From e2e6f6fe07049f33cb6348780fa975162752e421 Mon Sep 17 00:00:00 2001
From: Adrian Dudau <adrian.dudau@enea.com>
Date: Thu, 12 Dec 2013 13:38:32 +0100
Subject: initial commit of Enea Linux 3.1

Migrated from the internal git server on the dora-enea branch

Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
---
 .../openssh-6.2p2/openssh-CVE-2011-4327.patch      | 29 ++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 meta/recipes-connectivity/openssh/openssh-6.2p2/openssh-CVE-2011-4327.patch

(limited to 'meta/recipes-connectivity/openssh/openssh-6.2p2/openssh-CVE-2011-4327.patch')

diff --git a/meta/recipes-connectivity/openssh/openssh-6.2p2/openssh-CVE-2011-4327.patch b/meta/recipes-connectivity/openssh/openssh-6.2p2/openssh-CVE-2011-4327.patch
new file mode 100644
index 0000000000..30c11cf432
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh-6.2p2/openssh-CVE-2011-4327.patch
@@ -0,0 +1,29 @@
+openssh-CVE-2011-4327
+
+A security flaw was found in the way ssh-keysign,
+a ssh helper program for host based authentication,
+attempted to retrieve enough entropy information on configurations that
+lacked a built-in entropy pool in OpenSSL (a ssh-rand-helper program would
+be executed to retrieve the entropy from the system environment).
+A local attacker could use this flaw to obtain unauthorized access to host keys
+via ptrace(2) process trace attached to the 'ssh-rand-helper' program.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4327
+http://www.openssh.com/txt/portable-keysign-rand-helper.adv
+
+Upstream-Status: Pending
+
+Signed-off-by: Li Wang <li.wang@windriver.com>
+--- a/ssh-keysign.c
++++ b/ssh-keysign.c
+@@ -170,6 +170,10 @@
+ 	key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
+ 	key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);
+ 	key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
++	if (fcntl(key_fd[0], F_SETFD, FD_CLOEXEC) != 0 ||
++	    fcntl(key_fd[1], F_SETFD, FD_CLOEXEC) != 0 ||
++	    fcntl(key_fd[2], F_SETFD, FD_CLOEXEC) != 0)
++		fatal("fcntl failed");
+ 
+ 	original_real_uid = getuid();	/* XXX readconf.c needs this */
+ 	if ((pw = getpwuid(original_real_uid)) == NULL)
-- 
cgit v1.2.3-54-g00ecf