From: sana kazi <[email protected]> Added patch to fix CVE-2021-28041.
Link: http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_8.2p1-4ubuntu0.3.debian.tar.xz Signed-off-by: Sana Kazi <[email protected]> Signed-off-by: Sana Kazi <[email protected]> Signed-off-by: Steve Sakoman <[email protected]> --- .../openssh/openssh/CVE-2021-28041.patch | 20 +++++++++++++++++++ .../openssh/openssh_8.2p1.bb | 1 + 2 files changed, 21 insertions(+) create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch new file mode 100644 index 0000000000..9fd7e932d1 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch @@ -0,0 +1,20 @@ +Description: fix double-free memory corruption in ssh-agent +Author: Marc Deslauriers <[email protected]> +Origin: minimal fix for https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db + +Signed-off-by: Sana Kazi <[email protected]> + +CVE: CVE-2021-28041 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_8.2p1-4ubuntu0.3.debian.tar.xz] +Comment: No change in any hunk + +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -496,6 +496,7 @@ process_add_identity(SocketEntry *e) + goto err; + } + free(ext_name); ++ ext_name = NULL; + break; + default: + error("%s: Unknown constraint %d", __func__, ctype); diff --git a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index 64a0a72a8f..5f03bdc877 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -25,6 +25,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ file://CVE-2020-14145.patch \ + file://CVE-2021-28041.patch \ " SRC_URI[md5sum] = "3076e6413e8dbe56d33848c1054ac091" SRC_URI[sha256sum] = "43925151e6cf6cee1450190c0e9af4dc36b41c12737619edff8bcebdff64e671" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#156595): https://lists.openembedded.org/g/openembedded-core/message/156595 Mute This Topic: https://lists.openembedded.org/mt/86067657/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
