diff --git a/0023-CVE-2025-5318.patch b/0023-CVE-2025-5318.patch new file mode 100644 index 0000000000000000000000000000000000000000..6e935ed30f27d21442d45c5b31e48e5778546e93 --- /dev/null +++ b/0023-CVE-2025-5318.patch @@ -0,0 +1,16 @@ +diff --git a/src/sftpserver.c b/src/sftpserver.c +index 9117f15..b3349e1 100644 +--- a/src/sftpserver.c ++++ b/src/sftpserver.c +@@ -538,7 +538,7 @@ void *sftp_handle(sftp_session sftp, ssh_string handle){ + + memcpy(&val, ssh_string_data(handle), sizeof(uint32_t)); + +- if (val > SFTP_HANDLES) { ++ if (val >= SFTP_HANDLES) { + return NULL; + } + +-- +2.43.5 + diff --git a/libssh.spec b/libssh.spec index 467b782266545b127877e0ee45ad68af9cc3ae44..ba771456d2f17f58c3f3bcac77793eb477cf9ec7 100644 --- a/libssh.spec +++ b/libssh.spec @@ -1,4 +1,4 @@ -%define anolis_release 5 +%define anolis_release 6 %global _smp_build_ncpus 1 Name: libssh @@ -38,6 +38,9 @@ Patch0019: 0019-CVE-2023-6004-torture_config-Allow-multiple-in-usern.patch Patch0020: 0020-Fix-regression-in-IPv6-addresses-in-hostname-parsing.patch Patch0021: 0021-tests-Increase-test-coverage-for-IPv6-address-parsin.patch Patch0022: 0022-libssh-0.10.6-rekey-timeout.patch +# https://git.libssh.org/projects/libssh.git/commit/?id=5f4ffda88770f95482fd0e66aa44106614dbf466 +Patch0023: 0023-CVE-2025-5318.patch + BuildRequires: cmake gcc-c++ BuildRequires: openssl-devel zlib-devel krb5-devel libcmocka-devel @@ -148,6 +151,9 @@ popd %doc AUTHORS CHANGELOG README %changelog +* Fri Jul 4 2025 wh02252983 - 0.10.5-6 +- Fix CVE-2025-5318 + * Tue Jun 10 2025 Yihao Yan - 0.10.5-5 - fix rekey test timeout