diff options
author | sana kazi <sanakazisk19@gmail.com> | 2021-09-30 13:46:30 +0530 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2021-09-30 04:20:38 -1000 |
commit | 969e14a6849a4ec9030d09059e8d81dce0ff0c49 (patch) | |
tree | d8acfc0be48306f1e701770d821dff5fd5209dba /meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch | |
parent | 0fb9be3925f258a7e8009c581c1cf93ace2a498b (diff) | |
download | openembedded-core-contrib-969e14a6849a4ec9030d09059e8d81dce0ff0c49.tar.gz |
openssh: Fix CVE-2021-28041
Added patch to fix CVE-2021-28041.
Link:
http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_8.2p1-4ubuntu0.3.debian.tar.xz
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch new file mode 100644 index 0000000000..9fd7e932d1 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch @@ -0,0 +1,20 @@ +Description: fix double-free memory corruption in ssh-agent +Author: Marc Deslauriers <marc.deslauriers@canonical.com> +Origin: minimal fix for https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db + +Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> + +CVE: CVE-2021-28041 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_8.2p1-4ubuntu0.3.debian.tar.xz] +Comment: No change in any hunk + +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -496,6 +496,7 @@ process_add_identity(SocketEntry *e) + goto err; + } + free(ext_name); ++ ext_name = NULL; + break; + default: + error("%s: Unknown constraint %d", __func__, ctype); |