From 1edce7e6bfedb27a163f35bcacab620a703408ac Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Jan 14 2016 19:51:37 +0000
Subject: import openssh-6.6.1p1-23.el7_2


---

diff --git a/SOURCES/openssh-6.6p1-disable-roaming.patch b/SOURCES/openssh-6.6p1-disable-roaming.patch
new file mode 100644
index 0000000..0e71113
--- /dev/null
+++ b/SOURCES/openssh-6.6p1-disable-roaming.patch
@@ -0,0 +1,22 @@
+diff -up openssh-6.6p1/readconf.c.roaming openssh-6.6p1/readconf.c
+--- openssh-6.6p1/readconf.c.roaming	2016-01-13 15:42:00.423573980 +0100
++++ openssh-6.6p1/readconf.c	2016-01-13 15:43:03.565529448 +0100
+@@ -1608,7 +1608,7 @@ initialize_options(Options * options)
+ 	options->tun_remote = -1;
+ 	options->local_command = NULL;
+ 	options->permit_local_command = -1;
+-	options->use_roaming = -1;
++	options->use_roaming = 0;
+ 	options->visual_host_key = -1;
+ 	options->ip_qos_interactive = -1;
+ 	options->ip_qos_bulk = -1;
+@@ -1783,8 +1783,7 @@ fill_default_options(Options * options)
+ 		options->tun_remote = SSH_TUNID_ANY;
+ 	if (options->permit_local_command == -1)
+ 		options->permit_local_command = 0;
+-	if (options->use_roaming == -1)
+-		options->use_roaming = 1;
++	options->use_roaming = 0;
+ 	if (options->visual_host_key == -1)
+ 		options->visual_host_key = 0;
+ 	if (options->ip_qos_interactive == -1)
diff --git a/SPECS/openssh.spec b/SPECS/openssh.spec
index 22c77f1..7bedbaf 100644
--- a/SPECS/openssh.spec
+++ b/SPECS/openssh.spec
@@ -64,7 +64,7 @@
 
 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
 %define openssh_ver 6.6.1p1
-%define openssh_rel 22
+%define openssh_rel 23
 %define pam_ssh_agent_ver 0.9.3
 %define pam_ssh_agent_rel 9
 
@@ -243,6 +243,9 @@ Patch928: openssh-6.6p1-gssKexAlgorithms.patch
 #  Privilege separation weakness related to PAM support
 #  Use-after-free bug related to PAM support
 Patch929: openssh-6.6p1-security-7.0.patch
+# Disable completely Roaming feature on client (#1298218) (#1298217)
+# Mitigates CVE-2016-0777 and CVE-2016-0778
+Patch930: openssh-6.6p1-disable-roaming.patch
 
 
 License: BSD
@@ -477,6 +480,7 @@ popd
 %patch927 -p1 -b .xsecurity
 %patch928 -p1 -b .gsskexalg
 %patch929 -p1 -b .security7
+%patch930 -p1 -b .roaming
 
 %patch200 -p1 -b .audit
 %patch201 -p1 -b .audit-fps
@@ -801,6 +805,10 @@ getent passwd sshd >/dev/null || \
 %endif
 
 %changelog
+* Wed Jan 13 2016 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-23 + 0.9.3-9
+- Disable undocumented feauture Roaming for good (#1298218)
+- prevents CVE-2016-0777 and CVE-2016-0778
+
 * Fri Sep 25 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-22 + 0.9.3-9
 - Use the correct constant for glob limits (#1160377)