From a6c90cdfbda51b583e9bfa24bbb39d81a1bf41c4 Mon Sep 17 00:00:00 2001 From: kircher Date: Wed, 18 Mar 2020 14:28:04 +0800 Subject: [PATCH 1/2] add bugfix-CVE-2018-15919.patch. --- bugfix-CVE-2018-15919.patch | 58 +++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 bugfix-CVE-2018-15919.patch diff --git a/bugfix-CVE-2018-15919.patch b/bugfix-CVE-2018-15919.patch new file mode 100644 index 0000000..fc78d31 --- /dev/null +++ b/bugfix-CVE-2018-15919.patch @@ -0,0 +1,58 @@ +From 5b94f95795eb7fd4cd35ee8d8dba6c0e08cf8123 Mon Sep 17 00:00:00 2001 +From: majun65 +Date: Thu, 24 Oct 2019 19:27:44 +0800 + +--- + auth.h | 1 + + auth2-gss.c | 1 + + auth2.c | 4 ++++ + 3 files changed, 6 insertions(+) + +diff --git a/auth.h b/auth.h +index 1d9cf66..ec53949 100644 +--- a/auth.h ++++ b/auth.h +@@ -60,6 +60,7 @@ struct Authctxt { + int attempt; + int failures; + int server_caused_failure; ++ int server_caused_gssapi_failure; + int force_pwchange; + char *user; /* username sent by the client */ + char *service; +diff --git a/auth2-gss.c b/auth2-gss.c +index 764d509..6dd3c58 100644 +--- a/auth2-gss.c ++++ b/auth2-gss.c +@@ -153,6 +153,7 @@ userauth_gssapi(struct ssh *ssh) + ssh_gssapi_delete_ctx(&ctxt); + free(doid); + authctxt->server_caused_failure = 1; ++ authctxt->server_caused_gssapi_failure = 1; + return (0); + } + +diff --git a/auth2.c b/auth2.c +index f0b61ce..2677c84 100644 +--- a/auth2.c ++++ b/auth2.c +@@ -336,6 +336,7 @@ if (options.check_user_splash) + auth2_authctxt_reset_info(authctxt); + authctxt->postponed = 0; + authctxt->server_caused_failure = 0; ++ authctxt->server_caused_gssapi_failure = 0; + + /* try to authenticate user */ + m = authmethod_lookup(authctxt, method); +@@ -427,6 +428,9 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, + if (!partial && !authctxt->server_caused_failure && + (authctxt->attempt > 1 || strcmp(method, "none") != 0)) + authctxt->failures++; ++ if (!partial && authctxt->server_caused_gssapi_failure && ++ (authctxt->attempt > 1 || strcmp(method, "none") != 0)) ++ authctxt->failures++; + if (authctxt->failures >= options.max_authtries) { + #ifdef SSH_AUDIT_EVENTS + PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); +-- +2.19.1 -- Gitee From 74b3181eba5d644dd3a2e13869b8d0de9d75791a Mon Sep 17 00:00:00 2001 From: kircher Date: Wed, 18 Mar 2020 14:30:40 +0800 Subject: [PATCH 2/2] update openssh.spec. --- openssh.spec | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/openssh.spec b/openssh.spec index 2af6c72..cbfd7f6 100644 --- a/openssh.spec +++ b/openssh.spec @@ -10,7 +10,7 @@ Name: openssh Version: 7.8p1 -Release: 7 +Release: 8 URL: https://www.openssh.com/portable.html License: BSD Summary: An open source implementation of SSH protocol version 2 @@ -131,6 +131,7 @@ Patch9006: bugfix-openssh-add-option-check-username-splash.patch Patch9007: feature-openssh-7.4-hima-sftpserver-oom-and-fix.patch Patch9008: bugfix-supply-callback-to-PEM-read-bio-PrivateKey.patch Patch9009: bugfix-openssh-fix-sftpserver.patch +Patch9010: bugfix-CVE-2018-15919.patch Requires: /sbin/nologin libselinux >= 2.3-5 audit-libs >= 1.0.8 Requires: fipscheck-lib >= 1.3.0 @@ -463,6 +464,12 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_mandir}/man8/sftp-server.8* %changelog +* Wed Mar 18 2020 openEuler Buildteam - 7.8P1-8 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:add the patch for bugfix + * Tue Jan 21 2020 openEuler Buildteam - 7.8P1-7 - Type:bugfix - ID:NA -- Gitee