From e159460f592f1ee305988546b17ebccde45aa53d Mon Sep 17 00:00:00 2001
From: renmingshuai <renmingshuai@huawei.com>
Date: Tue, 2 Jul 2024 04:08:46 +0000
Subject: [PATCH] fix CVE-2024-6387

(cherry picked from commit 8b4de9f9d2c11cf10f4b49d5b05f718d87c23c67)
---
 backport-fix-CVE-2024-6387.patch | 28 ++++++++++++++++++++++++++++
 openssh.spec                     | 10 +++++++++-
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 backport-fix-CVE-2024-6387.patch

diff --git a/backport-fix-CVE-2024-6387.patch b/backport-fix-CVE-2024-6387.patch
new file mode 100644
index 0000000..993151b
--- /dev/null
+++ b/backport-fix-CVE-2024-6387.patch
@@ -0,0 +1,28 @@
+Reference:https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
+Conflict:NA
+---
+ log.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/log.c b/log.c
+index dca08e4..5ca403a 100644
+--- a/log.c
++++ b/log.c
+@@ -458,12 +458,14 @@ void
+ sshsigdie(const char *file, const char *func, int line, int showfunc,
+     LogLevel level, const char *suffix, const char *fmt, ...)
+ {
++#if 0
+ 	va_list args;
+ 
+ 	va_start(args, fmt);
+ 	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
+ 	    suffix, fmt, args);
+ 	va_end(args);
++#endif
+ 	_exit(1);
+ }
+ 
+-- 
+2.33.0
+
diff --git a/openssh.spec b/openssh.spec
index 030c8d7..801b747 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -6,7 +6,7 @@
 %{?no_gtk2:%global gtk2 0}
 
 %global sshd_uid    74
-%global openssh_release 3
+%global openssh_release 4
 
 Name:           openssh
 Version:        9.3p2
@@ -99,6 +99,7 @@ Patch75:        skip-scp-test-if-there-is-no-scp-on-remote-path-as-s.patch
 Patch77:        set-ssh-config.patch
 Patch78:        backport-CVE-2023-48795-upstream-implement-strict-key-exchange-in-ssh-and-ss.patch
 Patch79:        backport-CVE-2023-51385-upstream-ban-user-hostnames-with-most-shell-metachar.patch
+Patch80:        backport-fix-CVE-2024-6387.patch
 
 Requires:       /sbin/nologin
 Requires:       libselinux >= 2.3-5 audit-libs >= 1.0.8
@@ -247,6 +248,7 @@ popd
 %patch77 -p1
 %patch78 -p1
 %patch79 -p1
+%patch80 -p1
 
 autoreconf
 pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4
@@ -463,6 +465,12 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
 
 %changelog
+* Tue Jul 2 2024 renmingshuai <renmingshuai@huawei.com> - 9.3p2-4
+- Type:CVE
+- CVE:CVE-2024-6387
+- SUG:NA
+- DESC:Fix CVE-2024-6387
+
 * Mon Apr 29 2024 renmingshuai <renmingshuai@huawei.com> - 9.3p2-3
 - Type:bugfix
 - CVE:
-- 
Gitee