diff options
author | Mingli Yu <Mingli.Yu@windriver.com> | 2018-09-06 16:06:33 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-09-06 23:43:34 +0100 |
commit | f017715120b67ff02f56ed5db131436ee62aeffb (patch) | |
tree | 54b70f1056f148e00057de3dba4226d081b5de27 /meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch | |
parent | ba22336190481d39e700327e8331d15689a9e877 (diff) | |
download | openembedded-core-contrib-f017715120b67ff02f56ed5db131436ee62aeffb.tar.gz |
dropbear: Fix CVE-2018-15599
Wait to fail invalid usernames to fix
CVE-2018-15599
Rework 0006-dropbear-configuration-file.patch
to fix fuzz warnings
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch')
-rw-r--r-- | meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch index fa4c8d0a67..deed78ffb9 100644 --- a/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch +++ b/meta/recipes-core/dropbear/dropbear/0006-dropbear-configuration-file.patch @@ -1,4 +1,7 @@ -Subject: [PATCH 6/6] dropbear configuration file +From e3a5db1b6d3f6382a15b2266458c26c645a10f18 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <Mingli.Yu@windriver.com> +Date: Thu, 6 Sep 2018 15:54:00 +0800 +Subject: [PATCH] dropbear configuration file dropbear: Change the path ("/etc/pam.d/sshd" as default) to find a pam configuration file \ to "/etc/pam.d/dropbear for dropbear when enabling pam supporting" @@ -7,12 +10,17 @@ Upstream-Status: Inappropriate [configuration] Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> +Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> --- -diff -Naur dropbear-2013.60-orig/svr-authpam.c dropbear-2013.60/svr-authpam.c ---- dropbear-2013.60-orig/svr-authpam.c 2013-10-16 16:34:53.000000000 +0200 -+++ dropbear-2013.60/svr-authpam.c 2013-10-21 17:04:04.969416055 +0200 -@@ -211,7 +211,7 @@ - userData.passwd = password; + svr-authpam.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/svr-authpam.c b/svr-authpam.c +index d201bc9..165ec5c 100644 +--- a/svr-authpam.c ++++ b/svr-authpam.c +@@ -223,7 +223,7 @@ void svr_auth_pam(int valid_user) { + } /* Init pam */ - if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { @@ -20,3 +28,6 @@ diff -Naur dropbear-2013.60-orig/svr-authpam.c dropbear-2013.60/svr-authpam.c dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", rc, pam_strerror(pamHandlep, rc)); goto cleanup; +-- +2.7.4 + |