Revert "Revert "openssh: security 7.3p1 -> 7.4p1""

pyrox.dev / nixpkgs

fork atom

lol

fork atom

This reverts commit 661b5a9875cbc37310da5ee53b47a1d121bb5660.

Graham Christensen 9 years ago 11e8ed5f bbd03e23

+2 -52

3 changed files

expand all

unified split

pkgs

tools

networking

openssh

RH-1380296-NEWKEYS-null-pointer-deref.patch

default.nix

fix-CVE-2016-8858.patch

-37

pkgs/tools/networking/openssh/RH-1380296-NEWKEYS-null-pointer-deref.patch

··· 1 - diff --git a/kex.c b/kex.c 2 - index 50c7a0f..823668b 100644 3 - --- a/kex.c 4 - +++ b/kex.c 5 - @@ -419,6 +419,8 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt) 6 - ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error); 7 - if ((r = sshpkt_get_end(ssh)) != 0) 8 - return r; 9 - + if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0) 10 - + return r; 11 - kex->done = 1; 12 - sshbuf_reset(kex->peer); 13 - /* sshbuf_reset(kex->my); */ 14 - diff --git a/packet.c b/packet.c 15 - index d6dad2d..f96566b 100644 16 - --- a/packet.c 17 - +++ b/packet.c 18 - @@ -38,7 +38,7 @@ 19 - */ 20 - 21 - #include "includes.h" 22 - - 23 - + 24 - #include <sys/param.h> /* MIN roundup */ 25 - #include <sys/types.h> 26 - #include "openbsd-compat/sys-queue.h" 27 - @@ -1907,9 +1907,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) 28 - return r; 29 - return SSH_ERR_PROTOCOL_ERROR; 30 - } 31 - - if (*typep == SSH2_MSG_NEWKEYS) 32 - - r = ssh_set_newkeys(ssh, MODE_IN); 33 - - else if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side) 34 - + if (*typep == SSH2_MSG_USERAUTH_SUCCESS && !state->server_side) 35 - r = ssh_packet_enable_delayed_compress(ssh); 36 - else 37 - r = 0;

+2 -4

pkgs/tools/networking/openssh/default.nix

··· 29 29 # Please ensure that openssh_with_kerberos still builds when 30 30 # bumping the version here! 31 31 name = "openssh-${version}"; 32 - version = "7.3p1"; 32 + version = "7.4p1"; 33 33 34 34 src = fetchurl { 35 35 url = "mirror://openbsd/OpenSSH/portable/${name}.tar.gz"; 36 - sha256 = "1k5y1wi29d47cgizbryxrhc1fbjsba2x8l5mqfa9b9nadnd9iyrz"; 36 + sha256 = "1l8r3x4fr2kb6xm95s7kjdif1wp6f94d4kljh4qjj9109shw87qv"; 37 37 }; 38 38 39 39 prePatch = optionalString hpnSupport ··· 44 44 45 45 patches = 46 46 [ 47 - ./RH-1380296-NEWKEYS-null-pointer-deref.patch 48 47 ./locale_archive.patch 49 48 ./fix-host-key-algorithms-plus.patch 50 49 51 50 # See discussion in https://github.com/NixOS/nixpkgs/pull/16966 52 51 ./dont_create_privsep_path.patch 53 - ./fix-CVE-2016-8858.patch 54 52 ] 55 53 ++ optional withGssapiPatches gssapiSrc; 56 54

-11

pkgs/tools/networking/openssh/fix-CVE-2016-8858.patch

··· 1 - diff -u -r1.126 -r1.127 2 - --- ssh/kex.c 2016/09/28 21:44:52 1.126 3 - +++ ssh/kex.c 2016/10/10 19:28:48 1.127 4 - @@ -461,6 +461,7 @@ 5 - if (kex == NULL) 6 - return SSH_ERR_INVALID_ARGUMENT; 7 - 8 - + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL); 9 - ptr = sshpkt_ptr(ssh, &dlen); 10 - if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) 11 - return r;