New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net-misc/openssh: Upstream fix for CVE-2021-41617 for v8.5 #22961
base: master
Are you sure you want to change the base?
Conversation
Pull Request assignmentSubmitter: @hector-gao net-misc/openssh: @gentoo/base-system Linked bugsNo bugs to link found. If your pull request references any of the Gentoo bug reports, please add appropriate GLEP 66 tags to the commit message and request reassignment. If you do not receive any reply to this pull request, please open or link a bug to attract the attention of maintainers. Missing GCO sign-offPlease read the terms of Gentoo Certificate of Origin and acknowledge them by adding a sign-off to all your commits. In order to force reassignment and/or bug reference scan, please append Docs: Code of Conduct ● Copyright policy (expl.) ● Devmanual ● GitHub PRs ● Proxy-maint guide |
Pull request CI reportReport generated at: 2021-11-15 19:25 UTC There are existing issues already. Please look into the report to make sure none of them affect the packages in question: |
Pull request CI reportReport generated at: 2021-11-15 19:55 UTC There are existing issues already. Please look into the report to make sure none of them affect the packages in question: |
@@ -132,6 +132,7 @@ src_prepare() { | |||
eapply "${FILESDIR}"/${PN}-7.5_p1-disable-conch-interop-tests.patch | |||
eapply "${FILESDIR}"/${PN}-8.0_p1-fix-putty-tests.patch | |||
eapply "${FILESDIR}"/${PN}-8.0_p1-deny-shmget-shmat-shmdt-in-preauth-privsep-child.patch | |||
eapply "${FILESDIR}"/${PN}-8.7p1-upstream-cve-2021-41617.patch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There’s a typo in the actual patch file name so this won’t apply
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just fixed the patch name. Thank you!
Pull request CI reportReport generated at: 2021-11-15 21:45 UTC There are existing issues already. Please look into the report to make sure none of them affect the packages in question: |
Upstream fix: openssh/openssh-portable@f3cbe43 openssh/openssh-portable@bf944e3 Signed-off-by: He Gao <hegao@google.com>
Pull request CI reportReport generated at: 2021-11-24 01:35 UTC There are existing issues already. Please look into the report to make sure none of them affect the packages in question: |
The fedora patch at https://src.fedoraproject.org/rpms/openssh/blob/f33/f/openssh-8.7p1-upstream-cve-2021-41617.patch applies to auth.c. However, the target function of the upstream fix is in misc.c. So I created a patch on branch V_8_5 with the same change. |
Patch source: https://src.fedoraproject.org/rpms/openssh/blob/f33/f/openssh-8.7p1-upstream-cve-2021-41617.patch