From patchwork Mon Dec 19 16:27:51 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gustavo Zacarias X-Patchwork-Id: 707149 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3tj5tz5Tzqz9t1b for ; Tue, 20 Dec 2016 03:28:11 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=zacarias.com.ar header.i=@zacarias.com.ar header.b="U9y1sve2"; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 3DEBC88D42; Mon, 19 Dec 2016 16:28:09 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H2pL6yOUXwgL; Mon, 19 Dec 2016 16:28:05 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id B046388CD2; Mon, 19 Dec 2016 16:28:05 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 788861BFBC8 for ; Mon, 19 Dec 2016 16:28:03 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 72CC28591C for ; Mon, 19 Dec 2016 16:28:03 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dHY0q2oHfo3C for ; Mon, 19 Dec 2016 16:28:01 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.zacarias.com.ar (www.zacarias.com.ar [176.9.42.171]) by whitealder.osuosl.org (Postfix) with ESMTPS id 82717858D8 for ; Mon, 19 Dec 2016 16:28:01 +0000 (UTC) Received: from asgard (cpe-190-55-196-87.telecentro-reversos.com.ar [190.55.196.87] (may be forged)) (authenticated bits=0) by www.zacarias.com.ar (8.15.2/8.15.2) with ESMTPSA id uBJGRrK3003828 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 19 Dec 2016 16:27:56 GMT DMARC-Filter: OpenDMARC Filter v1.3.1 www.zacarias.com.ar uBJGRrK3003828 Authentication-Results: zacarias.com.ar; dmarc=fail header.from=zacarias.com.ar Authentication-Results: zacarias.com.ar; spf=pass smtp.mailfrom=gustavo@zacarias.com.ar DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=zacarias.com.ar; s=dkey; t=1482164877; bh=+C5n+h/VN4rEHZMecxya2TRtF+AKm3Ra6P38ce7awXU=; h=From:To:Cc:Subject:Date; b=U9y1sve2E2uNAEGctPwMcQ078azpG/zvhMYfrEDXGY9iyWwyEF4ZMWJzFI0HzGfIp o2tkeAzGnYLl9Fg7vVPPgWE57ersMNDweQ7zFGd90ytHdyQAp8ECvsz80elMpZUer9 hWTFPzBxa12BT5zvxVGTstFugh0FIWJDc/4/FtwU= Received: by asgard (sSMTP sendmail emulation); Mon, 19 Dec 2016 13:27:51 -0300 From: Gustavo Zacarias To: buildroot@busybox.net Date: Mon, 19 Dec 2016 13:27:51 -0300 Message-Id: <20161219162751.19992-1-gustavo@zacarias.com.ar> X-Mailer: git-send-email 2.10.2 X-Virus-Scanned: clamav-milter 0.99 at www X-Virus-Status: Clean Subject: [Buildroot] [PATCH] openssh: bump to version 7.4p1 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Drop upstream patch. Signed-off-by: Gustavo Zacarias --- package/openssh/0003-fix-CVE-2016-8858.patch | 31 ---------------------------- package/openssh/openssh.hash | 4 ++-- package/openssh/openssh.mk | 2 +- 3 files changed, 3 insertions(+), 34 deletions(-) delete mode 100644 package/openssh/0003-fix-CVE-2016-8858.patch diff --git a/package/openssh/0003-fix-CVE-2016-8858.patch b/package/openssh/0003-fix-CVE-2016-8858.patch deleted file mode 100644 index 4ba1cfd..0000000 --- a/package/openssh/0003-fix-CVE-2016-8858.patch +++ /dev/null @@ -1,31 +0,0 @@ -From ec165c392ca54317dbe3064a8c200de6531e89ad Mon Sep 17 00:00:00 2001 -From: "markus@openbsd.org" -Date: Mon, 10 Oct 2016 19:28:48 +0000 -Subject: [PATCH] upstream commit - -Unregister the KEXINIT handler after message has been -received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause -allocation of up to 128MB -- until the connection is closed. Reported by -shilei-c at 360.cn - -Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05 - -Signed-off-by: Baruch Siach ---- -Patch status: upstream - - kex.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/kex.c b/kex.c -index 3f97f8c..6a94bc5 100644 ---- a/kex.c -+++ b/kex.c -@@ -481,6 +481,7 @@ kex_input_kexinit(int type, u_int32_t seq, void *ctxt) - if (kex == NULL) - return SSH_ERR_INVALID_ARGUMENT; - -+ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL); - ptr = sshpkt_ptr(ssh, &dlen); - if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) - return r; diff --git a/package/openssh/openssh.hash b/package/openssh/openssh.hash index 9a5ffd6..09010d3 100644 --- a/package/openssh/openssh.hash +++ b/package/openssh/openssh.hash @@ -1,3 +1,3 @@ # Locally calculated after checking pgp signature -# Also from http://www.openssh.com/txt/release-7.3 -sha256 3ffb989a6dcaa69594c3b550d4855a5a2e1718ccdde7f5e36387b424220fbecc openssh-7.3p1.tar.gz +# Also from http://www.openssh.com/txt/release-7.4 +sha256 1b1fc4a14e2024293181924ed24872e6f2e06293f3e8926a376b8aec481f19d1 openssh-7.4p1.tar.gz diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index ce85513..dd8350b 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -4,7 +4,7 @@ # ################################################################################ -OPENSSH_VERSION = 7.3p1 +OPENSSH_VERSION = 7.4p1 OPENSSH_SITE = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable OPENSSH_LICENSE = BSD-3c BSD-2c Public Domain OPENSSH_LICENSE_FILES = LICENCE