From b9d68e7db41c2875307d99af4bef5b5735efbd80 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Jan 14 2015 15:48:32 +0000 Subject: Fix config parser for ip:port values (#1130733) --- diff --git a/openssh-6.6.1p1-ip-port-config-parser.patch b/openssh-6.6.1p1-ip-port-config-parser.patch new file mode 100644 index 0000000..d2746bf --- /dev/null +++ b/openssh-6.6.1p1-ip-port-config-parser.patch @@ -0,0 +1,24 @@ +diff --git a/misc.c b/misc.c +index 2f11de4..36402d1 100644 +--- a/misc.c ++++ b/misc.c +@@ -396,7 +396,7 @@ hpdelim(char **cp) + return NULL; + else + s++; +- } else if ((s = strpbrk(s, ":/")) == NULL) ++ } else if ((s = strpbrk(s, ":")) == NULL) + s = *cp + strlen(*cp); /* skip to end (see first case below) */ + + switch (*s) { +@@ -405,7 +405,6 @@ hpdelim(char **cp) + break; + + case ':': +- case '/': + *s = '\0'; /* terminate */ + *cp = s + 1; + break; +-- +2.1.0 + diff --git a/openssh.spec b/openssh.spec index 7e4cf7c..27c3336 100644 --- a/openssh.spec +++ b/openssh.spec @@ -218,6 +218,8 @@ Patch917: openssh-6.6.1p1-cisco-dh-keys.patch Patch918: openssh-6.6.1p1-log-in-chroot.patch # scp file into non-existing directory (#1142223) Patch919: openssh-6.6.1p1-scp-non-existing-directory.patch +# Config parser shouldn't accept ip/port syntax (#1130733) +Patch920: openssh-6.6.1p1-ip-port-config-parser.patch License: BSD Group: Applications/Internet @@ -430,6 +432,7 @@ popd %patch917 -p1 -b .cisco-dh %patch918 -p1 -b .log-in-chroot %patch919 -p1 -b .scp +%patch920 -p1 -b .config %patch200 -p1 -b .audit %patch201 -p1 -b .audit-fps