||||||
|
|
||||||
Fixes for user auth
|
|
||||||
---
|
|
||||||
src/userauth.c | 8 ++++----
|
|
||||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/userauth.c b/src/userauth.c
|
|
||||||
index ed804629..c02d81d0 100644
|
|
||||||
--- a/src/userauth.c
|
|
||||||
+++ b/src/userauth.c
|
|
||||||
@@ -107,7 +107,7 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username,
|
|
||||||
LIBSSH2_FREE(session, session->userauth_list_data);
|
|
||||||
session->userauth_list_data = NULL;
|
|
||||||
|
|
||||||
- if (rc || (session->userauth_list_data_len < 1)) {
|
|
||||||
+ if (rc) {
|
|
||||||
_libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
|
|
||||||
"Unable to send userauth-none request");
|
|
||||||
session->userauth_list_state = libssh2_NB_state_idle;
|
|
||||||
@@ -127,7 +127,7 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username,
|
|
||||||
_libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
|
|
||||||
"Would block requesting userauth list");
|
|
||||||
return NULL;
|
|
||||||
- } else if (rc) {
|
|
||||||
+ } else if (rc || (session->userauth_list_data_len < 1)) {
|
|
||||||
_libssh2_error(session, rc, "Failed getting response");
|
|
||||||
session->userauth_list_state = libssh2_NB_state_idle;
|
|
||||||
return NULL;
|
|
||||||
@@ -1172,7 +1172,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
|
|
||||||
NULL, 0);
|
|
||||||
if (rc == LIBSSH2_ERROR_EAGAIN)
|
|
||||||
return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block");
|
|
||||||
- else if (rc || (session->userauth_pblc_data_len < 1)) {
|
|
||||||
+ else if (rc) {
|
|
||||||
LIBSSH2_FREE(session, session->userauth_pblc_packet);
|
|
||||||
session->userauth_pblc_packet = NULL;
|
|
||||||
LIBSSH2_FREE(session, session->userauth_pblc_method);
|
|
||||||
@@ -1195,7 +1195,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
|
|
||||||
if (rc == LIBSSH2_ERROR_EAGAIN) {
|
|
||||||
return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block");
|
|
||||||
}
|
|
||||||
- else if (rc) {
|
|
||||||
+ else if (rc || (session->userauth_pblc_data_len < 1)) {
|
|
||||||
LIBSSH2_FREE(session, session->userauth_pblc_packet);
|
|
||||||
session->userauth_pblc_packet = NULL;
|
|
||||||
LIBSSH2_FREE(session, session->userauth_pblc_method);
|
|
13
libssh2.spec
13
libssh2.spec
|
@ -1,12 +1,11 @@
|
||||||
Name: libssh2
|
Name: libssh2
|
||||||
Version: 1.8.1
|
Version: 1.8.2
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: A library implementing the SSH2 protocol
|
Summary: A library implementing the SSH2 protocol
|
||||||
License: BSD
|
License: BSD
|
||||||
URL: http://www.libssh2.org/
|
URL: http://www.libssh2.org/
|
||||||
Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz
|
Source0: http://libssh2.org/download/libssh2-%{version}.tar.gz
|
||||||
Patch1: 0001-scp-do-not-NUL-terminate-the-command-for-remote-exec.patch
|
Patch1: 0001-scp-do-not-NUL-terminate-the-command-for-remote-exec.patch
|
||||||
Patch2: https://github.com/libssh2/libssh2/commit/74ecd0e1.patch
|
|
||||||
|
|
||||||
BuildRequires: coreutils
|
BuildRequires: coreutils
|
||||||
BuildRequires: findutils
|
BuildRequires: findutils
|
||||||
|
@ -63,11 +62,6 @@ developing applications that use libssh2.
|
||||||
# https://github.com/libssh2/libssh2/pull/208
|
# https://github.com/libssh2/libssh2/pull/208
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
|
|
||||||
# userauth: fix mis-applied patch in the fix of CVE-2019-3859
|
|
||||||
# https://github.com/libssh2/libssh2/issues/325
|
|
||||||
# https://github.com/libssh2/libssh2/pull/327
|
|
||||||
%patch2 -p1
|
|
||||||
|
|
||||||
# Replace hard wired port number in the test suite to avoid collisions
|
# Replace hard wired port number in the test suite to avoid collisions
|
||||||
# between 32-bit and 64-bit builds running on a single build-host
|
# between 32-bit and 64-bit builds running on a single build-host
|
||||||
sed -i s/4711/47%{__isa_bits}/ tests/ssh2.{c,sh}
|
sed -i s/4711/47%{__isa_bits}/ tests/ssh2.{c,sh}
|
||||||
|
@ -137,6 +131,11 @@ LC_ALL=en_US.UTF-8 make -C tests check
|
||||||
%{_libdir}/pkgconfig/libssh2.pc
|
%{_libdir}/pkgconfig/libssh2.pc
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 26 2019 Paul Howarth <paul@city-fan.org> - 1.8.2-1
|
||||||
|
- Update to 1.8.2
|
||||||
|
- Fixed the misapplied userauth patch that broke 1.8.1
|
||||||
|
- Moved the MAX size declarations from the public header
|
||||||
|
|
||||||
* Tue Mar 19 2019 Paul Howarth <paul@city-fan.org> - 1.8.1-1
|
* Tue Mar 19 2019 Paul Howarth <paul@city-fan.org> - 1.8.1-1
|
||||||
- Update to 1.8.1
|
- Update to 1.8.1
|
||||||
- Fixed possible integer overflow when reading a specially crafted packet
|
- Fixed possible integer overflow when reading a specially crafted packet
|
||||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
SHA512 (libssh2-1.8.1.tar.gz) = f09ad9ed04d25305b966e7f8c210082fe06c2b236dcd5018b009bd0bd6aaff123d16559d280892a5060760ed055ffe295bc02dc6e8dd1e7b8383c6c703f09290
|
SHA512 (libssh2-1.8.2.tar.gz) = 390ab4ad93bb738415ec11a6eb92806c9b9e9e5d8ee7c442d841a58b4292c1c447a9bc99e153ba464e2e11f9c0d1913469303598c3046722d1ae821991e8cb93
|
||||||
|
|
Loading…
Reference in New Issue