diff options
author | Armin Kuster <akuster@mvista.com> | 2015-09-08 17:22:26 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-01-30 12:01:43 +0000 |
commit | ddfe191355a042e6995f7b4b725b108c5bb4d36e (patch) | |
tree | cdc3afc769f82d7ffb6e5d43c1c7014ba3e81cf5 /meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch | |
parent | 576f63c50badd54b47cdda42a6466bb18984958d (diff) | |
download | openembedded-core-ddfe191355a042e6995f7b4b725b108c5bb4d36e.tar.gz openembedded-core-ddfe191355a042e6995f7b4b725b108c5bb4d36e.tar.bz2 openembedded-core-ddfe191355a042e6995f7b4b725b108c5bb4d36e.zip |
openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565
three security fixes.
CVE-2015-6563 (Low) openssh: Privilege separation weakness related to PAM support
CVE-2015-6564 (medium) openssh: Use-after-free bug related to PAM support
CVE-2015-6565 (High) openssh: Incorrectly set TTYs to be world-writable
(From OE-Core rev: 259df232b513367a0a18b17e3e377260a770288f)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Conflicts:
meta/recipes-connectivity/openssh/openssh_6.6p1.bb
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch new file mode 100644 index 0000000000..42667b05a0 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch @@ -0,0 +1,35 @@ +CVE-2015-6565 openssh: Incorrectly set TTYs to be world-writable + +fix pty permissions; patch from Nikolay Edigaryev; ok deraadt + +Upstream-Status: Backport + +merged two changes into one. +[1] https://anongit.mindrot.org/openssh.git/commit/sshpty.c?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2 +tighten permissions on pty when the "tty" group does not exist; pointed out by Corinna Vinschen; ok markus + +[2] https://anongit.mindrot.org/openssh.git/commit/sshpty.c?id=6f941396b6835ad18018845f515b0c4fe20be21a +fix pty permissions; patch from Nikolay Edigaryev; ok deraadt + +Signed-off-by: Armin Kuster <akuster@mvista.com> + +Index: openssh-6.7p1/sshpty.c +=================================================================== +--- openssh-6.7p1.orig/sshpty.c ++++ openssh-6.7p1/sshpty.c +@@ -196,13 +196,8 @@ pty_setowner(struct passwd *pw, const ch + + /* Determine the group to make the owner of the tty. */ + grp = getgrnam("tty"); +- if (grp) { +- gid = grp->gr_gid; +- mode = S_IRUSR | S_IWUSR | S_IWGRP; +- } else { +- gid = pw->pw_gid; +- mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH; +- } ++ gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid; ++ mode = (grp != NULL) ? 0620 : 0600; + + /* + * Change owner and mode of the tty as required. |