[arch-commits] Commit in libssh/trunk (0001-CVE-2020-16135.patch PKGBUILD)

Christian Hesse eworm at archlinux.org
Thu Sep 10 14:07:25 UTC 2020 

    Date: Thursday, September 10, 2020 @ 14:07:25
  Author: eworm
Revision: 395687

upgpkg: libssh 0.9.5-1: new upstream release

Modified:
  libssh/trunk/PKGBUILD
Deleted:
  libssh/trunk/0001-CVE-2020-16135.patch

---------------------------+
 0001-CVE-2020-16135.patch |  165 --------------------------------------------
 PKGBUILD                  |   29 +++----
 2 files changed, 13 insertions(+), 181 deletions(-)

Deleted: 0001-CVE-2020-16135.patch
===================================================================
--- 0001-CVE-2020-16135.patch	2020-09-10 12:49:44 UTC (rev 395686)
+++ 0001-CVE-2020-16135.patch	2020-09-10 14:07:25 UTC (rev 395687)
@@ -1,165 +0,0 @@
-From 533d881b0f4b24c72b35ecc97fa35d295d063e53 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn at cryptomilk.org>
-Date: Wed, 3 Jun 2020 10:04:09 +0200
-Subject: [PATCH 1/4] sftpserver: Add missing NULL check for ssh_buffer_new()
-
-Thanks to Ramin Farajpour Cami for spotting this.
-
-Fixes T232
-
-Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
-Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki at redhat.com>
-Reviewed-by: Jakub Jelen <jjelen at redhat.com>
-Signed-off-by: Christian Hesse <mail at eworm.de>
----
- src/sftpserver.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/sftpserver.c b/src/sftpserver.c
-index 5a2110e5..b639a2ce 100644
---- a/src/sftpserver.c
-+++ b/src/sftpserver.c
-@@ -67,6 +67,12 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) {
- 
-   /* take a copy of the whole packet */
-   msg->complete_message = ssh_buffer_new();
-+  if (msg->complete_message == NULL) {
-+      ssh_set_error_oom(session);
-+      sftp_client_message_free(msg);
-+      return NULL;
-+  }
-+
-   ssh_buffer_add_data(msg->complete_message,
-                       ssh_buffer_get(payload),
-                       ssh_buffer_get_len(payload));
-
-From 2782cb0495b7450bd8fe43ce4af886b66fea6c40 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn at cryptomilk.org>
-Date: Wed, 3 Jun 2020 10:05:51 +0200
-Subject: [PATCH 2/4] sftpserver: Add missing return check for
- ssh_buffer_add_data()
-
-Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
-Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki at redhat.com>
-Reviewed-by: Jakub Jelen <jjelen at redhat.com>
-Signed-off-by: Christian Hesse <mail at eworm.de>
----
- src/sftpserver.c | 11 ++++++++---
- 1 file changed, 8 insertions(+), 3 deletions(-)
-
-diff --git a/src/sftpserver.c b/src/sftpserver.c
-index b639a2ce..9117f155 100644
---- a/src/sftpserver.c
-+++ b/src/sftpserver.c
-@@ -73,9 +73,14 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) {
-       return NULL;
-   }
- 
--  ssh_buffer_add_data(msg->complete_message,
--                      ssh_buffer_get(payload),
--                      ssh_buffer_get_len(payload));
-+  rc = ssh_buffer_add_data(msg->complete_message,
-+                           ssh_buffer_get(payload),
-+                           ssh_buffer_get_len(payload));
-+  if (rc < 0) {
-+      ssh_set_error_oom(session);
-+      sftp_client_message_free(msg);
-+      return NULL;
-+  }
- 
-   ssh_buffer_get_u32(payload, &msg->id);
- 
-
-From 10b3ebbe61a7031a3dae97f05834442220447181 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn at cryptomilk.org>
-Date: Wed, 3 Jun 2020 10:10:11 +0200
-Subject: [PATCH 3/4] buffer: Reformat ssh_buffer_add_data()
-
-Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
-Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki at redhat.com>
-Reviewed-by: Jakub Jelen <jjelen at redhat.com>
-Signed-off-by: Christian Hesse <mail at eworm.de>
----
- src/buffer.c | 35 ++++++++++++++++++-----------------
- 1 file changed, 18 insertions(+), 17 deletions(-)
-
-diff --git a/src/buffer.c b/src/buffer.c
-index a2e6246a..476bc135 100644
---- a/src/buffer.c
-+++ b/src/buffer.c
-@@ -299,28 +299,29 @@ int ssh_buffer_reinit(struct ssh_buffer_struct *buffer)
-  */
- int ssh_buffer_add_data(struct ssh_buffer_struct *buffer, const void *data, uint32_t len)
- {
--  buffer_verify(buffer);
-+    buffer_verify(buffer);
- 
--  if (data == NULL) {
--      return -1;
--  }
-+    if (data == NULL) {
-+        return -1;
-+    }
- 
--  if (buffer->used + len < len) {
--    return -1;
--  }
-+    if (buffer->used + len < len) {
-+        return -1;
-+    }
- 
--  if (buffer->allocated < (buffer->used + len)) {
--    if(buffer->pos > 0)
--      buffer_shift(buffer);
--    if (realloc_buffer(buffer, buffer->used + len) < 0) {
--      return -1;
-+    if (buffer->allocated < (buffer->used + len)) {
-+        if (buffer->pos > 0) {
-+            buffer_shift(buffer);
-+        }
-+        if (realloc_buffer(buffer, buffer->used + len) < 0) {
-+            return -1;
-+        }
-     }
--  }
- 
--  memcpy(buffer->data+buffer->used, data, len);
--  buffer->used+=len;
--  buffer_verify(buffer);
--  return 0;
-+    memcpy(buffer->data + buffer->used, data, len);
-+    buffer->used += len;
-+    buffer_verify(buffer);
-+    return 0;
- }
- 
- /**
-
-From 245ad744b5ab0582fef7cf3905a717b791d7e08b Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn at cryptomilk.org>
-Date: Wed, 3 Jun 2020 10:11:21 +0200
-Subject: [PATCH 4/4] buffer: Add NULL check for 'buffer' argument
-
-Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
-Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki at redhat.com>
-Reviewed-by: Jakub Jelen <jjelen at redhat.com>
-Signed-off-by: Christian Hesse <mail at eworm.de>
----
- src/buffer.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/buffer.c b/src/buffer.c
-index 476bc135..ce12f491 100644
---- a/src/buffer.c
-+++ b/src/buffer.c
-@@ -299,6 +299,10 @@ int ssh_buffer_reinit(struct ssh_buffer_struct *buffer)
-  */
- int ssh_buffer_add_data(struct ssh_buffer_struct *buffer, const void *data, uint32_t len)
- {
-+    if (buffer == NULL) {
-+        return -1;
-+    }
-+
-     buffer_verify(buffer);
- 
-     if (data == NULL) {

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2020-09-10 12:49:44 UTC (rev 395686)
+++ PKGBUILD	2020-09-10 14:07:25 UTC (rev 395687)
@@ -6,19 +6,18 @@
 
 pkgbase=libssh
 pkgname=(libssh libssh-docs)
-pkgver=0.9.4
-pkgrel=2
-pkgdesc="Library for accessing ssh client services through C libraries"
-url="https://www.libssh.org/"
-license=(LGPL)
-arch=(x86_64)
-depends=(zlib openssl)
-makedepends=(cmake cmocka doxygen python)
-source=(https://www.libssh.org/files/${pkgver%.*}/$pkgname-$pkgver.tar.xz{,.asc}
-        '0001-CVE-2020-16135.patch')
-sha256sums=('150897a569852ac05aac831dc417a7ba8e610c86ca2e0154a99c6ade2486226b'
-            'SKIP'
-            '5668b4fa30cea2fb998e7e8084639ac4d6a76972778ba24d477f6aa79cd84ec8')
+pkgver=0.9.5
+pkgrel=1
+pkgdesc='Library for accessing ssh client services through C libraries'
+url='https://www.libssh.org/'
+license=('LGPL')
+arch=('x86_64')
+depends=('zlib' 'openssl')
+makedepends=('cmake' 'cmocka' 'doxygen' 'python' 'openssh')
+provides=('libssh.so')
+source=("https://www.libssh.org/files/${pkgver%.*}/$pkgname-$pkgver.tar.xz"{,.asc})
+sha256sums=('acffef2da98e761fc1fd9c4fddde0f3af60ab44c4f5af05cd1b2d60a3fa08718'
+            'SKIP')
 validpgpkeys=('8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D') # Andreas Schneider <asn at cryptomilk.org>
 
 prepare() {
@@ -28,9 +27,6 @@
   sed 's/cmocka_unit_test(torture_path_expand_tilde_unix),//' -i libssh-${pkgver}/tests/unittests/torture_misc.c
 
   mkdir -p build
-
-  cd "$srcdir/$pkgname-$pkgver"
-  patch -Np1 < ../0001-CVE-2020-16135.patch
 }
 
 build() {
@@ -56,6 +52,7 @@
 package_libssh-docs() {
   pkgdesc="Documentation for libssh"
   depends=()
+  provides=()
 
   mkdir -p "$pkgdir"/usr/share/doc/libssh
   cp -r build/doc/html "$pkgdir"/usr/share/doc/libssh

More information about the arch-commits mailing list