Fix CVE-2024-39894
This commit is contained in:
bitianyuan
parent
c2dd1c747c
commit
a92e8b17c1
33
backport-fix-CVE-2024-39894.patch
Normal file
33
backport-fix-CVE-2024-39894.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From 146c420d29d055cc75c8606327a1cf8439fe3a08 Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Mon, 1 Jul 2024 04:31:17 +0000
|
||||
Subject: upstream: when sending ObscureKeystrokeTiming chaff packets, we
|
||||
|
||||
can't rely on channel_did_enqueue to tell that there is data to send. This
|
||||
flag indicates that the channels code enqueued a packet on _this_ ppoll()
|
||||
iteration, not that data was enqueued in _any_ ppoll() iteration in the
|
||||
timeslice. ok markus@
|
||||
|
||||
OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136
|
||||
---
|
||||
clientloop.c | 5 ++++---
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/clientloop.c b/clientloop.c
|
||||
index 0b6f3c9b..8ed8b1c3 100644
|
||||
--- a/clientloop.c
|
||||
+++ b/clientloop.c
|
||||
@@ -607,8 +607,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout,
|
||||
if (timespeccmp(&now, &chaff_until, >=)) {
|
||||
/* Stop if there have been no keystrokes for a while */
|
||||
stop_reason = "chaff time expired";
|
||||
- } else if (timespeccmp(&now, &next_interval, >=)) {
|
||||
- /* Otherwise if we were due to send, then send chaff */
|
||||
+ } else if (timespeccmp(&now, &next_interval, >=) &&
|
||||
+ !ssh_packet_have_data_to_write(ssh)) {
|
||||
+ /* If due to send but have no data, then send chaff */
|
||||
if (send_chaff(ssh))
|
||||
nchaff++;
|
||||
}
|
||||
--
|
||||
cgit v1.2.3
|
||||
10
openssh.spec
10
openssh.spec
@ -6,7 +6,7 @@
|
||||
%{?no_gtk2:%global gtk2 0}
|
||||
|
||||
%global sshd_uid 74
|
||||
%global openssh_release 3
|
||||
%global openssh_release 4
|
||||
|
||||
Name: openssh
|
||||
Version: 9.6p1
|
||||
@ -110,6 +110,7 @@ Patch69: backport-upstream-Fix-proxy-multiplexing-O-proxy-bug.patch
|
||||
Patch70: backport-upstream-make-parsing-user-host-consistently-look-for-the-last-in.patch
|
||||
Patch71: backport-upstream-Do-not-apply-authorized_keys-options-when-signature.patch
|
||||
Patch72: backport-upstream-some-extra-paranoia.patch
|
||||
Patch73: backport-fix-CVE-2024-39894.patch
|
||||
|
||||
Requires: /sbin/nologin
|
||||
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
|
||||
@ -266,6 +267,7 @@ popd
|
||||
%patch -P 70 -p1
|
||||
%patch -P 71 -p1
|
||||
%patch -P 72 -p1
|
||||
%patch -P 73 -p1
|
||||
|
||||
autoreconf
|
||||
pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4
|
||||
@ -497,6 +499,12 @@ fi
|
||||
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
||||
|
||||
%changelog
|
||||
* Fri Feb 7 2025 bitianyuan <bitianyuan@huawei.com> - 9.6p1-4
|
||||
- Type:CVE
|
||||
- CVE:CVE-2024-39894
|
||||
- SUG:NA
|
||||
- DESC:Fix CVE-2024-39894
|
||||
|
||||
* Mon Dec 23 2024 bitianyuan <bitianyuan@huawei.com> - 9.6p1-3
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user