Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
O
openssh
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
SIG
security
src
openssh
Commits
2e991f1a
Commit
2e991f1a
authored
9 months ago
by
Solar Designer
Browse files
Options
Downloads
Patches
Plain Diff
8.7p1-38.1.el9_4.security.0.6
- Rebase on 8.7p1-38.1
parent
a9bf60c0
Branches
r10s
Tags
imports/r10s/gnome-kiosk-47.0-10.el10
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
SOURCES/openssh-9.8p1-upstream-cve-2024-6387.patch
+4
-4
4 additions, 4 deletions
SOURCES/openssh-9.8p1-upstream-cve-2024-6387.patch
SPECS/openssh.spec
+11
-6
11 additions, 6 deletions
SPECS/openssh.spec
with
15 additions
and
10 deletions
SOURCES/openssh-
8.7p1-rocky-CVE
-2024-6387.patch
→
SOURCES/openssh-
9.8p1-upstream-cve
-2024-6387.patch
+
4
−
4
View file @
2e991f1a
diff -u
rpN
openssh-8.7p1
.orig
/log.c openssh-8.7p1/log.c
diff -u
p
openssh-8.7p1/log.c
.xxx
openssh-8.7p1/log.c
--- openssh-8.7p1
.orig
/log.c 202
1
-0
8
-2
0 06:03:49.000000000
+0200
--- openssh-8.7p1/log.c
.xxx
202
4
-0
6
-2
8 11:02:43.949912398
+0200
+++ openssh-8.7p1/log.c 2024-0
7-01 12:26:30.381040908
+0200
+++ openssh-8.7p1/log.c 2024-0
6-28 11:02:58.652297885
+0200
@@ -4
48
,12 +4
48
,14 @@
void
@@ -4
55
,12 +4
55
,14 @@
void
sshsigdie(const char *file, const char *func, int line, int showfunc,
sshsigdie(const char *file, const char *func, int line, int showfunc,
LogLevel level, const char *suffix, const char *fmt, ...)
LogLevel level, const char *suffix, const char *fmt, ...)
{
{
...
...
This diff is collapsed.
Click to expand it.
SPECS/openssh.spec
+
11
−
6
View file @
2e991f1a
...
@@ -47,10 +47,10 @@
...
@@ -47,10 +47,10 @@
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
%global openssh_ver 8.7p1
%global openssh_ver 8.7p1
%global openssh_rel 38
%global openssh_rel 38
.1
%global pam_ssh_agent_ver 0.10.4
%global pam_ssh_agent_ver 0.10.4
%global pam_ssh_agent_rel 5
%global pam_ssh_agent_rel 5
%global security_rel 0.
5
%global security_rel 0.
6
Summary: An open source implementation of SSH protocol version 2
Summary: An open source implementation of SSH protocol version 2
Name: openssh
Name: openssh
...
@@ -289,8 +289,7 @@ Patch1017: openssh-9.4p2-limit-delay.patch
...
@@ -289,8 +289,7 @@ Patch1017: openssh-9.4p2-limit-delay.patch
Patch1018: openssh-9.6p1-CVE-2023-48795.patch
Patch1018: openssh-9.6p1-CVE-2023-48795.patch
#upstream commit 7ef3787c84b6b524501211b11a26c742f829af1a
#upstream commit 7ef3787c84b6b524501211b11a26c742f829af1a
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
Patch1019: openssh-9.6p1-CVE-2023-51385.patch
Patch1020: openssh-9.8p1-upstream-cve-2024-6387.patch
Patch8900: openssh-8.7p1-rocky-CVE-2024-6387.patch
Patch9000: openssh-8.7p1-rocky-systemd.patch
Patch9000: openssh-8.7p1-rocky-systemd.patch
Patch9001: openssh-8.7p1-rocky-no-gssapi.patch
Patch9001: openssh-8.7p1-rocky-no-gssapi.patch
...
@@ -518,8 +517,7 @@ popd
...
@@ -518,8 +517,7 @@ popd
%patch1017 -p1 -b .limitdelay
%patch1017 -p1 -b .limitdelay
%patch1018 -p1 -b .cve-2023-48795
%patch1018 -p1 -b .cve-2023-48795
%patch1019 -p1 -b .cve-2023-51385
%patch1019 -p1 -b .cve-2023-51385
%patch1020 -p1 -b .cve-2024-6387
%patch8900 -p1 -b .rocky-cve-2024-6387
%patch9000 -p1 -b .rocky-systemd
%patch9000 -p1 -b .rocky-systemd
%patch9001 -p1 -b .rocky-no-gssapi
%patch9001 -p1 -b .rocky-no-gssapi
...
@@ -810,6 +808,9 @@ test -f %{sysconfig_anaconda} && \
...
@@ -810,6 +808,9 @@ test -f %{sysconfig_anaconda} && \
%endif
%endif
%changelog
%changelog
* Mon Jul 08 2024 Solar Designer <solar@openwall.com> 8.7p1-38.1.el9_4.security.0.6
- Rebase on 8.7p1-38.1
* Mon Jul 01 2024 Solar Designer <solar@openwall.com> 8.7p1-38.el9_4.security.0.5
* Mon Jul 01 2024 Solar Designer <solar@openwall.com> 8.7p1-38.el9_4.security.0.5
- Fix CVE-2024-6387 regreSSHion
- Fix CVE-2024-6387 regreSSHion
...
@@ -837,6 +838,10 @@ test -f %{sysconfig_anaconda} && \
...
@@ -837,6 +838,10 @@ test -f %{sysconfig_anaconda} && \
child process to avoid polluting actual sshd's address space with that
child process to avoid polluting actual sshd's address space with that
library and its many dependencies (shortens "ldd sshd" from 28 to 20 lines)
library and its many dependencies (shortens "ldd sshd" from 28 to 20 lines)
* Fri Jun 28 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38.1
- Possible remote code execution due to a race condition (CVE-2024-6387)
Resolves: RHEL-45347
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
- Fix Terrapin attack
- Fix Terrapin attack
Resolves: CVE-2023-48795
Resolves: CVE-2023-48795
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
