diff options
author | Chen Qi <Qi.Chen@windriver.com> | 2014-05-13 15:46:26 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-05-13 19:32:06 +0100 |
commit | fbf63c30c89b39e0b021af6708c53a24f43fe786 (patch) | |
tree | 89a830980f220f02d526c3ba4e764513e469c685 /meta/recipes-connectivity/openssh/openssh | |
parent | 939fce4d98c3ee603742250dd39b9b9f4f20825b (diff) | |
download | poky-fbf63c30c89b39e0b021af6708c53a24f43fe786.tar.gz |
openssh: fix for CVE-2014-2532
sshd in OpenSSH before 6.6 does not properly support wildcards on
AcceptEnv lines in sshd_config, which allows remote attackers to
bypass intended environment restrictions by using a substring located
before a wildcard character.
(From OE-Core rev: a8d3b8979c27a8dc87971b66a1d9d9282f660596)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch b/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch new file mode 100644 index 0000000000..3deaf3f0e9 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch | |||
@@ -0,0 +1,22 @@ | |||
1 | Upstream-Status: Backport | ||
2 | |||
3 | Fix for CVE-2014-2532 | ||
4 | |||
5 | Backported from openssh-6.6p1.tar.gz | ||
6 | |||
7 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
8 | --- | ||
9 | --- a/session.c | ||
10 | +++ b/session.c | ||
11 | @@ -955,6 +955,11 @@ | ||
12 | u_int envsize; | ||
13 | u_int i, namelen; | ||
14 | |||
15 | + if (strchr(name, '=') != NULL) { | ||
16 | + error("Invalid environment variable \"%.100s\"", name); | ||
17 | + return; | ||
18 | + } | ||
19 | + | ||
20 | /* | ||
21 | * If we're passed an uninitialized list, allocate a single null | ||
22 | * entry before continuing. | ||