diff options
author | Paul Eggleton <paul.eggleton@linux.intel.com> | 2013-11-11 13:59:12 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-11-12 10:18:51 +0000 |
commit | 19a483c157e783ded40e8dacac338a4d770a2d1a (patch) | |
tree | 101d7f62c3954dded6f0e3bc222c09909a365c43 /meta/recipes-connectivity/openssh/openssh-6.4p1/openssh-CVE-2011-4327.patch | |
parent | 3241f767e08df95f3d839fd50f53e6b88e39e094 (diff) | |
download | openembedded-core-contrib-19a483c157e783ded40e8dacac338a4d770a2d1a.tar.gz |
openssh: upgrade to 6.4p1
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh-6.4p1/openssh-CVE-2011-4327.patch')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh-6.4p1/openssh-CVE-2011-4327.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh-6.4p1/openssh-CVE-2011-4327.patch b/meta/recipes-connectivity/openssh/openssh-6.4p1/openssh-CVE-2011-4327.patch new file mode 100644 index 0000000000..30c11cf432 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-6.4p1/openssh-CVE-2011-4327.patch @@ -0,0 +1,29 @@ +openssh-CVE-2011-4327 + +A security flaw was found in the way ssh-keysign, +a ssh helper program for host based authentication, +attempted to retrieve enough entropy information on configurations that +lacked a built-in entropy pool in OpenSSL (a ssh-rand-helper program would +be executed to retrieve the entropy from the system environment). +A local attacker could use this flaw to obtain unauthorized access to host keys +via ptrace(2) process trace attached to the 'ssh-rand-helper' program. + +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4327 +http://www.openssh.com/txt/portable-keysign-rand-helper.adv + +Upstream-Status: Pending + +Signed-off-by: Li Wang <li.wang@windriver.com> +--- a/ssh-keysign.c ++++ b/ssh-keysign.c +@@ -170,6 +170,10 @@ + key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); + key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); ++ if (fcntl(key_fd[0], F_SETFD, FD_CLOEXEC) != 0 || ++ fcntl(key_fd[1], F_SETFD, FD_CLOEXEC) != 0 || ++ fcntl(key_fd[2], F_SETFD, FD_CLOEXEC) != 0) ++ fatal("fcntl failed"); + + original_real_uid = getuid(); /* XXX readconf.c needs this */ + if ((pw = getpwuid(original_real_uid)) == NULL) |