Date: Sunday, March 9, 2014 @ 17:42:55 Author: bpiotrowski Revision: 207451
upgpkg: libssh 0.5.5-3 fix CVE-2014-0017 Added: libssh/trunk/CVE-2014-0017.patch Modified: libssh/trunk/PKGBUILD ---------------------+ CVE-2014-0017.patch | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++ PKGBUILD | 9 ++++-- 2 files changed, 73 insertions(+), 3 deletions(-) Added: CVE-2014-0017.patch =================================================================== --- CVE-2014-0017.patch (rev 0) +++ CVE-2014-0017.patch 2014-03-09 16:42:55 UTC (rev 207451) @@ -0,0 +1,67 @@ +diff -rupN a/include/libssh/wrapper.h b/include/libssh/wrapper.h +--- a/include/libssh/wrapper.h 2013-07-26 06:39:39.000000000 +0000 ++++ b/include/libssh/wrapper.h 2014-03-09 16:38:49.807812235 +0000 +@@ -44,5 +44,6 @@ int crypt_set_algorithms_server(ssh_sess + struct ssh_crypto_struct *crypto_new(void); + void crypto_free(struct ssh_crypto_struct *crypto); + ++void ssh_reseed(void); + + #endif /* WRAPPER_H_ */ +diff -rupN a/src/bind.c b/src/bind.c +--- a/src/bind.c 2013-07-26 06:39:39.000000000 +0000 ++++ b/src/bind.c 2014-03-09 16:39:00.571080087 +0000 +@@ -375,6 +375,7 @@ int ssh_bind_accept(ssh_bind sshbind, ss + session->dsa_key = dsa; + session->rsa_key = rsa; + ++ ssh_reseed(); + return SSH_OK; + } + +diff -rupN a/src/libcrypto.c b/src/libcrypto.c +--- a/src/libcrypto.c 2013-07-26 06:39:39.000000000 +0000 ++++ b/src/libcrypto.c 2014-03-09 16:40:07.807331327 +0000 +@@ -23,6 +23,7 @@ + #include <stdlib.h> + #include <stdio.h> + #include <string.h> ++#include <sys/time.h> + + #include "libssh/priv.h" + #include "libssh/session.h" +@@ -38,6 +39,8 @@ + #include <openssl/rsa.h> + #include <openssl/hmac.h> + #include <openssl/opensslv.h> ++#include <openssl/rand.h> ++ + #ifdef HAVE_OPENSSL_AES_H + #define HAS_AES + #include <openssl/aes.h> +@@ -66,6 +69,12 @@ static int alloc_key(struct crypto_struc + return 0; + } + ++void ssh_reseed(void) { ++ struct timeval tv; ++ gettimeofday(&tv, NULL); ++ RAND_add(&tv, sizeof(tv), 0.0); ++} ++ + SHACTX sha1_init(void) { + SHACTX c = malloc(sizeof(*c)); + if (c == NULL) { +diff -rupN a/src/libgcrypt.c b/src/libgcrypt.c +--- a/src/libgcrypt.c 2013-07-26 06:39:39.000000000 +0000 ++++ b/src/libgcrypt.c 2014-03-09 16:40:51.730392881 +0000 +@@ -41,6 +41,9 @@ static int alloc_key(struct crypto_struc + return 0; + } + ++void ssh_reseed(void) { ++ } ++ + SHACTX sha1_init(void) { + SHACTX ctx = NULL; + gcry_md_open(&ctx, GCRY_MD_SHA1, 0); Modified: PKGBUILD =================================================================== --- PKGBUILD 2014-03-09 13:38:52 UTC (rev 207450) +++ PKGBUILD 2014-03-09 16:42:55 UTC (rev 207451) @@ -6,7 +6,7 @@ pkgname=libssh pkgver=0.5.5 -pkgrel=2 +pkgrel=3 pkgdesc="Library for accessing ssh client services through C libraries" url="http://www.libssh.org/" license=('LGPL') @@ -15,10 +15,12 @@ makedepends=('cmake' 'doxygen') source=(https://red.libssh.org/attachments/download/51/${pkgname}-${pkgver}.tar.gz 0004-reset-global-request-status.patch - 0005-multi-reverse-fwd.patch) + 0005-multi-reverse-fwd.patch + CVE-2014-0017.patch) md5sums=('bb308196756c7255c0969583d917136b' '0d8c28906b07e31466157b1fda441f4a' - '6fa3a1a4f448e85a7eb39360f4a72ce9') + '6fa3a1a4f448e85a7eb39360f4a72ce9' + '2eddf36e41adf62e4094f17b64d466e0') prepare() { cd ${pkgname}-${pkgver} @@ -26,6 +28,7 @@ # see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736231 patch -Np1 -i ${srcdir}/0004-reset-global-request-status.patch patch -Np1 -i ${srcdir}/0005-multi-reverse-fwd.patch + patch -Np1 -i ${srcdir}/CVE-2014-0017.patch } build() {