[arch-commits] Commit in libssh/trunk (CVE-2014-0017.patch PKGBUILD)

Bartłomiej Piotrowski bpiotrowski at nymeria.archlinux.org
Sun Mar 9 16:42:55 UTC 2014 

    Date: Sunday, March 9, 2014 @ 17:42:55
  Author: bpiotrowski
Revision: 207451

upgpkg: libssh 0.5.5-3

fix CVE-2014-0017

Added:
  libssh/trunk/CVE-2014-0017.patch
Modified:
  libssh/trunk/PKGBUILD

---------------------+
 CVE-2014-0017.patch |   67 ++++++++++++++++++++++++++++++++++++++++++++++++++
 PKGBUILD            |    9 ++++--
 2 files changed, 73 insertions(+), 3 deletions(-)

Added: CVE-2014-0017.patch
===================================================================
--- CVE-2014-0017.patch	                        (rev 0)
+++ CVE-2014-0017.patch	2014-03-09 16:42:55 UTC (rev 207451)
@@ -0,0 +1,67 @@
+diff -rupN a/include/libssh/wrapper.h b/include/libssh/wrapper.h
+--- a/include/libssh/wrapper.h	2013-07-26 06:39:39.000000000 +0000
++++ b/include/libssh/wrapper.h	2014-03-09 16:38:49.807812235 +0000
+@@ -44,5 +44,6 @@ int crypt_set_algorithms_server(ssh_sess
+ struct ssh_crypto_struct *crypto_new(void);
+ void crypto_free(struct ssh_crypto_struct *crypto);
+ 
++void ssh_reseed(void);
+ 
+ #endif /* WRAPPER_H_ */
+diff -rupN a/src/bind.c b/src/bind.c
+--- a/src/bind.c	2013-07-26 06:39:39.000000000 +0000
++++ b/src/bind.c	2014-03-09 16:39:00.571080087 +0000
+@@ -375,6 +375,7 @@ int ssh_bind_accept(ssh_bind sshbind, ss
+   session->dsa_key = dsa;
+   session->rsa_key = rsa;
+ 
++  ssh_reseed();
+   return SSH_OK;
+ }
+ 
+diff -rupN a/src/libcrypto.c b/src/libcrypto.c
+--- a/src/libcrypto.c	2013-07-26 06:39:39.000000000 +0000
++++ b/src/libcrypto.c	2014-03-09 16:40:07.807331327 +0000
+@@ -23,6 +23,7 @@
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <string.h>
++#include <sys/time.h>
+ 
+ #include "libssh/priv.h"
+ #include "libssh/session.h"
+@@ -38,6 +39,8 @@
+ #include <openssl/rsa.h>
+ #include <openssl/hmac.h>
+ #include <openssl/opensslv.h>
++#include <openssl/rand.h>
++
+ #ifdef HAVE_OPENSSL_AES_H
+ #define HAS_AES
+ #include <openssl/aes.h>
+@@ -66,6 +69,12 @@ static int alloc_key(struct crypto_struc
+     return 0;
+ }
+ 
++void ssh_reseed(void) {
++    struct timeval tv;
++    gettimeofday(&tv, NULL);
++    RAND_add(&tv, sizeof(tv), 0.0);
++}
++
+ SHACTX sha1_init(void) {
+   SHACTX c = malloc(sizeof(*c));
+   if (c == NULL) {
+diff -rupN a/src/libgcrypt.c b/src/libgcrypt.c
+--- a/src/libgcrypt.c	2013-07-26 06:39:39.000000000 +0000
++++ b/src/libgcrypt.c	2014-03-09 16:40:51.730392881 +0000
+@@ -41,6 +41,9 @@ static int alloc_key(struct crypto_struc
+     return 0;
+ }
+ 
++void ssh_reseed(void) {
++    }
++
+ SHACTX sha1_init(void) {
+   SHACTX ctx = NULL;
+   gcry_md_open(&ctx, GCRY_MD_SHA1, 0);

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-03-09 13:38:52 UTC (rev 207450)
+++ PKGBUILD	2014-03-09 16:42:55 UTC (rev 207451)
@@ -6,7 +6,7 @@
 
 pkgname=libssh
 pkgver=0.5.5
-pkgrel=2
+pkgrel=3
 pkgdesc="Library for accessing ssh client services through C libraries"
 url="http://www.libssh.org/"
 license=('LGPL')
@@ -15,10 +15,12 @@
 makedepends=('cmake' 'doxygen')
 source=(https://red.libssh.org/attachments/download/51/${pkgname}-${pkgver}.tar.gz
         0004-reset-global-request-status.patch
-        0005-multi-reverse-fwd.patch)
+        0005-multi-reverse-fwd.patch
+        CVE-2014-0017.patch)
 md5sums=('bb308196756c7255c0969583d917136b'
          '0d8c28906b07e31466157b1fda441f4a'
-         '6fa3a1a4f448e85a7eb39360f4a72ce9')
+         '6fa3a1a4f448e85a7eb39360f4a72ce9'
+         '2eddf36e41adf62e4094f17b64d466e0')
 
 prepare() {
   cd ${pkgname}-${pkgver}
@@ -26,6 +28,7 @@
   # see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736231
   patch -Np1 -i ${srcdir}/0004-reset-global-request-status.patch
   patch -Np1 -i ${srcdir}/0005-multi-reverse-fwd.patch
+  patch -Np1 -i ${srcdir}/CVE-2014-0017.patch
 }
 
 build() {

More information about the arch-commits mailing list